www.btolat.com Open in urlscan Pro
2606:4700:3038::6815:eb96 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.btolat.com/
Submission: On February 02 via api (February 2nd 2024, 4:56:00 pm UTC) from US — Scanned from US

Summary HTTP 413 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 63 IPs in 4 countries across 52 domains to perform 413 HTTP transactions. The main IP is 2606:4700:3038::6815:eb96, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.btolat.com.
TLS certificate: Issued by GTS CA 1P5 on January 10th 2024. Valid for: 3 months.

This is the only time www.btolat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
77	2606:4700:303... 2606:4700:3038::6815:eb96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f03... 2a03:2880:f03f:1c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2606:4700::68... 2606:4700::6812:d841	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::ac43:9d6e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f13... 2a03:2880:f13f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3033::6815:5ea5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:80b::200e	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3032::ac43:b2aa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.138.128.34 108.138.128.34	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:21e... 2600:9000:21ea:c600:10:dd8:5e40:93a1	16509 (AMAZON-02) (AMAZON-02)
57	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
7	2607:f8b0:400... 2607:f8b0:4006:822::2001	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
1	18.211.142.103 18.211.142.103	14618 (AMAZON-AES) (AMAZON-AES)
9	68.71.249.118 68.71.249.118	46562 (PERFORMIVE) (PERFORMIVE)
7	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
23	2607:f8b0:400... 2607:f8b0:4006:817::2001	15169 (GOOGLE) (GOOGLE)
3	2600:9000:21d... 2600:9000:21da:800:5:c4ab:c3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2620:116:800b... 2620:116:800b:21:4cb8:1820:80ca:50f7	14618 (AMAZON-AES) (AMAZON-AES)
3 4	68.67.179.155 68.67.179.155	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	162.248.18.32 162.248.18.32	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 10	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
1 1	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	8.28.7.84 8.28.7.84	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2607:f350:3:2... 2607:f350:3:2569:0:10:0:200c	27630 (AS-XFERNET) (AS-XFERNET)
1 1	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2603:c020:400... 2603:c020:400d:3000:b5b3:7157:5b47:80e4	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 1	8.2.110.161 8.2.110.161	46636 (NATCOWEB) (NATCOWEB)
6	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
7	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
38	2620:100:a001::9 2620:100:a001::9	19750 (AS-CRITEO) (AS-CRITEO)
15	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
1	198.148.27.131 198.148.27.131	19189 (PULSEPOINT) (PULSEPOINT)
6	34.149.20.76 34.149.20.76	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.36.115.111 104.36.115.111	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2602:803:c002... 2602:803:c002:200::32	26667 (RUBICONPR...) (RUBICONPROJECT)
1	74.119.119.129 74.119.119.129	19750 (AS-CRITEO) (AS-CRITEO)
4	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
14	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21d... 2600:9000:21dd:4800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:821::2004	15169 (GOOGLE) (GOOGLE)
2	34.227.136.147 34.227.136.147	14618 (AMAZON-AES) (AMAZON-AES)
4	2600:9000:210... 2600:9000:210b:f400:d:c38f:29c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.117.239.71 34.117.239.71	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.234.202.79 34.234.202.79	14618 (AMAZON-AES) (AMAZON-AES)
1	18.160.41.11 18.160.41.11	16509 (AMAZON-02) (AMAZON-02)
3 19	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f14:b4f... 2600:1f14:b4f:4b01:7091:955:d445:d0bb	16509 (AMAZON-02) (AMAZON-02)
3	52.207.14.250 52.207.14.250	14618 (AMAZON-AES) (AMAZON-AES)
3 4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a02:6bb3:3cd1:d7e4:6108	14618 (AMAZON-AES) (AMAZON-AES)
3 3	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
2 2	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
2	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	2606:4700::68... 2606:4700::6811:3663	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	68.71.249.120 68.71.249.120	46562 (PERFORMIVE) (PERFORMIVE)
1 2	35.244.193.51 35.244.193.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2606:4700::68... 2606:4700::6812:19ad	() ()
1 1	2600:9000:220... 2600:9000:2209:3a00:1b:5138:8a40:93a1	() ()
1	23.105.12.136 23.105.12.136	() ()
1 1	82.145.213.8 82.145.213.8	() ()
2 2	64.74.236.255 64.74.236.255	() ()
1 2	23.51.57.155 23.51.57.155	() ()
1 1	104.126.118.233 104.126.118.233	() ()
413	63

77 2606:4700:3038::6815:eb96 (United States)

ASN13335 (CLOUDFLARENET, US)

www.btolat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.btolat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.btolat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f03f:1c:face:b00c:0:3 (Düsseldorf, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:d841 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nhwimp.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:9d6e (United States)

ASN13335 (CLOUDFLARENET, US)

pahtuo.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f13f:83:face:b00c:0:25de (Düsseldorf, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:5ea5 (United States)

ASN13335 (CLOUDFLARENET, US)

palibzh.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:b2aa (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.exitbee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-34.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ea:c600:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:822::2001 (United States)

ASN15169 (GOOGLE, US)

60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:817::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.142.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-142-103.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 68.71.249.118 (United States)

ASN46562 (PERFORMIVE, US)

udmserve.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2607:f8b0:4006:817::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21da:800:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

bid.underdog.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800b:21:4cb8:1820:80ca:50f7 (United States)

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.179.155 (North Bergen, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.248.18.32 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.251.41.2 (Queens, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.248.18.37 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.84 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.225.218.10 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f350:3:2569:0:10:0:200c (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.142 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-west.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:c020:400d:3000:b5b3:7157:5b47:80e4 (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.110.161 (United States) 1 redirects

ASN46636 (NATCOWEB, US)

cm-x.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2620:100:a001::9 (United States)

ASN19750 (AS-CRITEO, US)

imageproxy.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)

bid.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.149.20.76 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

underdogmedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:80d::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21dd:4800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.227.136.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-136-147.compute-1.amazonaws.com

q.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:210b:f400:d:c38f:29c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com

lbs-event.gcp.lineate-33x.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.234.202.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-202-79.compute-1.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.41.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-11.iad55.r.cloudfront.net

pix.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 52.223.22.214 (Seattle, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:b4f:4b01:7091:955:d445:d0bb (Boardman, United States)

ASN16509 (AMAZON-02, US)

ipv6.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.207.14.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-14-250.compute-1.amazonaws.com

adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (Seattle, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a02:6bb3:3cd1:d7e4:6108 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.49 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:3663 (United States)

ASN13335 (CLOUDFLARENET, US)

nh.iz.do	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.71.249.120 (United States)

ASN46562 (PERFORMIVE, US)
PTR: underdogmedia.com

edge.udmserve.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.193.51 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (None, ) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2209:3a00:1b:5138:8a40:93a1 (None, ) 1 redirects

ASN- ()

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.136 (None, )

ASN- ()

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (None, ) 1 redirects

ASN- ()

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.255 (None, ) 2 redirects

ASN- ()

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.51.57.155 (None, ) 1 redirects

ASN- ()

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.126.118.233 (None, ) 1 redirects

ASN- ()

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
110	criteo.net static.criteo.net — Cisco Umbrella Rank: 657 imageproxy.us.criteo.net — Cisco Umbrella Rank: 3202 csm.us.criteo.net — Cisco Umbrella Rank: 3277	868 KB
77	btolat.com www.btolat.com static.btolat.com img.btolat.com — Cisco Umbrella Rank: 543672	2 MB
44	googlesyndication.com 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157 pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	282 KB
39	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	362 KB
25	3lift.com 3 redirects ib.3lift.com — Cisco Umbrella Rank: 1863 tlx.3lift.com — Cisco Umbrella Rank: 581 eb2.3lift.com — Cisco Umbrella Rank: 412	73 KB
23	criteo.com ads.us.criteo.com — Cisco Umbrella Rank: 3179 rtb.va.us.criteo.com — Cisco Umbrella Rank: 6801 cat.va.us.criteo.com — Cisco Umbrella Rank: 3347 bidder.criteo.com — Cisco Umbrella Rank: 679 dis.criteo.com — Cisco Umbrella Rank: 608 widget.va.us.criteo.com — Cisco Umbrella Rank: 6253	359 KB
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143 www.google.com — Cisco Umbrella Rank: 2	71 KB
10	udmserve.net udmserve.net — Cisco Umbrella Rank: 3747 edge.udmserve.net — Cisco Umbrella Rank: 41007	11 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	584 KB
9	33across.com 1 redirects cdn-ima.33across.com — Cisco Umbrella Rank: 1299 ssc.33across.com — Cisco Umbrella Rank: 3877 lexicon.33across.com — Cisco Umbrella Rank: 1517	26 KB
7	adrta.com q.adrta.com — Cisco Umbrella Rank: 3685 pix.adrta.com — Cisco Umbrella Rank: 4538 ipv6.adrta.com — Cisco Umbrella Rank: 3893 adrta.com — Cisco Umbrella Rank: 2291	14 KB
6	pubmatic.com 5 redirects image8.pubmatic.com — Cisco Umbrella Rank: 664 image2.pubmatic.com — Cisco Umbrella Rank: 912 image4.pubmatic.com — Cisco Umbrella Rank: 1237 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459	2 KB
5	yahoo.com 3 redirects connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4267 ups.analytics.yahoo.com — Cisco Umbrella Rank: 358 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495	10 KB
5	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 17428 nhwimp.izooto.com — Cisco Umbrella Rank: 66656	101 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	95 KB
4	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 357	2 KB
4	openx.net underdogmedia-d.openx.net — Cisco Umbrella Rank: 33973	1 KB
4	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 490 ib.adnxs.com — Cisco Umbrella Rank: 253	4 KB
4	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1364 pixel.quantserve.com — Cisco Umbrella Rank: 1007	20 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 373	2 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	15 KB
3	underdog.media bid.underdog.media — Cisco Umbrella Rank: 27827	164 KB
2	teads.tv 1 redirects sync.teads.tv	605 B
2	zemanta.com 2 redirects b1sync.zemanta.com	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 583	1 KB
2	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1345	1 KB
2	rubiconproject.com 1 redirects pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 4763 fastlane.rubiconproject.com — Cisco Umbrella Rank: 520	3 KB
2	casalemedia.com 1 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497	1 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 bcp.crwdcntrl.net — Cisco Umbrella Rank: 898	12 KB
2	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1024	233 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	307 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	pangle-ads.com 1 redirects analytics.pangle-ads.com	1 KB
1	opera.com 1 redirects t.adx.opera.com	672 B
1	smartadserver.com rtb-csync.smartadserver.com	659 B
1	smaato.net 1 redirects s.ad.smaato.net	463 B
1	iz.do nh.iz.do — Cisco Umbrella Rank: 69056	597 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 349	630 B
1	lineate-33x.net lbs-event.gcp.lineate-33x.net — Cisco Umbrella Rank: 7389	289 B
1	contextweb.com bid.contextweb.com — Cisco Umbrella Rank: 4300	845 B
1	mgid.com 1 redirects cm-x.mgid.com — Cisco Umbrella Rank: 4115	561 B
1	technoratimedia.com 1 redirects sync.technoratimedia.com — Cisco Umbrella Rank: 1913	4 KB
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 976	643 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	902 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1833	8 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2253	1 KB
1	exitbee.com cdn.exitbee.com — Cisco Umbrella Rank: 43797	21 KB
1	palibzh.tech palibzh.tech — Cisco Umbrella Rank: 50371	103 KB
1	pahtuo.tech pahtuo.tech — Cisco Umbrella Rank: 316623	4 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	92 KB
0	cognativex.com Failed btolat-com.cognativex.com Failed
413	52

	Domain	Requested by
57	static.criteo.net	securepubads.g.doubleclick.net ads.us.criteo.com cdnjs.cloudflare.com static.criteo.net
50	img.btolat.com	www.btolat.com
38	imageproxy.us.criteo.net	ads.us.criteo.com
29	securepubads.g.doubleclick.net	www.btolat.com securepubads.g.doubleclick.net www.googletagservices.com 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com cdn.izooto.com
23	tpc.googlesyndication.com	60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.btolat.com
22	www.btolat.com	www.btolat.com
19	eb2.3lift.com	3 redirects ib.3lift.com eb2.3lift.com
15	csm.us.criteo.net	ads.us.criteo.com
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com www.btolat.com
10	cm.g.doubleclick.net	4 redirects eb2.3lift.com 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
10	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
9	udmserve.net	securepubads.g.doubleclick.net www.btolat.com bid.underdog.media
9	www.googletagservices.com	securepubads.g.doubleclick.net 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com www.btolat.com
7	cat.va.us.criteo.com	ads.us.criteo.com
7	ads.us.criteo.com	60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com ib.3lift.com www.btolat.com
7	60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	ssc.33across.com	bid.underdog.media
6	rtb.va.us.criteo.com	60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
5	static.btolat.com	www.btolat.com
5	connect.facebook.net	www.btolat.com connect.facebook.net
4	match.adsrvr.org	3 redirects bid.underdog.media
4	ib.3lift.com	bid.underdog.media ib.3lift.com www.btolat.com
4	underdogmedia-d.openx.net	bid.underdog.media
4	cdn.izooto.com	www.btolat.com cdn.izooto.com
3	x.bidswitch.net	3 redirects
3	adrta.com	pix.adrta.com
3	cdnjs.cloudflare.com	ads.us.criteo.com
3	ups.analytics.yahoo.com	2 redirects bid.underdog.media
3	image8.pubmatic.com	3 redirects
3	bid.underdog.media	udmserve.net bid.underdog.media
2	sync.teads.tv	1 redirects
2	b1sync.zemanta.com	2 redirects
2	lexicon.33across.com	1 redirects
2	ib.adnxs.com	1 redirects eb2.3lift.com
2	c1.adform.net	2 redirects
2	tlx.3lift.com	www.btolat.com
2	q.adrta.com	bid.underdog.media q.adrta.com
2	www.google.com	tpc.googlesyndication.com www.btolat.com
2	pixel.quantserve.com	www.btolat.com
2	rules.quantcount.com	secure.quantserve.com
2	ssum-sec.casalemedia.com	1 redirects www.btolat.com
2	secure.adnxs.com	2 redirects
2	secure.quantserve.com	udmserve.net
2	cdn.taboola.com	palibzh.tech cdn.taboola.com
2	www.google-analytics.com	www.googletagmanager.com
2	www.facebook.com	www.btolat.com connect.facebook.net
1	analytics.pangle-ads.com	1 redirects
1	t.adx.opera.com	1 redirects
1	rtb-csync.smartadserver.com
1	s.ad.smaato.net	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	nhwimp.izooto.com	cdn.izooto.com
1	edge.udmserve.net	bid.underdog.media
1	widget.va.us.criteo.com	ads.us.criteo.com
1	nh.iz.do	cdn.izooto.com
1	dis.criteo.com	eb2.3lift.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com	eb2.3lift.com
1	ipv6.adrta.com	pix.adrta.com
1	pix.adrta.com	q.adrta.com
1	lbs-event.gcp.lineate-33x.net	bid.underdog.media
1	bidder.criteo.com	bid.underdog.media
1	fastlane.rubiconproject.com	bid.underdog.media
1	hbopenbid.pubmatic.com	bid.underdog.media
1	bid.contextweb.com	bid.underdog.media
1	cm-x.mgid.com	1 redirects
1	sync.technoratimedia.com	1 redirects
1	pixel-us-west.rubiconproject.com	1 redirects
1	sync.go.sonobi.com	1 redirects
1	image4.pubmatic.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.exitbee.com	palibzh.tech
1	palibzh.tech	pahtuo.tech
1	pahtuo.tech	www.btolat.com
1	www.googletagmanager.com	www.btolat.com
0	btolat-com.cognativex.com Failed	www.btolat.com
413	84

This site contains links to these domains. Also see Links.

Domain
predict.btolat.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
login.btolat.com
content-ventures.com
www.izooto.com

Subject Issuer	Validity	Valid
btolat.com GTS CA 1P5	`2024-01-10` - `2024-04-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-11` - `2024-02-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-14` - `2024-05-13`	a year	crt.sh
pahtuo.tech GTS CA 1P5	`2023-12-19` - `2024-03-18`	3 months	crt.sh
palibzh.tech GTS CA 1P5	`2023-12-12` - `2024-03-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
exitbee.com GTS CA 1P5	`2023-12-11` - `2024-03-10`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2024-01-22` - `2024-04-22`	3 months	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2024-01-09` - `2024-07-04`	6 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
udmserve.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-30` - `2024-11-16`	10 months	crt.sh
*.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-12` - `2024-04-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
underdog.media DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-31` - `2024-11-20`	10 months	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.va.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-31` - `2024-05-01`	3 months	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-22`	3 months	crt.sh
*.contextweb.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-10` - `2024-05-09`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2023-12-25` - `2024-03-24`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.adrta.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-07` - `2024-07-23`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
lbs-event.gcp.lineate-33x.net GTS CA 1D4	`2023-12-23` - `2024-03-22`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://www.btolat.com/
Frame ID: 0C0679327F1FB0DF94615C4A0D7019F0
Requests: 178 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 5ABBA730EF3B2F8D68D14555E85E9C37
Requests: 1 HTTP requests in this frame

Frame: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A7B5D60CFD1E04B61F202A8AB799AF27
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_5RF3BJtu5jRahrc-jIHtvrvm77HT2c4pQzb0V4o6vDOQBnb1lcoqqXQybcgQTRzodOSsbBt9fTSU2nGzoN5ZTbx4P2IEbKp-VjLUZsgqBBa1ZEPpxLJvGugUZM1BoB8YHKLSbSSuG_DG53rOb7NpO3mRQ1jTiJRT5WL79RjTZJWebHA-9UdomU2XVbUdeG98_NoT4UNwOzcbcO2Ot15Uv6PnvvSJR6xDaMF8RfNVAcNgcCZm4YzIo3z6TG5iAqUaAkZoXmdHUzv56LCUBNHSKvbNsoSUhj0sSzfljmGHi7QHDag4CTGoedFvYfDAQKNfuyK2P89MrWnhLWKWlr9LPxDEGQ&sai=AMfl-YQF759KSydkmhd4bwzob-_cygIoree3Xr0Q2Ybzzuf2nQ3BDuFiMg7G9uMtTkbfI_oDSederIyTt5G-ZorbkWnu8QwtuNrxo34F0U4-ERutPhiROomBTwLZqCFwgfhe7j9SzuQO0W0_4KKTegXb8dwe&sig=Cg0ArKJSzK96F3xkxbHzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: E3CFF04C004585B8E86FBEAEC5B22C44
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtlJkWjLVq5meYjm5bjWjLxY4vd-MzNFODzEKmDvLWAhvqzIiyUYHroarTKQ_-nsXJNV87M-dZAXhQ1ZdKjkr7ScL1GcQjYq0GRKSstaFXynK4-pyShuENmbJx7-DbTdC-0K0UmCY9Kx1XKHm-jvr36pOz-26tWfHGh_T1mPLpdxcLEHT0dWZaxJcINPhIjhUqkFIvYPIXAXCwME7zK96pCt8j5mvydsvTwVBrJZ5K1XDGTyw3qrIelMEZFKa_Sgyw-NNSp-XspAeV_2F2WEM7uHjFIrOzFjzCn_z8t1epgZ1TLHvE_Bz4lmdhuiQYQfWuub2MCAnceZEeCsTr0638OmAOk6yo&sai=AMfl-YQrKSSX6jGiFa4PXlsqAjUiJQb-lISGjt4xZCKaUpX1Re8jpFB_V23SyGWqc-HEhgCgWlcmM8bmyJd5ejt5I1nz6psPaOjjcFD4kwi4HOmrY1jrGxgWUwcXewe4oV8&sig=Cg0ArKJSzNaI4qBFOsP2EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 7BC67F958ED87C95D6F230869F4A9B9B
Requests: 11 HTTP requests in this frame

Frame: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CA58DDC138E4DEC1BD4D62C0B7072A74
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0elgABCOcIg4rOAAdFmUZyMZAiU1fmjy_WpA&u=%7CkBYb1OrAxsmbcsCcleGkzrpppfw5%2Bezo9JKHrWAjobY%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPbZQiC09DurE6LvhJEVfnpona7yZr6CGip8a0O0VRnOfDVSJxtXdF-Lkz9iieRXRrJBPkIVjcuU6DcQ_nq6vR7qmXoYYy45uzCntxmvnFOcP6teFpbNOZfMm9iF77RtSP_nUM6WfytuG6ZrYWv3nxg39CkzhXDjp_QkdahDolBTPB_MR9ql-7pI06qNnH8R_C7dZA30LrONYUDt3zxe7Lcggqm7vvIo39FF8vphhD1eZulmaRlNTobHi_00Av83q4wF3cKMgnfDaZt2Cc5XlVHBrVDWwPBIKaOeKVAC3BQ30riXxe9FzbYYWx5HR-z9iy6HzjoO_I2wxaQN9jNONeVWTNbx9_Tby9tXJNsW593Xxj9W0Vuk5bSPr8KqIvsfjf1cZnLrhJSyklDGdFH8esaN-aK-50CKWa0U3ibDwRq07liVTjG1UwUllFGPkCWhL0wUDd4SCN2SWwzPhT8x05gva8GBVwZqrI8Pe6UqbswZa5RgInQrmZFoqdHp_KSEoYxrAjsAuEji4F2RQ5vmpflkcZtiEdeZrd1IV7HaHNwui4YEPu6xfhhRJu3oKJPx38l6VGURxJIhHy6KeWGvX8IHil4bTUaY8LM-wBg87gLCrDC8ec43I4APcpZiraQMBnJkQ_230D1MR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ7d7lh69ZeeRBM6VjvQPmYud4Aacge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEnQJP0BUzkY626QUgA6U_gqS6r3qJZ0rc5ib51boaX0MFqSUk_oN5jveoFopfTDf5K0wXT17qSooCgvojofcZOm_hT2B1bSwe7gwqW7H2AGjcqXdfnotZjxYwDxZ3Nba4_EwjUg6jmD6Xj-O8dtAZ7RRpk4_Kysy4PyExTg8PlFM1WcTcHJoqPXfa8hx7AKiSqUZ5U7rws1KDglOenJJvmZLxZaMre2RFPZeKuH_fh8YfF1HLUrZArESlCN42Kdey8pZiqthYET1pYWyCMCYkEqZAApOVm2lb7R08kFRirA_VcELnsHAO8kURseAK2KZ3_Ee23eRsUC5CgSGCzGT2O9FygOPKzSQNP9316kwoK0o-nuteXwQmLyUbxD0y7cPgBAGABovs6v2At7Pwb6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOli0rNTfj42EA_oLAggBgAwB4g0TCLPJ1N-PjYQDFc6KgwgdmUUHbNAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zDRhe7if-z9px11sY8frQqH1tcA%26client%3Dca-pub-5900327121854735%26adurl%3D
Frame ID: 339BBF6F8A36345A1CA51F170D76891A
Requests: 27 HTTP requests in this frame

Frame: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 26B4514E725DCDDBC7B49F951DA227FB
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0elgAFqNsIg5mHAAbR1vUESaXw8xC1qQ9aDA&u=%7CkBYb1OrAxskeVxWCmYjaJvP68gOESqzvSDZImmQmftk%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPbZQiC09DurE6LvhJEVfnpona7yZr6CGip8a0O0VRnOfDVSJxtXdF-Lkz9iieRXRrJLdnVzeQ_G15K3Sx6jpYdO4GP4omQyX_4L1EODzkeqgSl8E2_vxpWTWH1jow-vpxl2ambypHa3rTFxnrsnesn6jkOCXnBRPITfzHIjxQjrCzepBJUPJnNWDWY2g5UhgNWhFtPMZOWI1KnYBdnZ0GDHPmC9J-IOWBht1dBOJtVRRfBwnrSHP55QPZaALxhRyN0UyZAdsKhk5McU7t5D8pruBv3AWO0Si5OB2MTwVTnVPhEtZwjzGz1HezGHrRp2k0yBoiF5FGEFJ21hDzDoD0DrAtUAaXbX2dfAl048TivHJlhBBXfaXPEy08h5S_RwYPd-GPXXeV6GMrJbuFCg_tkgolMQLtVId9JD9SRMv5JSpooe5oVL10kgrpAmhfv5bakNQKGkMr1urpY0Cf-RF01pfWfFBQTp6l4vVTztTMlkupD0UU6uFDTKLUxZC9egi5UOniubxpmueAZFAAWvHmtfB9XwS8lolhEn1CKhuRsnh2RnwPXpsVYfeRR-zUjobnZE9NtgE8gKhq6vNHCM2PZHVoVUiLROiRz15BuYipE4rCVkJ8Pn0rLLA87LGKlHKdXchi0_GIbMq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu53-lh69ZdvRFoezjvQP1qObyA-cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEngJP0MhkAxbndtPO7a2SLt-IcOugIZeStgAyHWr_cmF7IL3URkifSCD7sEP_mPEw0YKOGE0TbBIvhIDpu2WxeQ65l2Gn20m_grIXrYhpMlUDwZrOHnNcSbFtoof8IO8Wmh1Xt9AmKjfoHfvPsuXVYgwQGSV-3y5CtDUDpkKBJFp4L0y_aACoIl2D4J_jh8K7WV-pOvt4oSKzbzdq9IOlkRljjh2IG7m2sz84Jxy20_-Qw8BSHMYa4Jn4-tyBZMIVG3hqveFw9pan0S-jPrOuJEzaqb20trcRH_7xjpC0NKA6cds04yikMsZYaXSxJlewM_MGBzvj4J2bMqcBwhH1jjIzVSi66HzShsdCM1g7srkJXPWcDFxHeTE-VeMaXFC14AQBgAbypqqq0eLdvHegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYnavU34-NhAP6CwIIAYAMAeINEwjq0tTfj42EAxWHmYMIHdbRBvnQFQGAFwE%26num%3D1%26sig%3DAOD64_3FC_rRwnDjrmPlMEbx9RnqthUVUA%26client%3Dca-pub-5900327121854735%26adurl%3D
Frame ID: 767304DAA76A6D887EBAD149160894B8
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D3000482AD62403EB39840CA03270DF0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FCE91A15D394D31952BCDB8DA1D4298F
Requests: 2 HTTP requests in this frame

Frame: https://udmserve.net/udm/img.fetch?sid=16003;tid=2;dt=7;p=1;rri=1706892950531_603358_96.9.249.40;mid=47859;zzz=%5B47859%2C1706892950%2C%22QP0esRWdr%2FglmzqkAKmMfg%22%5D;version=v2.23.3;cb=0.017149519675945468;qqq=15.527950310559003;session=1;style=slider;vis=visible;traffic_info=%7B%7D;
Frame ID: 92EC22E06FFF37A1EAEC6B792AE0A5AE
Requests: 14 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=AAABjWq_forWJOTByTedfiwzus3urmstrhKUbg==&u=%7CECTiOiLbtrcCMssJaKqiK2ylmiSST%2B0xq0tXeRSAvr0%3D%7C&c1=SEEq4vz4aLAYktY1lOO9P1-5t829v_C2AVI79eRMpCeERC383T9inH8CF6gtJy5Ol3WtUyPR2Dw3LfzcR7ZXdorWj5H66lBLcRnaS_VDz3yhxNnxYN0qE7yJccG2g7to97wQ32VQDlC--TqGHMP4h9NDusRl-FCmHLyn3PaX0XHvxBGWJ4JiB_jApBJzvOZsUBtEvdWtwV1dCBQVwuoEN_TJDhcKXjzUPdIZJ2XF1_6Dl4riZ2jl37fkztGzLQZGR83by2Qkx2V7grHSGoaz-OLDPS1lNDmQqPAqVi75PNbZxeXpi3isAqS1wCSmyvOmV1IB4OTAk1wjsqn2v4t_xFbXxpoBWZ0_64C7mH0z35_BmGT9IUkcjbq_Hckcwayg51EeoIar-Cu-P1TeRPSIWd_fkKqTZCxZ2HIhbLPlHlfa8L-ZJuVDSXS43QNBalRN0CkHD5QqfOL7EByecHtnMpHUBtx6rERp9T-dkGQUvp-NPaIr_KKS-1fZpRNoBk07JSRvo-eo63lZRDZwI3_4XEJx4SXEArrTnPvIiZDmqJ-17rXCl3CujlTvwhaYXoDgUZ-Dz001V8SLayjLCQfyierrLUngsgjJKSWs7ohQgQhzeFEOgFsjbA0kQXatcsj1U_UpeQ8D2VU7TAsgLgyDwzZOl4xsDYmTsZbEF--XuV6q--T3mdV1u0pEbxN2vYkxqMt0FtXZ5n0PCijuDOCafA&ct0=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3D33Across_HiView_Desktop_Display_RTB%26aid%3D26634200495993808108470%26rev%3D6d571b4%26pr%3D0.237%26bc%3DAAABjWq_forWJOTByTedfiwzus3urmstrhKUbg%253D%253D%26bmid%3D2711%26biid%3D5554%26sid%3D64%26brid%3D25369%26adid%3D11094530%26crid%3D1672424%26ts%3D1706892951%26bcud%3D290%26ss%3D60%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D75459%26rdir%3D
Frame ID: D88FDB7477964CA6C0395424ED14D3A8
Requests: 15 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=99163&ld=1
Frame ID: E9293E9D6EC240C7C18680C626A9C371
Requests: 11 HTTP requests in this frame

Frame: https://widget.va.us.criteo.com/dis/dis.aspx?pu=87961&cb=65bd1e98f3a2ea5581f9fcefdd336707&r=https%3a%2f%2fwww.btolat.com%2f&crossorigin=false
Frame ID: 884922382A34DB82901C1122EF032E76
Requests: 1 HTTP requests in this frame

Frame: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 128C776870EB0F52E77762F396BE430B
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0elgANasMIg6HuAA9ybul8Cj60xBSii6u38w&u=%7CkBYb1OrAxsm8nYiblcw%2B3XVjkhToP2hYzH296UCOj%2BU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQY7vZHtQjj3j9oagF2XCmsd8eXN_YDv36Yf6L6lz_aNl-EjT8feMAh7YTJCXL7ShZNXK0CKfc8Q9PEzXMHONns-yiklnc0qOr4CUKbhAVVWcw0gFaYVtfLmyXHOjSTv9Zr_PIpyGADH5yQ8a1M8vFX7NgH4BnZTN2d0SQYxNA-1LHoBM366I-t_rJnpvW7wrKiGvlyvmc4I3nz2--VnXdM9tFhrtdZAp0nEv0Yhp_lDSf761TCcQAAvj32rdjNBWbN_rbHcYftzhbx9e5RmfCWls8QpHFlXCcUwNJU17fbdKbiHv2EfaCQwNd6NJtHkTv-9dZGGBtPwOBGdNL65pe0g3j0nJDuNByWZtf9HlSJKf4nUPH5fL6idhgY39eIOWnQau-w6ndDfQNB0wp9-umSXKO3zXSTcoUr-V9GAcTlEHe5NpPoSrulo3HCqJtUlWUYz_plQdcoINTo7FDlVnmZNLHXYUUjVZplGNmYZMI3xa4xPrODetChiOhc-9SJbgZsQ4EzfyY8axRM0swGBMnGLb9tNOvsG7bSxcmXUw68wxvQb-pw9gF6g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC257ilh69ZcPVNe7DjvQP7uS9wAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoElQJP0BBiGluBEt1hMJ95Z0kHXLnRjKt_GJceNXHb_9jfOc1UxIMeNHYRIWHX4sVBEQBpXOPGWPRZJAkqqd7iWWxyIyURF9RkxPJpDrtnFW6v2qzU8bCkxTt7St0vGrem-1xJzm4qxCrnsNNO1BNQiIVkSLJdrWyFdS7uDyl3TJzRk_I-2Wy9I6m_gcOd2LdthqdpCtLUWKZv2GpxSNStQK15rgilcLgvrcNUHXikxz_LLtHPlUPk172JOXofuwNspIJdclnpCckLzRxAKUHxidRMeXB8iyBB9dngau39lx8EWhCmvFVB87DFagCndjXVY9fpYbBLt20h4DmDwlgA2NNWGYwXtcX0klk32Ti6Pj-_zQZz1mI24AQBgAbXh_W_3oqG4tgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJuv1N-PjYQD-gsCCAGADAHiDRMImtfU34-NhAMV7qGDCB1ucg8Y0BUBgBcB%26num%3D1%26sig%3DAOD64_0VpsoTkeNlVxS8IClkPb512H62gA%26client%3Dca-pub-5900327121854735%26adurl%3D
Frame ID: 6B3E412B2B6ABE341AEB3B0855088573
Requests: 19 HTTP requests in this frame

Frame: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5472D842DB8959C27DD9FF3A9F918834
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0emQAMpQ4Ig4eTAA8CFuswBxgr4ablNWw4SQ&u=%7CwIJv8w3ot1X8eOYuj3ztAQHaz%2FcJeiLZ11hi5idVTls%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF00opj_B2EsD7W496DX6MjdNTaYZlf7v6EHQNsiikQKEomdJuyseGT5R892w8ma3yNWo2OrnSkSS9h8VukPxY0Nb1VHIAdCWAaQbp4ORADFDv6iPuzbxEED0qwjX4SNDHspXMRAe4L_iyBTCAHAi0PEIeVVyyfIrZCLncGfgvESsJAlqysrseYvqM37G44EEdkEuW5HLrIvqzwY4zoHPxxNn0QbHzxX-zbPo1DevfNvvT-8WOB-fMeJPk6IcxPn5KH5C3eCo04eQwAO_1MUZNDy5NOvWu1uOapvsJ9mzUsAZ3QKUWvh_BLKaS6UgAhS-S2iTDqwq7qfImFfte7mSF0S_FJBSr_-sEvICQ5PoOaPN3HaUi-Qoxo0k1Be8a6ntjjhHa0tn-cJ1bhUwiR9JQcMaJRW5JFkO8fDlinambxkes7K4u3d3PIJgndc5XO1YPRkBRu5WqztjHZvpz37OHdndI_AM1Qyo-JoEgJA4V36j4CCUCylUR2D-YoqMSEt3tjTbNGTApXzCcCUy_ITEsA1YF8Or1iF9ZpyQO7y4K-1yJQd6mNg8eihQW-qBGnrRdPiiR6yWufwWi0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIhgmmR69ZY7KMpOPjvQPloS8oA2cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmwJP0KDULmoBX7GeEJDk0QhnyrmXH6gaPNGILGFPDn1nOcElaPYfFFruHsJ6CeQYzQrpQGuxupYdy8Pep4UVkujRRN4rWrIdKEUOeGBLA6lTCsihoIoJtQAFbUcva3odqU_lyJrB3vRQjgolSKuhYMT0UymTPaeFN__7PKCNe4g0ltwTroEMA3aiLJpvWBLqcK-pI7Xng1BBviHjyGMbsOKmvm7z3iuu2QG4ndQEjSPgZ5n_hse_FD1eD8ry3tq2Kj708bnvxPzBlhz6FhZ4ixZdpTmOEVfgSawdadGXLk4QlfDHJ-ylw07NlgTK1XTpoU7-UrWhVcmWbtW2Pdblxuay1ob_csLs44Jzjp6_l9r2IdBQvvy7dFeeSQQF4AQBgAbRy_uu6uro4Z8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WIWl1N-PjYQD-gsCCAGADAHiDRMIlNLU34-NhAMVk4eDCB0WAg_U0BUBgBcB%26num%3D1%26sig%3DAOD64_3U-Sf6s463lmyk3G4Xv1pyNjNBTg%26client%3Dca-pub-5900327121854735%26adurl%3D
Frame ID: 6C8013C69EBCDB8DCFB5E8AA85F2C2B7
Requests: 15 HTTP requests in this frame

Frame: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4E49BCFC340C977C90B355D4345544E1
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVODWCiUs3-qyvcuZa2hGmLyTNxv1U09W_aEgN0hyRqtyC8XcowTilFO7jTHUhTdkEiE_Uc8UXHhvaviU-tXjRw1zfo8Og-c7T9HDMa74o1H2VTNrA3T_BH6HVpyP8udcq1pRhZSGRxdkY2_2Bp2NQI4a7QoLp4s9ooAfP-utaDiVekgyzFQgWntLfde4wZxjmJuDLYQ3NCgG6xImRyqpSyhv_uQN0cuHyJtOy2e-7w2TYgLwlpZI7mEDDPJvpQbMeDuRmJOLYtwl9hfuCQJI8k4PRUI6PLdW0vFKBRejtxfLWSSFYSvIszZpxbNjrJVyI86HXh3N53Ytfw6LYeMTMGQ&sai=AMfl-YRl0eeR4TkiAQczxJQr8GA2xqmpbjAPkyF_ag7uYy8Rq59fMZ2NkGV8GeEen8tNvIiu8PnPZKwIBW1nv-dA5_9Nun5OhW1FNYnJNKGl5w_9e7wu7zUPrSKiubOx5G5KfWpMZYct4gHupBoqYf738A0&sig=Cg0ArKJSzIIogQRs-WOeEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 654A641AB0BFAE5B93496DE7D462E470
Requests: 7 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0emgACAvEIg4pGAAGWvy7nIUJk7cwS1QwxGw&u=%7CzxgZEKA86t2L8os7O1Y0y1am9YOsacCZg49zTNJ4AD8%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEaYXno-Gq7T0yJV3NMKe2X672y8vz046MeyG6-CLenxUrtSuZ341Y-n2sxdfhlZqEutOPOaGBCMAVdDcn25PNr_f23Fxd_O06XdeRX_GH1nZ1QTCwzVSAFOrHj2ARUyt8iOzAwRYbpZi4EpzoYSb5XWT35l0r-VMYZJzGNlERjYMdJiHk4arcXO8Ain1Cyr7qgmMXv0tvoDvM8KIr7pmN29Cle8cRQEW_dPuT3tp0iD3o7T9uP1Qu2sjf-y38KG1v3ieK7HjrjWr-06SOc5Z27afFqSLAwtVWisd-8jdHmzlN14JBRA5F2iYzkO8rA4EBL_83FjccRbR3ujcPwsh1Z0RSQO0qFf0Pqrwzn8syOQcBlOFVmXNk1Bc9FY3fpp8kLuJyNdX_1fzcwRQ5gGCzy25EuXhVKllZY1ZMnYY-OKlY5jEPq89H3gLPv6MhifLfF29jUdlOB0pULhxbiv2I4NuKTIV_YDIbdEruBf3a-kzCyZRMFWqjUKgo_6t9p6v74sgYuUpwquRD1MaSqUuGJcS6Ch5t_bOnG2aLnko8gTLkzWXMdORcGmj9Pa3B33tgIEMdF1ZUgQhIZU0aJy7JGs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjJjbmh69ZfGFCMaUjvQPv62GkAOcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0GvaV9v0bguGDS1lcKiw1ckxvsywATxucde7lTBVhXXnVUudEJjlmwJwlhjUf8qVX3OgZIFHBjgcsObCg1n4dczHTgDGEv7YF62N60NxmSY7f0nGwGOVB-q6kZYFTx81fTPLLGNuVwEwpsPi_Nwcpp52ZZ4QxuCPXU0oFVxKcXwr48Wz7VA6kkCBhk6Gzg3GxfAyk0qvBkEwSXdIYBRGaSZYb2q64xSQX5V5BlDl0u8dAaGmPMwzNYC0KGAoypKGqvUV3GCkyUl4aZ4uMX1RTCYjbc0A6i4sVbbtw6Hb4FKSynZMn7_85n4S0jJQ-y0eCz7N7l73MYCvT7GutoCsUpIzSQCTMkhkhEGZ7-mYkK3SfJ5z-HeZ3-AEAYAGmIiDrK-b3-wboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WLiw1N-PjYQD-gsCCAGADAHiDRMIieDU34-NhAMVRoqDCB2_lgEy0BUBgBcB%26num%3D1%26sig%3DAOD64_0mpyOrKvK7AdeWJ4x2TV0cgazrmw%26client%3Dca-pub-5900327121854735%26adurl%3D
Frame ID: 71F308E91F3F11909743F9B0DC2A03B7
Requests: 18 HTTP requests in this frame

Frame: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F67D3C411C3D71E642CE7C7645A901F0
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0engAE_goIg6HuAA9ybpy_kMkzSplrQjZnMw&u=%7C8rVyD6kZIAmiMbw8HGPQxUjB9I2Nvlsgrp168V0FjE8%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxblGjs0kjYw2JAKF78E12ZFKl5XFEkyNV6GTyYUW37hwr-GL1SXvVNMGK9DDJ7tOr-PeLjf_hhBMOxvotSR0xpB11B_pUEJu9V49W6Mb_El3T_SHotfmwWnARLw1ea2oYqxkFX_tghdbSD0Lv4LeaV9QY5FgjJ387DZkhz5-ch_-FPoYIGiz5uzIb4MFXgHwNcqRJlxlo9pvqn-70llZRPftAYSS5lbDV6QUoCxlw_PbvgcMLhmZmS441SyigG5la1KTSLCoUetgBg7XUTAgx7yptCHJ4aOkXh4iSdmWYSN4glp4fz7i2vWBz639lY85H7Z6XtlG9k2_IHe6RqBWpu1l1wwRxILr4B7HGJRGu3MiHmb3-7DMHzgL5P_XlnnZEv7r6BtewHEEaXrSt2K_tA4uBUYnheF62lSc7E1JL-29c_nIOy8ZLEyT0ZaIANupLgpcuJ0dxNiC15MB-fEs9jNJbVKJiLL_NpymKZv0xRvjiVFTUfBqYqI5FVxJHn2grZSJ_tNcz6OwfSKnW_xt5U6SZVBXp7foPdqHtRg_xb-4KMDp4R_xF6Hw3daN-nGtp6aubeZAY3IMpyPHiCCO4_U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgDITnh69ZYr8E-7DjvQP7uS9wAGcge-wXJrwqKp0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNjkyODgyNjk1NDY0MzgwNcgBCeACAKgDAcgDAqoEiQJP0C20q1MBc0Ca1UJcLbgXRdHw-0Fce03ynmRUlhw2AR-mH1cxjf7oz_UE938xzrf7aISrfqTDatKctBLlI4dhGIlUKZkKUA6Bslx8jiqUuLA8NEdJ691LhWkeESEpzX4q6R-IYQ8qLmsx5qKgg12qkrWEIlfedII8yY59QybL8akyFkrhX3eJ4VZd6gehu-in-qVyazf-B-Nf9HpDgyh0tmBMI06rhZPraLrbSoJfkNG5G1DzhfHu-dL0F3EOnHMgQ_YUrgRQIzSPHDRiFXr3KESU4xvpwKzLNN1EJeLSUh6uKKPA8sYP4zrNXptaOqB6zpJwKAq0oNHTsLRzoar9m4Gzp8EWq4OA4AQBgAahjtKampam8-EBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPKczOOPjYQD-gsCCAGADAHiDRMI88fM44-NhAMV7qGDCB1ucg8Y0BUBgBcB%26num%3D1%26sig%3DAOD64_0WkMWYKqwaGY9Rp3VEd1wKQDp90g%26client%3Dca-pub-6928826954643805%26adurl%3D
Frame ID: 649EA2C493A094D290012BAC58922A13
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js
Frame ID: C2D5436DE22E7722076AAAD2A53A030F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7676B73A9952E352461463ED152A6371
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

بطولات

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

413
Requests

94 %
HTTPS

49 %
IPv6

52
Domains

84
Subdomains

63
IPs

4
Countries

5190 kB
Transfer

12029 kB
Size

104
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://predict.btolat.com/competitions
Title: مسابقة التوقعات

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BtolatOfficial/

Search URL Search Domain Scan URL

URL: https://twitter.com/Btolat

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BTOLATdotCOM

Search URL Search Domain Scan URL

URL: https://www.instagram.com/btolat_official/

Search URL Search Domain Scan URL

URL: https://login.btolat.com/account/register
Title: انشاء حساب جديد

Search URL Search Domain Scan URL

URL: https://login.btolat.com/account/login
Title: تسجيل دخول

Search URL Search Domain Scan URL

URL: https://www.instagram.com/btolat_official

Search URL Search Domain Scan URL

URL: https://content-ventures.com/
Title: Content Ventures

Search URL Search Domain Scan URL

URL: https://www.izooto.com/campaign/getting-started-with-news-hub-izooto?utm_source=referral&utm_medium=news_hub&utm_campaign=https://btolat.com
Title: iZooto

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 138

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.057125248 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.057125248 HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;apnid=6768969262973248592;cb=0.057125248

Request Chain 139

https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.057125248 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.057125248&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTZEMUQ0RDQtMDM2My00NDAxLTlDQzEtQTlDQjgxRTc0RDkz&gdpr=-1&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?cb=0.057125248&gdpr=0&p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3DE6D1D4D4-0363-4401-9CC1-A9CB81E74D93&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
https://udmserve.net/udm/fetch.pix?pmid=E6D1D4D4-0363-4401-9CC1-A9CB81E74D93

Request Chain 140

https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.057125248%3Bindx%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.057125248%3Bindx%3D&s=199174&C=1

Request Chain 141

https://ups.analytics.yahoo.com/ups/58806/sync?redir=true&cb=0.057125248 HTTP 302
https://ups.analytics.yahoo.com/ups/58806/sync?redir=true&cb=0.057125248&verify=true HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-dYNpxFRE2uIuzKhYx_1D4Nn.u8nAI_mO~A

Request Chain 142

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.057125248%3Bsonobi%3D%5BUID%5D HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.057125248;sonobi=6a07821f-247f-4aa0-965a-0b5f6c181c83

Request Chain 143

https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=24042&cb=0.057125248 HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;magid=LS4VZQ1D-X-682G

Request Chain 144

https://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]%3Bcb%3D HTTP 307
https://udmserve.net/udm/fetch.pix?dt=1;sncr=5E15D2A62FC44EC58D52C87AC88A86C7;cb=

Request Chain 145

https://cm-x.mgid.com/4c7eda2d9428691cd8f54d15244a36a7.gif?ccpa=0&gdpr=0&redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bmgid%3D%5BUID%5D HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;mgid=047cb5f1-d5a4-4def-90ca-2176ff2a581e

Request Chain 259

https://eb2.3lift.com/sync?max=10&gdpr=false&cb=99163 HTTP 302
https://eb2.3lift.com/sync?max=10&gdpr=false&cb=99163&ld=1

Request Chain 265

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=9f10ebaf-c646-4db0-8c16-f9857643db0f&dongle=0cfd&gdpr=0&gdpr_consent=

Request Chain 266

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE4Mjc0MTU1OTQ3MDQwMjQzNDA3MA%3D%3D HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

Request Chain 267

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEAmw6wxt0vBxZaZCr7fVFug&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 268

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE4Mjc0MTU1OTQ3MDQwMjQzNDA3MA%3D%3D

Request Chain 270

https://pr-bh.ybp.yahoo.com/sync/triplelift/1182741559470402434070?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-MdTeugxE2oSGzjPoOeoBAzUCaZYBCLwj_NGzgj5fbQ--~A&dongle=0883

Request Chain 271

https://x.bidswitch.net/sync?ssp=triplelift&user_id=1182741559470402434070&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=1182741559470402434070&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=3117114042597968690&ssp=triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=ff2036f8-d120-4770-9c22-ae1b86d2707e&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 273

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=6768969262973248592&dongle=4d58&gdpr=0&gdpr_consent=

Request Chain 373

https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.8.0&coppa=0 HTTP 307
https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.8.0&coppa=0&b=1&g=NLZ5BuOM1DAyo4thT%2B%2BWo034fblWGyI%2FwLz27Amnjgs%3D

Request Chain 400

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDHkmUfvIG6LV63UBMOi_oo&google_cver=1&google_push=AXcoOmQzVBWQNPy7bl6U5d_aWulOf0POC2FhrT90ifD672VxwMLiqc4mEGXpB4ujtgsYPwBitR71pWfx9lbZjVXqimW2eybdYi2g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQzVBWQNPy7bl6U5d_aWulOf0POC2FhrT90ifD672VxwMLiqc4mEGXpB4ujtgsYPwBitR71pWfx9lbZjVXqimW2eybdYi2g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDHkmUfvIG6LV63UBMOi_oo&google_cver=1&google_push=AXcoOmQzVBWQNPy7bl6U5d_aWulOf0POC2FhrT90ifD672VxwMLiqc4mEGXpB4ujtgsYPwBitR71pWfx9lbZjVXqimW2eybdYi2g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQzVBWQNPy7bl6U5d_aWulOf0POC2FhrT90ifD672VxwMLiqc4mEGXpB4ujtgsYPwBitR71pWfx9lbZjVXqimW2eybdYi2g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 401

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKNsd0ZKdVsCAAttWJESW-E&google_cver=1&google_push=AXcoOmQpp2ncT4SeSbxtks0xaklXM5i57LyUGJVageLFFOi_qHUIhdtGQr_1_Zmq4uL9QB3R9dGXen5A9HTD7Pop2Sp8eOP8ww8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OWYxMGViYWYtYzY0Ni00ZGIwLThjMTYtZjk4NTc2NDNkYjBm&google_push&gdpr=0&gdpr_consent=&ttd_tdid=9f10ebaf-c646-4db0-8c16-f9857643db0f

Request Chain 402

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELhM4abwQ-pO2jkfuaboJc0&google_cver=1&google_push=AXcoOmSyYJQn2F9x_YzOQ9LM8lR5EOPw6n744N_Qj2kIdA3bn1aZBSPc4FZu84gVqjJb3WMLY61a7thof_buFYd0BZFzBmWS30Ja HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=66149dfc38&gdpr=0&gdpr_consent=

Request Chain 403

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmRmJOn55_8cVFiEo_wE-hTbwi_EO2yJCP8u5J0BWBaPMYJ93RqYip7mZ2rbEXSkKkh5hN6OLDm5Y-f8QpcjjbWzvUKjP1Imlg&google_gid=CAESEGpz8IvJwOc-cyv-HGq-VfQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGpz8IvJwOc-cyv-HGq-VfQ&google_hm=T1BVNzBkMjk4Yjk3N2JmNGFkMGJmOGJjMGNlNTYwOTU2OTA&google_nid=opera_norway_as&google_push=AXcoOmRmJOn55_8cVFiEo_wE-hTbwi_EO2yJCP8u5J0BWBaPMYJ93RqYip7mZ2rbEXSkKkh5hN6OLDm5Y-f8QpcjjbWzvUKjP1Imlg

Request Chain 404

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEIpp68Oa50k4ClZIK8L73E4&google_cver=1&google_push=AXcoOmSu6lYqo-zSXPXnYyZ40U_T0x4XYapJnTI0VGP1WIvqQzdqDbIYMMtfpyiQP6sd5fAmCQtUy8c1HLeItKmLmtqdzSYCCm_41Q HTTP 302
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEIpp68Oa50k4ClZIK8L73E4&google_push=AXcoOmSu6lYqo-zSXPXnYyZ40U_T0x4XYapJnTI0VGP1WIvqQzdqDbIYMMtfpyiQP6sd5fAmCQtUy8c1HLeItKmLmtqdzSYCCm_41Q&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmSu6lYqo-zSXPXnYyZ40U_T0x4XYapJnTI0VGP1WIvqQzdqDbIYMMtfpyiQP6sd5fAmCQtUy8c1HLeItKmLmtqdzSYCCm_41Q&google_hm=T3hJU0hrd3FxSmNqcV9QMjR1NHY=

Request Chain 405

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJ149fqtN1fZuMLK7tGuLQk&google_cver=1&google_push=AXcoOmRlySbZYnY1D6XpTtNmuY319uFhIHhvkC5RM8fhtxOv6CPrnm3jlhY5rEodKO3KjmeiQ0n6DRDjGiIG-TBiLTOSGCr_pOg09g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MzQyNDIwMWQtYjk5Ni00ZTRlLWE2ZGYtNzZhNGUzNjJmYWYw&google_push=AXcoOmRlySbZYnY1D6XpTtNmuY319uFhIHhvkC5RM8fhtxOv6CPrnm3jlhY5rEodKO3KjmeiQ0n6DRDjGiIG-TBiLTOSGCr_pOg09g HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 406

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEACOOpq4yr-MB4ZLcjCldoA&google_cver=1&google_push=AXcoOmTiRCev5vIL7Ee33zDFe7G0ra8ggq0V05OU-4HbsoU-1DpBYABJA3Qzs7jJK2GirMKRoxO_8zhWUgv_yVKTEkFxgjZyL3NZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTiRCev5vIL7Ee33zDFe7G0ra8ggq0V05OU-4HbsoU-1DpBYABJA3Qzs7jJK2GirMKRoxO_8zhWUgv_yVKTEkFxgjZyL3NZ

413 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.btolat.com/ 112 KB
18 KB 212ms
88ms Document
text/html 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f65badbec7f23d1a92fa71089f249aeefbd86dcd3022d5fb126539a73622c806

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 84f3f6c29b0a4bc7-BUF
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 02 Feb 2024 16:55:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bKnqWkzQw41NlSdDOxBo%2Fx16yqSX67JEdHYGDql2AZVBfRqbiH1T99wAHfJn2sJhhHuC%2B%2BKaxx4vn%2FIJMS8dsRqGAPQ270EJ4ug91Z6KXDQl6IsxoPedxKD73xBNjsamkhElf9CxZJcMIJwhA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css
www.btolat.com/dist/ 467 KB
62 KB 69ms
65ms Stylesheet
text/css 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 758a849ace3f8da872dbe66c1f7fe9de5bbf161ce29e54686a0a5af46a2ac74b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 02 Feb 2024 16:55:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHfUXmPxAIRSnC3jq7o6AHAjNnrXdKMkPaF5a303eGsCwnzz%2Bgu0r23zi1%2FNpducuW3wd2djgDsPO7p3lSFm5ge5nnXKkCCAhVJ%2FvaTApBPs4wx%2FQgmdSdNU%2FHoWQk9oK%2FRndd1bD7O7G9r7og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public
cf-ray: 84f3f6c33b4e4bc7-BUF
alt-svc: h3=":443"; ma=86400
expires: Sat, 01 Feb 2025 16:55:48 GMT

GET
H2 200 site.sociallogintabs.css
www.btolat.com/assets/css/ 3 KB
1 KB 57ms
54ms Stylesheet
text/css 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.btolat.com/assets/css/site.sociallogintabs.css?v=2
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e91e06c06bbbb021a7a6b87c9b1e01d2fa18f16de16e30e1a8a5c8b9a2b93db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 18 Jan 2024 10:21:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 140231
etag: W/"acdc42af849da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hqpWPTL8sgo5cS4Upebw1Yek0gJwLM8MmxMsgZKfHEWJB0die0zVer9nmhkI8u1qW70QmFkkN4m%2BZD4Y6l8UeyNWYTfuWjP77pK%2FI41qJ2Uc2dxti3l6ekaJh6WVhRy3w6dWy8qy2Cx7TNc1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 84f3f6c33b4f4bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 notification.css
www.btolat.com/assets/lib/social/ 8 KB
3 KB 58ms
55ms Stylesheet
text/css 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.btolat.com/assets/lib/social/notification.css
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84bb6777670ca188fb6a7d6298b367e96e356e00a34c9af3c8e66c1e949601b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 18 Jan 2024 10:26:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 582828
etag: W/"b8aec3c1f849da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0a5wo5IEG0HFMqF9yar%2BGShXrqAi72XUva5CqJwaNG%2BmQAOHQkmHQjYnqss99k5BSEI7mAAfIoCwiPTajg9FmF3R6sSYDNxnt0%2F5prDKD86s%2BJ2x%2B8ooN30JmED%2B6BOhqetcK2KgOifGr20pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 84f3f6c33b504bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 404 site.localhost.adsCss.css
www.btolat.com/assets/css/ 0
0 59ms
57ms Stylesheet
text/html 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.btolat.com/assets/css/site.localhost.adsCss.css
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 26
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99P7nbQf7jbVZHKKbmGmCejMgzrSgJzEmEOFqz6UcLOTUj6cYqAKxjFmVObzjPi5adO59meCKmTyfmmJJ%2F3HzMKEyLFicVS4%2B7l7zyBYLVfnm%2B0eAX3I4Z87IsccfTXTw4QC3EtcBnJPrSEM%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=2678400
cf-ray: 84f3f6c33b514bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 100 KB
30 KB 121ms
58ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.btolat.com
URL: https://www.btolat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32f7ed82f1e99150e45f823761172961f08ce3d3f8dfa8d29df6ed6b478fdce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30283
x-xss-protection: 0
server: cafe
etag: 220 / 19755 / 31080791 / config-hash: 16504606021960176266
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:55:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
92 KB 124ms
60ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8D6S73ZBHH

Requested by

Host: www.btolat.com
URL: https://www.btolat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72f00e2c1a1f64704c8bc17344a0ba2afb241ca9ff6ae46720c383e9ad4325da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93770
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 02 Feb 2024 16:55:49 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 332ms
110ms Script
application/x-javascript 2a03:2880:f03f:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.btolat.com
URL: https://www.btolat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03f:1c:face:b00c:0:3 Düsseldorf, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

474cea7f3f466424de9bae50f66c078ea836427bf55c23973bfdd194ed125891

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Feb 2024 16:55:49 GMT
content-md5: BUbuwnDpCazV3bxDsvRDYg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug: QIW/cHInz5OhrwaaBZZvQiBViMslxlVzqlcim0adRIkbvV72WfUuzkK2gW5xRpQngn5OKTCsMCeFa30gxIoEZQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: d760ab427c470779013c5a42439953e8
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "beba0502ab03849e2a40bee39ec61a66"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 02 Feb 2024 17:11:33 GMT

GET
H2 200 e33a2420443e20bfa49b78c813eaacc658f872b9.js Show response
cdn.izooto.com/scripts/ 2 KB
1 KB 155ms
41ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/e33a2420443e20bfa49b78c813eaacc658f872b9.js?v=2

Requested by

Host: www.btolat.com
URL: https://www.btolat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ef546db08af45181e73c6a623bd2f6d4eca7958e8f4db46e887bfa2ba74f28f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 30 Sep 2023 19:23:18 GMT
server: cloudflare
age: 789027
etag: W/"651875a6-65b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1382400
cf-ray: 84f3f6c3e8de4bc6-BUF
x-xss-protection: 1; mode=block
expires: Sun, 18 Feb 2024 16:55:49 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 226ms
113ms Script
application/x-javascript 2a03:2880:f03f:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.btolat.com
URL: https://www.btolat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f03f:1c:face:b00c:0:3 Düsseldorf, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eb92a0b611a67f6017cbe3e9541b673c165939913a07b0801ae9362926b64e08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.btolat.com/
Origin: https://www.btolat.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Feb 2024 16:55:49 GMT
content-md5: DP8z8Wd7Z0p+Vm8G78oe9w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug: hnUHendc0L3/sE/blFMpfMYB+m+4JL2fnjWnaAYQbyNyarll/x6IbPB5fiLG09cEmedVdFYz4gc0AJFze0tLPg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 0c4d849ef758c8f19316f126799c3289
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "bd0d08550caaad608d959ca9632f2982"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Fri, 02 Feb 2024 17:12:20 GMT

GET
H2 200 jquery-3.3.1.slim.min.js Show response
www.btolat.com/assets/lib/jquery/ 68 KB
24 KB 59ms
58ms Script
application/javascript 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.btolat.com/assets/lib/jquery/jquery-3.3.1.slim.min.js
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Sep 2023 09:12:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 586008
etag: W/"a16c37ed9dfd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdboqJaCIYM8SoDPt2BEhW4pvhc5ab03W2pErUU0EVEjH46jhIV6mLfLO3qGY%2BHes68%2F0x5YDeAY4KTlvxzI3G3jE5eKG9MavmDG1JCa5aVAEUacq5DS9FcI%2FglnrZov3wJeS0Q%2BNLiFzu3WIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 84f3f6c33b524bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery_3.5.1_jquery.min.js Show response
www.btolat.com/assets/lib/jquery/ 87 KB
31 KB 62ms
60ms Script
application/javascript 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.btolat.com/assets/lib/jquery/jquery_3.5.1_jquery.min.js
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Sep 2023 09:12:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 140231
etag: W/"3a3af5fd9dfd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMoGQtjDy2%2B8zh%2BCmY5ITgEI%2BmWtBGAoQQH4NyREf1xiDCMLjN8iSVLgULllylW2AvDK3JBgZpDMo2sUoB4hr%2FMRFictKms1QZVTjchpw98EPQDZixLLm12ljg1y4JjkuQSkqg8V5LBSMxWBRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 84f3f6c33b544bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 btolat.com.js Show response
pahtuo.tech/c/ 16 KB
4 KB 148ms
42ms Script
application/javascript 2606:4700:3030::ac43:9d6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pahtuo.tech/c/btolat.com.js
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9d6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a29e3a217c41e7f7c4dc7c1c7db1a8ef16295c610d943b82c422b1a735897fb8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 42JRMJTG9DKM3WMC
age: 25
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 3550
x-amz-id-2: eQIOAO+zQEJsxxOqlGIFcgjY/g3D5qgAAWfrgQgpbd8yw2j9OkDA04HwA2gYgO5qfsVmxRDpu6c=
last-modified: Tue, 23 Jan 2024 07:38:16 GMT
server: cloudflare
etag: "23c37375c0c7ff3ce6c68278389ae6cb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4snAxlJxZmya1DV9LxNaD4U%2FfFy%2FKmn8pscgzf53NWhWLvRcwtRz4kgCnWM%2FybRWJVNBKu%2Fmf06GJCvYJv%2BnALPawZwDQfKu0hEGa7o6%2BgcwZZcKTIf%2Fzu166mD9q8N8eN2ZFMw0kkyaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84f3f6c60a326aed-BUF

GET
H2 200 logo.png
static.btolat.com/images/ 19 KB
19 KB 227ms
108ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.btolat.com/images/logo.png
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e52ec989a1ef0744bacaa597935b7c107d84669815441823f52aae026af38fdf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1301284
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 19064
last-modified: Sun, 06 Sep 2020 15:29:52 GMT
server: cloudflare
etag: "1f448d906284d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIDdZmZcijzmtHuq8G9o5cIJiiXO1nB4stE4A5xHTrapt6w%2Bwas9qrzEY7DKabXkZRSWm6xGVCgr7AV63fJhrLWfA3rzNMS4MFZWWDzQpLwigpZlM85s%2FIR8I5Wgn9ndHbhQDCf16npjmunj3x3B4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 84f3f6c3fba44bc7-BUF

GET
H2 200 preload.gif
static.btolat.com/images/ 2 KB
3 KB 159ms
56ms Image
image/gif 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.btolat.com/images/preload.gif
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f1f0630d276906acb1f05d62ef73e563bb0eabbdbe54e453884c1673c9e4af45

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1227874
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 2343
last-modified: Sun, 06 Sep 2020 15:29:52 GMT
server: cloudflare
etag: "dc4894906284d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bawB9IL6xBi023uBvIMNjYj2qWHgVQ3xBRn5UlM0%2FrmAbkcp18rae1uDpsq4fHdLlPIBqJLy1cM6Rkv3UuT6NoDMDEuTgtaDxI55xaq%2B7Fvkems0idpe2p%2B7qze1Djd6rg9mVOe38Y5Kg2zaqjboGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 84f3f6c3fba54bc7-BUF

GET
H2 200 8878.png
img.btolat.com/teamslogo/ 15 KB
15 KB 104ms
63ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/teamslogo/8878.png?v=682
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3addac1f8a8aafd8db0c71e77ae8fe1e029c4a6c2ceda391b26236500d5507d5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 15366
last-modified: Thu, 18 Jan 2024 00:22:13 GMT
server: cloudflare
etag: "6f437f62a449da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sve1%2BKqZhY7NFPE34ees58D2m96dk2kLVoIWRWT%2FEor7d9q2M%2FUzVAIOWaGqhuT01zLoIibAoOpv7f%2FshfOGFEZMckzSAUYyR3twROny0ZJ%2FqOMbx1avGGCAPziTfm3NPh2maYu4TDjyUkumSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c5ac7e4bc7-BUF

GET
H2 200 8883.png
img.btolat.com/teamslogo/ 26 KB
27 KB 100ms
59ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/teamslogo/8883.png?v=120
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c07c689ee7cee412664dbdf0a74f744c97afdc56a7233719651f000d927bd96e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 26926
last-modified: Thu, 28 Dec 2023 00:39:13 GMT
server: cloudflare
etag: "f6d74472639da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zemjeTmsHCx%2BvvhbvtyF0cZWg4xIt%2BX3SH8qGoJhkDeIWncbRxReYPIKt7btbUQD3TMl3Msb4ndFNBng%2FnSftsWFqlcejhhOLUJRp3AEmPm22YFSkKZev36MTtmVWAREZi7p4WnG23b8zs%2BF3A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c5ac7f4bc7-BUF

GET
H2 200 8959.png
img.btolat.com/teamslogo/ 23 KB
24 KB 95ms
55ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/teamslogo/8959.png?v=14
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7eb3e827edb98d53070f7e82665b5a13fd7b5293d4c8c22653571836c4a3867

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 23960
last-modified: Wed, 20 Dec 2023 02:29:58 GMT
server: cloudflare
etag: "ced2d06cec32da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrddqC5dOaP11gkeXZAT59F7BY%2Bk8pglaVKVJCIxC3%2FzLE43UasMCyXCnVFdaIHoRYO4bDPPVqcPohpNsSPCTkaryC5mhbmlhfUk1y0%2F5m3JyOTQQF%2FH3HBeiTST9Dxy649pyF79m%2FNr%2Bgznww%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c5ac804bc7-BUF

GET
H2 200 9249.png
img.btolat.com/teamslogo/ 29 KB
30 KB 99ms
58ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/teamslogo/9249.png?v=727
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aeaec26604150644eb721e54cb1c089e1369b825e6d2dee9f1d84d58cdbe586

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 29866
last-modified: Wed, 31 Jan 2024 00:04:04 GMT
server: cloudflare
etag: "b5bacc0d953da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9l7UCPW7dBt%2Bp0aWpLAbjeNvS09CslXIA16g6U5pnBTgpkpuoa4BMvd43a5iGbsqpgCTzJYNZ2DvMei5LF7xbNcKCaCuPoyTzDWGT4Z0ILCbaejnoG9Ip6%2FHc4inWVdIXSbA1BanJ36VzUCCJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c5ac814bc7-BUF

GET
H2 200 15702.png
img.btolat.com/teamslogo/ 10 KB
10 KB 96ms
56ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/teamslogo/15702.png?v=340
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b578f923c6d2826feabac2442d3e73f201f56f8d3d22235e42c0ea8dbdb96a77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 10217
last-modified: Wed, 31 Jan 2024 00:15:17 GMT
server: cloudflare
etag: "a347b591da53da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4fQ2Da3JYsr%2F3CTsiMuqtb%2BrSd04QaUyNlJcEt3EZJpnk5Zv7R%2FqQhF3lmzfAmlu7pSTdYvjHwcsYPe6bHhix4dql9r25UuEYnFqMN2CM%2BJOxqPMrEgVbEx%2FnlcL7QnX%2FObJIpZVPcxh%2BRkb6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c5ac824bc7-BUF

GET
H2 200 16110.png
img.btolat.com/teamslogo/ 16 KB
16 KB 93ms
53ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/teamslogo/16110.png?v=384
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b81180d6821e8e0b339b3d679f77ea235b66a9d24d3dd2e845b66d9fd5e937c4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 15988
last-modified: Thu, 01 Feb 2024 00:10:04 GMT
server: cloudflare
etag: "fcaf951a354da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLlJ9tsViXC95Up9ztL1Qs0DfkuoWTijFXG5xXImbUfDPSbCalkwLn4RrwR%2BLgJ0XBMeKbbhHVEAqEb0u51dM7AjZA7mEysNTx%2FqMIQPQsgd7yNWrlgDkTdHIsSXj896kcRrIys7LuP8ieywnw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c5ac7d4bc7-BUF

GET
H2 200 9259.png
img.btolat.com/teamslogo/ 15 KB
15 KB 79ms
76ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/teamslogo/9259.png?v=127
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aec396661c156428b535bc07b917cdc290218b7226ccafeb6c971c714cbfaec0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 15129
last-modified: Wed, 31 Jan 2024 00:08:18 GMT
server: cloudflare
etag: "7188d697d953da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuHF1rbiGP4ySe0hTqmDQhCPX5YlJWjGtfTdnu56fiF4lWjKumkerxhQ2SDqYmrVmTT%2BJhyB61KQA%2FlRfwH0CMVTOe68sWncALlmo%2BFsOhuhSxU0jnYb8NgstqwqvcOE3oJ%2B1pdBdn3c6jVxGg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c5fcb54bc7-BUF

GET
H2 200 9002.png
img.btolat.com/teamslogo/ 15 KB
15 KB 84ms
80ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/teamslogo/9002.png?v=429
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54ece55bf509d7ea07fb4a78c2d1273d5267fee86cefc14b78e495e8ce12f3eb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 15314
last-modified: Tue, 30 Jan 2024 00:13:03 GMT
server: cloudflare
etag: "19607a171153da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kTUdug6bj7MHPkQVsBcRrHLLxXij1PnjIMYZ9bmhTQY%2BC2MbSgv0oafLfdA2UCejSybf2K%2FzYnpNgQNall181MhNI5PjYnRz7ZHxyS8lceKwj1yp4LaZarXgfiN0ygdHlR8g3lD2dyFtqfefg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c5fcb14bc7-BUF

GET
H2 200 10061.png
img.btolat.com/teamslogo/ 31 KB
32 KB 80ms
77ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/teamslogo/10061.png?v=747
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd40c1c311037a6e5c8bf7e1b43b412a14f2a7806e5d340125ea46802852ff73

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 32119
last-modified: Fri, 02 Feb 2024 00:06:34 GMT
server: cloudflare
etag: "996ebaf6b55da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rux%2BSxFhm6CvYzCvR31qLvFsAzFJUbsygWKLnpdSU9tVCyTJFvfJKaHZW50TstycZDSpmEPSaKqVsDc3mnvow4%2BEucqjJ4Z5gaLqh8PtpxC5G8sXqkf1eUnv3Extt1SoziDTNSZJkKpze0ci6g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c5fcb24bc7-BUF

GET
H2 200 10285.png
img.btolat.com/teamslogo/ 18 KB
18 KB 70ms
68ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/teamslogo/10285.png?v=790
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc4a57972a6fb41be74088626646b9c1c02b8be5cb2142f4fdda77a3693ca96f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 17958
last-modified: Wed, 24 Jan 2024 00:42:17 GMT
server: cloudflare
etag: "a01eae2e5e4eda1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xy%2FeDVuYlhtA%2BO50uQw91qALmcvHGpzh6YJveXbbMNJvjgRiixfF1Q8LY9oMeGYpBqcM%2B%2Fb7qsdO5nMEmW8n%2FEDU3ankR6qpgHOPZ4KZXZlE7UcGibZKGr1k5%2FpTfTlLRQb3VsdX%2BA%2BrXfhtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c5fcb04bc7-BUF

GET
H2 200 11922.png
img.btolat.com/teamslogo/ 7 KB
8 KB 70ms
67ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/teamslogo/11922.png?v=84
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 284e5a3018a69056c0a110ba83169175824f7b677a342d006b463ba29237a8ee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 7425
last-modified: Sun, 21 Jan 2024 00:55:28 GMT
server: cloudflare
etag: "a0327e8644cda1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViQhTqt7I99h0Dffley8rr2rXKtelGSGSUCIOu%2B%2BhBffZu3tRHYOgxn8lmTwxEeRq2DfGaK5FxYTPMfAP8i9tfShNyPnjMZO66YjFgnBowTYyvRyWy9AoFFtxvExhhcikUGYLCYAl%2F1fkHGDBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c5fcb34bc7-BUF

GET
H2 200 8930.png
img.btolat.com/teamslogo/ 41 KB
42 KB 68ms
65ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/teamslogo/8930.png?v=394
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1195fdef981796930b67be17e052c2c7541131a55717fb1228cb029ce8ddfc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 42328
last-modified: Tue, 28 Nov 2023 00:37:24 GMT
server: cloudflare
etag: "806f54e9321da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hl1IR5ZvPtK7730ozI0fD9YOJgTUm3IqLPhdFS7TuhhjH8MbGDk95akesTCyJ7zQOZ%2FnZQ9Naek5tHk5L1Iu%2F8YkZfyx4NKQlICc0c1YjcYeGEcHH98ziqI3rgp3YB%2BVk7ypnbS1L%2FdfVWUbMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c5fcad4bc7-BUF

GET
H2 200 23165.png
img.btolat.com/teamslogo/ 23 KB
23 KB 71ms
68ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/teamslogo/23165.png?v=204
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3207350ac2167aaed31db10ac9fc379890bcdd4bcbc1528e0e96ece7a03615e6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 23345
last-modified: Fri, 26 Jan 2024 00:23:00 GMT
server: cloudflare
etag: "298b85d1ed4fda1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIpTEPH5v03qcckF%2FCbUQq4Dpv07ARJPHTWR0gBwER0Mc2v0%2BXzz%2FMYwktsPYaV%2Fqq3N1uej7fuoF5DI4PhMo16ZVk1vHFy92NPN3LCahH%2BJipT2ysupwv4q%2F2R1jm5bDNdw5HuY1LMg%2FFdVdw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c5fcb44bc7-BUF

GET
H3 200 play-arrow.png
static.btolat.com/images/ 16 KB
16 KB 66ms
63ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.btolat.com/images/play-arrow.png
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9b8fbe907b42a439b29348b6b808725467728ba8df78726254369df21cd276ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 248477
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 16143
last-modified: Sun, 06 Sep 2020 15:29:52 GMT
server: cloudflare
etag: "73893906284d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmnufSe9vsqMmawLMXzEO8tqSkPcgNi%2BZfVcGeXhztSQE4WHV7qOYNv6o0ZQdyWOORhcRKUkexhNLkqWusek1kYpiyX0Fzf721wp%2B9lxEfxwvBFTjtDGGmDc1TGPhffzulmnT8bXwHWc0uU7x7eOXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 84f3f6c56bda4bd3-BUF

GET
H3 200 7aa60c80-8e67-4dd4-bf10-b67bb57443d8.png
img.btolat.com/tourlogo/ 118 KB
119 KB 66ms
63ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/tourlogo/7aa60c80-8e67-4dd4-bf10-b67bb57443d8.png
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f478e0982569b51b6cf2a2596a4509e9e473ab3fd0bc5b149dc69d73fd01326

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6338
alt-svc: h3=":443"; ma=86400
content-length: 121312
last-modified: Sat, 08 Jan 2022 21:29:13 GMT
server: cloudflare
etag: "19b858c8d64d81:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cnL8%2Fr5RmUzJaKQLzgoYBXSehWqlnpqNGB0R5UsX1O2Qf09%2F%2F0HK74baR98eGWouWv2Dx0Gp64uz7j3V3QS%2FoKqxBWTNfikajCfypD0humqbDNlujX5vcGz7j7J%2BSvenXIMaw25aOJH24EJ9VA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c60c284bd3-BUF

GET
H3 200 49fee316-50f3-4228-80a5-728188802336.png
img.btolat.com/tourlogo/ 32 KB
33 KB 70ms
67ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/tourlogo/49fee316-50f3-4228-80a5-728188802336.png
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbd7cad8837207f238d026b3845e11853660fa5b179a6c96b55d0821ab5fb741

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 33106
last-modified: Tue, 18 Oct 2016 12:16:29 GMT
server: cloudflare
etag: "1b8ea0743929d21:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZoAPbHMXyszHDQejo1hLmzbm4qw2ZSX6lJiIEYlEA6UNabSO7YFlHLmEiYp4hmd5B4KfwLjVOjfNMnrcq1TK0SRmA5Pc9Z5wvCE3nltvph7Mi3B0K%2B%2BafrmUEazKvtSlMqhH9sz%2BZqldIu66w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c60c2c4bd3-BUF

GET
H3 200 84aa6db5-64e9-439b-a595-2040420fa1e2.png
img.btolat.com/tourlogo/ 30 KB
30 KB 70ms
68ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/tourlogo/84aa6db5-64e9-439b-a595-2040420fa1e2.png
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1078d66bc3cd244ab4bc95bfa443adece79dd54de00d92c1bf5408b4536635c5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 30529
last-modified: Tue, 18 Oct 2016 11:42:01 GMT
server: cloudflare
etag: "62328a43429d21:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wDWH5SnIsv77CDLkvZ2LiKrTiIVj7hVdUEjv77Tn0%2FqkS%2FT%2FUwhqieLxK6XNMrhX9C9b6Ql%2Bm1lidl5VDyFoCKA6woTJogprn%2FnlMW03trKbDsCeNNrVXPmsdZJ2fLFbAvku5B5g%2FKpeS%2BttQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c60c2e4bd3-BUF

GET
H3 200 fbe24ce8-0123-4de1-936c-bccd9516e16e.png
img.btolat.com/tourlogo/ 53 KB
54 KB 89ms
87ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/tourlogo/fbe24ce8-0123-4de1-936c-bccd9516e16e.png
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8befb2da354d7f317a1d148773743125635d00d5488bae27835566fb4cb253f9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 54688
last-modified: Tue, 18 Oct 2016 13:17:48 GMT
server: cloudflare
etag: "50198754229d21:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDr7O2Rl8E4PRURukU63vR95dPrUAZ3iQ9lleuMsP95nvv4YMfC19SgWBtuNYUVFkYmWAn%2BOEH0tKnhWmbNed8bpQ0MotZfYsov4pR9Z5MLC10JSg3rlmpxatw58eoyGUXSloQCIkTbYNedbPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c60c304bd3-BUF

GET
H3 200 32eab27b-e23c-4d16-ad92-605a1d6ab55d.png
img.btolat.com/tourlogo/ 26 KB
27 KB 95ms
92ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/tourlogo/32eab27b-e23c-4d16-ad92-605a1d6ab55d.png
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc719b2398bf4180d048904f5c37006183bac05f2d152df0795aab4ced853b7d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42973
alt-svc: h3=":443"; ma=86400
content-length: 27035
last-modified: Tue, 18 Oct 2016 11:48:32 GMT
server: cloudflare
etag: "eb8a418d3529d21:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqiFfmNih8Uxzu7lK3cCeJ0cbADBfQINrds%2BK9ylf%2F19r3oXxaznVwxtmIbdyak1pPJB1Kf6qAMIzFgsd1OiUjrzoFASvr0ETmp9ggCgUi6OA%2BWsK7siZQQCli9qP2bGXWZFxoh%2B0BVN7uum2A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c60c324bd3-BUF

GET
H3 200 ed687795-f506-4c5f-a66e-a9520d80c697.png
img.btolat.com/tourlogo/ 49 KB
50 KB 96ms
93ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/tourlogo/ed687795-f506-4c5f-a66e-a9520d80c697.png
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce462ca9cead618103382778ab4de741afec15d84d4a5bbc2f51276a2cafe5cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 50523
last-modified: Tue, 18 Oct 2016 12:04:01 GMT
server: cloudflare
etag: "5c57fbb63729d21:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1s7ejpFHNkqYwjSJc%2FL67bDhGPEkVnmD7IvCiC6Kzn2Fas4hAIQ5XqwWrRsZh32TvrO911W38JWze%2BGUrZMp4CH5BVYZTtD56j5E0jaV2e7L0%2FJOvZJGFYjh7t50Dk50I5znSby4DEty8IIjg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c60c344bd3-BUF

GET
H3 200 f042a93b-625f-498f-bc1d-bf6b68c84fd5.png
img.btolat.com/tourlogo/ 54 KB
55 KB 98ms
96ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/tourlogo/f042a93b-625f-498f-bc1d-bf6b68c84fd5.png
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3123c0416aac4344d7de8e6921ef7c094989473880893f50ae5cb9e74c63c612

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 55605
last-modified: Tue, 18 Oct 2016 12:26:31 GMT
server: cloudflare
etag: "24666fdb3a29d21:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amgVudtfixdw7N6sbhrkXjcx3YD%2FCTRQbGnPYDIHtjcBD7Sg%2F5h7QDwq59Zkaeg9T6G7JIr3DWmkP708YBc081zAWSTjIxw3QSfqZCVLDNp4sFHORzx1yJe3as70qIHaOP3fbZjOydN%2FXrUQhg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c60c354bd3-BUF

GET
H3 200 db09da19-aa10-4e8b-a12b-e97cca2a255b.png
img.btolat.com/tourlogo/ 33 KB
33 KB 100ms
98ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/tourlogo/db09da19-aa10-4e8b-a12b-e97cca2a255b.png
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4588606b9e1bc0f5fc5166c9c48a1ed9ef188c0fcbe16a7ef3e5c9dcd6e996e8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 33557
last-modified: Tue, 18 Oct 2016 12:01:47 GMT
server: cloudflare
etag: "512722673729d21:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkcxJ1G9LqcSEyoaLJ6xu0oORie%2Bz0qXH%2BBFfsHQk8VNSHmDif4YMn5aMCLY4OQsdNmGdF4Qia09xbF7EODAd%2FxNFSZg1bbHCa5ptANp%2FrVWc8vmptSUXb3DlscUXhUmpK4aHMD9YpTgK1%2B1MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c60c384bd3-BUF

GET
H3 200 a0ee0c6d-dbb1-4928-bea3-9c3077a3c414.png
img.btolat.com/tourlogo/ 33 KB
33 KB 101ms
99ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/tourlogo/a0ee0c6d-dbb1-4928-bea3-9c3077a3c414.png
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f6bddf865d5b90bdeb56c1e4316f8be0d5c7fbe8f096554c910984e73a21efc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 33803
last-modified: Tue, 18 Oct 2016 11:53:49 GMT
server: cloudflare
etag: "c1eb134a3629d21:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8wuRrD2kYo%2BqNNxlUPVQovZLBf8Po2n%2B%2B%2FOwKB5GtsFELb9QqZSkKwL0%2FWs1h5C0flxNgVhDakr59vFs%2BDdmMXK0dAwQI%2BCG%2F6YwtlNsHVpnxbXzLdMOj5YJjYdVew6znmhOD3aWPYqqzJefw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c60c3a4bd3-BUF

GET
H3 200 logo-cv.png
static.btolat.com/images/ 16 KB
17 KB 42ms
40ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.btolat.com/images/logo-cv.png
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ff086d4f685c26a98ce7977c05c2d6be61d6a976a1af24f21d8a81820af6d67f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1299689
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 16543
last-modified: Sun, 06 Sep 2020 15:29:52 GMT
server: cloudflare
etag: "e5cd8c906284d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BolyvuN4irmD0zIXf4%2BkgFlOQoNfFa7SN4kEY7KWAEbqUmA4VIkYhs8D6iQAhOBB2T5D%2Fs%2BULAasUwwla5O2LpvB70fXSIwEx4hYrChq782NMV68J633ifdo%2BkhYUkbpf%2FTRuquLD%2FqQue7QAbYtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 84f3f6c56bdb4bd3-BUF

GET
H3 200 popper.min.js Show response
www.btolat.com/assets/js/ 20 KB
8 KB 70ms
69ms Script
application/javascript 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.btolat.com/assets/js/popper.min.js
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 587c080125b135d29a931ed371e50ffc1a9641831c1087de2cd74532815f4560

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 06 Sep 2020 15:29:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 582826
etag: W/"52f4bd906284d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5cmLWqlbOoE%2B2iJXXOuet3s%2BABT5agwQvoRZj0VNUtQHDWwoUe5a1tXmdcIHofNDKBUVUX4qjxKHi6YUOrbwFuQ7IEOTTNOCU4uXXWTN2yb3aXhH9WHjCagh7om6QQgwBfVurwS%2BeUggZDGxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 84f3f6c4ab7d4bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap.min.js Show response
www.btolat.com/assets/js/ 54 KB
15 KB 39ms
38ms Script
application/javascript 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.btolat.com/assets/js/bootstrap.min.js
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 06 Sep 2020 15:29:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 586007
etag: W/"d43a4906284d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4XQtXhsPHkZ2V9piWm5TO03GtDjciRzzWw8gX0DCOUUqPFb8QHxDBj36pPACJbVowSSWXr%2F3e%2FkShKYKS%2F2cibMfvJIf5IfrGPs17dkr%2F3I6waVVmU4S8L4Mw6qYfFAlX%2B3HMSWKB32IuW6Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 84f3f6c4ab7e4bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.lazy.min.js Show response
www.btolat.com/assets/js/ 4 KB
2 KB 37ms
36ms Script
application/javascript 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.btolat.com/assets/js/jquery.lazy.min.js
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c18d5bc93845dc3a04c0262d9afa91dfe91212635381a94702c7ea30f412f9e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 06 Sep 2020 15:29:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 582826
etag: W/"ebe4a8906284d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Us%2Bs8%2FpEevtXOVR7wtqoaz3pIak4w3YMKcGCcaaf3NzT23GhUfeddPmNH8TVxgoC%2B7UrpDF8du0LLrcnOitcI3qlukCp%2BxJS51ZZfQtl2sktvxV26lFmQRUaXwYjr2Lpa57KeVvDGop2j%2Fd%2F1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 84f3f6c51bb94bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 owl.carousel.min.js Show response
www.btolat.com/assets/js/ 46 KB
12 KB 39ms
39ms Script
application/javascript 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.btolat.com/assets/js/owl.carousel.min.js
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cf3905f34060d87775e6010bfcda5aeed37becceb1d7229196ea8e8501a7c0a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 06 Sep 2020 15:29:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 582826
etag: W/"ca4bba906284d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0gkDBzDVI5EEUM%2BEUNQrlupcIFjZXvKW%2F7%2Ba0lxUYl5FH9kxTGdc%2BIcOxxav5R3TqyqHtpso0OhtygOldIV2%2F%2BSrrEj8OtG6Mf1VzEK8lcmNzPJTGQDl1xEPY7mGE02rWHr3ddvC%2F%2FRLPlfcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 84f3f6c51bba4bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 notification.js Show response
www.btolat.com/assets/lib/social/ 12 KB
4 KB 41ms
39ms Script
application/javascript 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.btolat.com/assets/lib/social/notification.js?v=2
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b38a128b788add8d752869a015b0af2811a42bd192c575b972fdca350db821d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 18 Jan 2024 10:26:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 140231
etag: W/"5da9bfc8f849da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHDksKe2lvgUImBhBWCYoH9vLEtuKlcnoT9zb8SjTWkpNrBEbhHJqJGbBz6GcHlmtw1d6E8D9fdAY1D11ry1J4tuaUyPUl%2BdtC%2BzAtR89QEjf2jq76Q3LENCVjMNbG0LbvEB9Je8ieXbeCUu2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 84f3f6c56bd64bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.js Show response
www.btolat.com/assets/js/ 34 KB
10 KB 45ms
38ms Script
application/javascript 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.btolat.com/assets/js/main.js?v=2
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c768a151beeba737f6bdcafecf755cacdcedc0addb237da840766f826567deb1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 10 Jan 2024 07:16:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 582825
etag: W/"dcc84dfe9443da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YwCVQ3%2FFCZIjlROxpvAWaw6P%2BpIdxsyKntO6zJRxAJOeSrVW1D6Ts7DNkU9YyT8oyeHjZbeLrvbNrXhEVAk9anF%2FOutmPDkwq8Dn1kijD6PVcckUM8ai6ByOqUNpTVkrk754Pr3Y%2B5%2FqsxmMsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 84f3f6c56bd94bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 305 KB
86 KB 222ms
114ms Script
application/x-javascript 2a03:2880:f03f:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=770e98f06eebec55f454c7030d5fe69d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f03f:1c:face:b00c:0:3 Düsseldorf, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e6304cbc6414b8f0e4ac98cbed84e091de6b35be714ac116895d8a64eb66171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.btolat.com/
Origin: https://www.btolat.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Feb 2024 16:55:49 GMT
content-md5: 9Xvj0xJCexHu4blnT26pjQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87950
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug: STaqjC2JLWrKo7JrAO0VuqcH9MS5FcCs6fRvRQK+86D0ARm0fSc6Hc9+xzw0sV4EcFR297julKJGYGNQLkL2PA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: c3b1e7b7e234f0aa0f29b3094fb42dbf
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "93b1a36d2e12d259f67d69df155d5745"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Feb 2025 15:28:36 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 114ms
112ms Script
application/x-javascript 2a03:2880:f03f:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.btolat.com
URL: https://www.btolat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03f:1c:face:b00c:0:3 Düsseldorf, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eb92a0b611a67f6017cbe3e9541b673c165939913a07b0801ae9362926b64e08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Feb 2024 16:55:49 GMT
content-md5: DP8z8Wd7Z0p+Vm8G78oe9w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug: hnUHendc0L3/sE/blFMpfMYB+m+4JL2fnjWnaAYQbyNyarll/x6IbPB5fiLG09cEmedVdFYz4gc0AJFze0tLPg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 0c4d849ef758c8f19316f126799c3289
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "bd0d08550caaad608d959ca9632f2982"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 02 Feb 2024 17:12:20 GMT

GET
H2 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
2 KB 117ms
115ms Script
application/x-javascript 2a03:2880:f03f:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: www.btolat.com
URL: https://www.btolat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03f:1c:face:b00c:0:3 Düsseldorf, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2c4ff85d4acb13ae166c4eca2d71cef262ef6a06c3aa75dce78d66f56a7040eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Feb 2024 16:55:49 GMT
content-md5: K81Te0OTGjMQJUUAxGbSLg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2165
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug: IdkEX46q9gChFvz4ZmVB+SxFACg/1KAVV0J0t02zSpwp/FcyRKNLjKWGeNMCLdiBbLJsoBpIARACHx8GNTLH6A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4ea66dab9691f29e273d314d72210da3
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "6cbd8490551ca24b9409266145ed61ce"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 02 Feb 2024 17:06:46 GMT

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 324 KB
76 KB 46ms
45ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/e33a2420443e20bfa49b78c813eaacc658f872b9.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

663a877bbee16a7a3d457d63b6ce5bb8c567942e558742c3a116687897460cec

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 22 Jan 2024 10:11:20 GMT
server: cloudflare
age: 974627
etag: W/"65ae3f48-51169"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1382400
cf-ray: 84f3f6c5696e4bc6-BUF
x-xss-protection: 1; mode=block
expires: Sun, 18 Feb 2024 16:55:49 GMT

GET cn.js
btolat-com.cognativex.com/cognativex/ 0
0

POST
H3 200 GetList Show response
www.btolat.com/HomePageMatchesBox/ 9 KB
1 KB 119ms
118ms XHR
application/json 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.btolat.com/HomePageMatchesBox/GetList
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/assets/lib/jquery/jquery_3.5.1_jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e54a626a26b060dc463c98d3d747faa7172b131cd69f01275edaab4763dad146

Request headers

Accept: */*
Referer: https://www.btolat.com/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sN%2BMy6Od9AKIUYQHN44xfeEZCaFcf56wMxbzB0FUCRpCNBntXbamUb5rb%2B9LP58z1aLUnrF2qWe0eHabVPbISpNfsgqahTLIV3oA8jVf1of%2Fm8QYFiFdJEmrcPYQaT1chTEZLIhvaUOBYQ2bNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private
cf-ray: 84f3f6c57bdc4bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 loading.gif
static.btolat.com/images/ 86 KB
87 KB 64ms
64ms Image
image/gif 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.btolat.com/images/loading.gif
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8fe25e08fd7edd50bc59273ccf05a9909fc1124e942effeb467fb397339db22e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 88480
last-modified: Mon, 07 Sep 2020 15:23:42 GMT
server: cloudflare
etag: "8826e7de2a85d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y73g9XHA8ohITE2zAMDEMIInvQgYtAdOiKjSEf8AkbSMBYJ%2FEENj5IG9LPou32FX%2B%2BD%2BOZ4nAUij%2F3nDpvbd0oJI15b%2BW0XjwaFDbOZI1AlMtbcpYC145PJTGote%2FSz6PpzEsyON%2BJsu9pKZ7%2BKttA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 84f3f6c57bde4bd3-BUF

GET
H3 200 SLXLc1nY6Hkvalr-ao6O59ZMaA.woff2
www.btolat.com/assets/fonts/ 19 KB
19 KB 86ms
85ms Font
application/font-woff2 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.btolat.com/assets/fonts/SLXLc1nY6Hkvalr-ao6O59ZMaA.woff2
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d8552f58c3962ffc54bed6f9a348c2b91b8d5fed219411a49cffa67baa5bbee

Request headers

Referer: https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Origin: https://www.btolat.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
last-modified: Sun, 06 Sep 2020 15:29:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 140231
etag: "164470906284d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUCJrvH7ojzwhHp1KWA7cVzlsucnXU%2FvvtZJ3Ah3k%2Bkg6bgUeF9tRKlnYWijknnQzvaY5%2BwpgNGSG18jMRrypjbkMUUIjQ6jBsNQbDAziRCy%2FVuREnGGhcpef5ItHlgJ6EVojLeHhRHYAIecqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 84f3f6c58be24bd3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 19124

GET
H3 200 SLXGc1nY6HkvalIkTpu0xg.woff2
www.btolat.com/assets/fonts/ 18 KB
18 KB 114ms
112ms Font
application/font-woff2 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.btolat.com/assets/fonts/SLXGc1nY6HkvalIkTpu0xg.woff2
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf23098d0dceb8591e215a9ad2fa5a9c515b7c8e6877c1d0d3ec49b3d81231ae

Request headers

Referer: https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Origin: https://www.btolat.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
last-modified: Sun, 06 Sep 2020 15:29:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 582818
etag: "ed6369906284d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Nef1DRFvXtcbKsMwiH0I4hquggmFo4CegPAfs3OBRJTvjbAWwtAYNq87QsuPSsyOXXPJgKXKPdp55eHZrLoWVTKdSpgrlQItexx163TGmDbwqIn%2FELHUT7ONH6dkLU8nualTrItiQGMaz0rnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 84f3f6c58be44bd3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 18044

GET
H3 200 SLXGc1nY6HkvalIhTps.woff2
www.btolat.com/assets/fonts/ 20 KB
21 KB 114ms
113ms Font
application/font-woff2 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.btolat.com/assets/fonts/SLXGc1nY6HkvalIhTps.woff2
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cb3d6eb9c192f0339126dc9290c8cdc286512f79318d9a6e5033b2ebb93e8cd

Request headers

Referer: https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Origin: https://www.btolat.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
last-modified: Sun, 06 Sep 2020 15:29:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 582822
etag: "8c968906284d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6JOKYAW8PrD0kqCkjYDhzSSD2fu%2BMDkCwzsHKNGmUpiiXYy1%2BOi%2BbIhStPO86uGna790%2Fsy%2FnfkGw1jXYpvGW6thYv%2Blt4dCACkpYNpRGjH6FITuoD61YIBCZjpKWCOeWcRlBYE1cr8XzRMuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 84f3f6c58be54bd3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 20772

GET
H3 200 fontawesome-webfont.woff2
www.btolat.com/assets/fonts/FontAwesome/ 65 KB
66 KB 115ms
114ms Font
application/font-woff2 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.btolat.com/assets/fonts/FontAwesome/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Origin: https://www.btolat.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
last-modified: Tue, 28 May 2019 14:38:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 140231
etag: "5e76f0ff6215d51:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ga2Xh7EC73whqN1dF12HcnooYmKGAnSoH9x2ZLhaC1nbKkzs75B6Gre5ikwyX8Dgx%2FVB%2F8t%2FDeU4Lk4F3GCgd02Pu9ia%2FtnGp46a%2Bbj0QH6x912ER%2BKp38S8a1nf1LpuSyzRzbM1Edm1E%2B5BLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 84f3f6c58be64bd3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 66624

GET
H3 200 SLXLc1nY6Hkvalr-ao6L59Y.woff2
www.btolat.com/assets/fonts/ 21 KB
21 KB 118ms
117ms Font
application/font-woff2 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.btolat.com/assets/fonts/SLXLc1nY6Hkvalr-ao6L59Y.woff2
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c66f4aca2010db9ea45505b5f0ff0a67dfc576ceb36377901474e2aa8e5c34f

Request headers

Referer: https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Origin: https://www.btolat.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
last-modified: Sun, 06 Sep 2020 15:29:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 582820
etag: "8dce6f906284d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UA1Y%2FUq0wUnVG5yr3lWcFdz8%2BaQ4PuK16%2F21eSBt4XEbSsTpAcsQUV9xBhiK04uBNVnYFXRpKUkWZWyaVA1duYo8vBTp%2BNvxEiFbEDdGP9hi99%2BBZ%2BY8CYkqrGLACysaOx8z2YN5XsF1LPJDvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 84f3f6c58be84bd3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 21440

GET
H3 200 SLXLc1nY6Hkvalqaa46O59ZMaA.woff2
www.btolat.com/assets/fonts/ 18 KB
19 KB 136ms
135ms Font
application/font-woff2 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.btolat.com/assets/fonts/SLXLc1nY6Hkvalqaa46O59ZMaA.woff2
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53bb09934363bf519fad500cb24f9acc2b45a1b5169d6478ceb64c740b2cecc1

Request headers

Referer: https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Origin: https://www.btolat.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
last-modified: Sun, 06 Sep 2020 15:29:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 582820
etag: "4daf6b906284d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hri2NIeasE503j2ikopcEauvxe1Iyy7ZkAykqptpGdFQBib6loiWp9JwScNAslAdBgX2dJ4yrG6jpI%2B1TLyz5pdgUSIhZWScnw3m4CzaYUlWSNLq10IMs4nxvYPdlp8P6o5Lzt6VNMtvGUapA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 84f3f6c58be94bd3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 18844

GET
DATA 200
OK truncated
/ 866 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af6e31eb51393c67a65b952cc73449bfb19f60270cdba7c77a00f79243695405

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 SLXLc1nY6Hkvalqaa46L59Y.woff2
www.btolat.com/assets/fonts/ 20 KB
21 KB 79ms
78ms Font
application/font-woff2 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.btolat.com/assets/fonts/SLXLc1nY6Hkvalqaa46L59Y.woff2
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aba1085fe27cf78f0c318ed85f70354c5e387b40376ec90cbfb529040c4aa4f

Request headers

Referer: https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Origin: https://www.btolat.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
last-modified: Sun, 06 Sep 2020 15:29:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 582820
etag: "14ec6a906284d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sP7LeyPWZrdnhJkYRhTGYW21Sb1iAwk59LpX6zuU14hyJwCaWy%2FBd368MxEzw6gJyZgC7nh%2BjwTXqjHSVaV5KYYhhtrlEuZChrewUe%2BUHPee9bCVtCptkgPonJzCatddl72mQ7JHuDCzqkJPPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 84f3f6c5ec064bd3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 20564

POST
H3 200 ConfigUTC Show response
www.btolat.com/Home/ 9 B
492 B 100ms
99ms XHR
application/json 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.btolat.com/Home/ConfigUTC
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/assets/lib/jquery/jquery_3.5.1_jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c940acb0bb5d4c0e39c1e6adb8ded26fceab274ae0708283ad3c5e7269bae7e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.btolat.com/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HlSol%2Fiup5ZZJxWYyi8V%2B5BhKL9U7ws%2F%2BDNjVqVueFclDwC6LTzS2TnOMaX%2BaX0lHTio4vtPwXb3fhWq7n9kqGFlk2tiVGapoVdWX9lnBdXlVq1EG5TJC0SSq7%2Bzllkkey8m%2Fnh4pzajNrDJKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private
cf-ray: 84f3f6c60c3c4bd3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 9

GET
H3 200 boxl.jpg
img.btolat.com/2023/12/9/photogallery/688/ 23 KB
23 KB 100ms
97ms Image
image/jpeg 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/2023/12/9/photogallery/688/boxl.jpg
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5871174e0b2816ab64e1819e8ba696cc4e3620cb439d82e3b69ef2352737b4cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 23183
last-modified: Sat, 09 Dec 2023 16:59:49 GMT
server: cloudflare
etag: "72f7ec1ec12ada1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2Fjc3yDxDAdyNX2YqoMhSXVB7mFThFsi65JJUuiOzMn8rZIMrVAIPflNoaSb8DGhFYh6zjaImuARXJvHK9TEt5mmMYtJox6HjXAuB1WiDZVPK%2FEW2nW%2F%2B8yv%2Fyz2oZm0k59L0OWjsZNc15%2FLPg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c60c454bd3-BUF

GET
H3 200 boxl.jpg
img.btolat.com/2023/12/8/photogallery/687/ 18 KB
18 KB 100ms
97ms Image
image/jpeg 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/2023/12/8/photogallery/687/boxl.jpg
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64c574e4b4b9aec5ee359b4cec763a4ecb125b18e0d6cdc6c75e14239bbefa03

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 18428
last-modified: Fri, 08 Dec 2023 16:24:09 GMT
server: cloudflare
etag: "0f4fdf8f229da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9AxasJ9vXD4wGNcTSz6yrHA0XBRMNaIC7p0LwJpot04ADNJU486e2bLAFI3PGIw5qg52wLf9gwHXWvkIhWWkSwZqOj5zO%2F2pq0PtszY3RyHRf239dvchxe7pKxWONq4zis6%2FDhxOddPmTzNdw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c60c464bd3-BUF

GET
H3 200 boxl.jpg
img.btolat.com/2023/12/3/photogallery/686/ 16 KB
16 KB 101ms
99ms Image
image/jpeg 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/2023/12/3/photogallery/686/boxl.jpg
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00fbc73f4e68d34a100f178839665e9925ca33e6838a3972eaba95c9b7c88352

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 16052
last-modified: Sun, 03 Dec 2023 19:50:38 GMT
server: cloudflare
etag: "142f56fd2126da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0erhiZ1wlsZflFX%2BA%2FjtunDKpJ4WRlLq5MCIj06o7vEBpZK5H%2FYIssHoweE6EBxISx%2BzUqbOm7H7FLuHksEkNLnv%2B8JNSsZ3GZZYIDcdoYDnAi%2BqcflPugJLnRwskLXwFxVZ7Z9H1N4SXPveg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c60c4b4bd3-BUF

GET
H3 200 boxl.jpg
img.btolat.com/2023/11/29/photogallery/685/ 19 KB
19 KB 102ms
100ms Image
image/jpeg 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/2023/11/29/photogallery/685/boxl.jpg?v=20
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fec884d02f6b4e88e58427e9d360203f891b4bd17d5f67c2b0bdd2d1857f388

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 19405
last-modified: Wed, 29 Nov 2023 17:22:20 GMT
server: cloudflare
etag: "c375349ce822da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKacHw%2Bl%2BjVZwLMwWfNVYthPw%2FJWYXjKvmWZxLY3h8Ag%2B04BHxblHygu9ngS0%2Bd4wgVlTJtCkPKBo9TxZG7WVprWMP5CvVV17dwPZvflSQ88m2U3NxdThRZkhNKvgINFTYi6NU%2Bpr5sv0ROTjg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c60c4d4bd3-BUF

GET
H3 200 medium.jpg
img.btolat.com/2024/2/2/news/336428/ 20 KB
21 KB 94ms
92ms Image
image/jpeg 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/2024/2/2/news/336428/medium.jpg
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66903d7fc339c501a29476768b01da8f7e3016190a5fa7a8138762aad6c6f9a7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 20813
last-modified: Fri, 02 Feb 2024 16:12:42 GMT
server: cloudflare
etag: "f8ce6ba6f255da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJcWl3gXyHcJvLgKP4%2FAJ9l9lGeeqlDhHliFC8iYv6KgtBpUG7vA4UsUSGTHoJQ%2BkFG4gJO0W0x4L8dePvJUn4yB%2Fk0BnW4Kug4K8gpNR%2B6Xa%2Fkterb1NMXrw1YFkCOwTqKd%2BPALlQYWXSr0qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c61c764bd3-BUF

GET
H3 200 medium.jpg
img.btolat.com/2024/2/2/news/336431/ 18 KB
19 KB 94ms
85ms Image
image/jpeg 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/2024/2/2/news/336431/medium.jpg
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68f33dec93b3fbcce8ef912d1e754b1d195e90120ab867132b9c43706151ef24

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 18853
last-modified: Fri, 02 Feb 2024 16:45:02 GMT
server: cloudflare
etag: "7eefea2af755da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqYb5ynq9LkXBwyx43PDw2BAPzIxMob70fBaEn7A86tWySZ%2BJmCxampp5PS7sU0asANIH%2B1p8hP9NcWrzs%2BsLUW6jdcPJGsHCypWBIt2UQfroTqxrOktaYbdRhlKMuzzzYGSZYYeK1CaNpsBEw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c62c894bd3-BUF

GET
H3 200 medium.jpg
img.btolat.com/2024/2/2/news/336429/ 23 KB
23 KB 95ms
87ms Image
image/jpeg 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/2024/2/2/news/336429/medium.jpg
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06a5906acf4db557646d52372985803b866900b2827c64b16b0d072431165232

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 23398
last-modified: Fri, 02 Feb 2024 16:20:07 GMT
server: cloudflare
etag: "9fbbc8aff355da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlrZ0FlwcZP5jvLC0UO4fqarpelbxkaYetlkFLqZez4dvwX8RlSclDBLG9sU5Fm7SCV34T2Cl7ZcsOGm9YuymzNk83rgkLPVG8OumpU%2BcRRSTAzJ%2BptFuAjych4DHYNC3M%2FwoqrpgHi5QkrndA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c62c8a4bd3-BUF

GET
H3 200 medium.jpg
img.btolat.com/2024/2/2/news/336414/ 20 KB
20 KB 96ms
88ms Image
image/jpeg 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/2024/2/2/news/336414/medium.jpg
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 987276ad08d30939966de1f4095ae854f1b897a4b81004aa6ca73f52db285e66

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 20235
last-modified: Fri, 02 Feb 2024 13:42:03 GMT
server: cloudflare
etag: "540b39add55da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=on41ue987SSzGsI6jl8XZTzb9Hzv66jv5Qk2iu7nByEpQ7q5fLlOWlB7X0cSIdkfjxJrBWFRGGr77UwPxQ4Jq6fOvu0onTmZL38Wmga6QqLWhKxcMRjozpWZw8TG%2FM1yVC%2FuKzTRJFfRYInvOw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c62c8d4bd3-BUF

GET
H3 200 medium.jpg
img.btolat.com/2024/2/2/news/336423/ 7 KB
8 KB 104ms
96ms Image
image/jpeg 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/2024/2/2/news/336423/medium.jpg
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4328d7fd75e056c121030d8c8784560c9e0c442e07485d6c29ef849fa675a1e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 7236
last-modified: Fri, 02 Feb 2024 15:21:17 GMT
server: cloudflare
etag: "a66b9877eb55da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKdclfsWhHZT6HA6Q%2FeSPvjFUeXJPBPS%2Fu%2FSJbPr5vfGTUy6ES%2FfC9r0%2FgNEDgMTdbjCo9Ci0dj6ZusCLK3ap4tNTEzCqAnWRfbaalEQ0S79m0%2Fjj6mSh%2BLTasrb08I8%2F%2FiTs%2BUgOMQT6hZdng%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c62c8e4bd3-BUF

GET
H3 200 medium.jpg
img.btolat.com/2024/2/2/news/336432/ 11 KB
12 KB 104ms
96ms Image
image/jpeg 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/2024/2/2/news/336432/medium.jpg
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cca105a0c09196e6f90934724a2870903f11f52200da693f399155a5f6ada8a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 11454
last-modified: Fri, 02 Feb 2024 16:49:34 GMT
server: cloudflare
etag: "b0b38cdf755da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhavglFqyK9hgPHdpWB38l7flY12v9DAfympXptIo0hCWeYi7k527NMZ2k4XzlOGYNkIdfvna%2FrN8f%2FOBgYSUFiE11iNVdHlEm5cv52Quzo%2FxBekE4We5IvNFd%2Fo6eCOOLbIo92vNqrd7jEtgg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c62c8f4bd3-BUF

GET
H3 200 medium.jpg
img.btolat.com/2024/2/2/news/336406/ 14 KB
14 KB 104ms
97ms Image
image/jpeg 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/2024/2/2/news/336406/medium.jpg
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6592044a6fe7196d2c94fd47b47174b82af18d8a4bd3d1c7e8326663d506a4e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 13848
last-modified: Fri, 02 Feb 2024 11:40:03 GMT
server: cloudflare
etag: "6be4e48fcc55da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MD%2Bitb%2BXo7Jziy3fDG8%2FWWRqN37XZS%2Fb1OwA79wAr1Tg1fVSn3QtsZEqlBnvImYlyr50h%2Fqnb%2FCaNHOlvmZ0IHnxF2CHPJckCaVzZSULGh0YIu%2BrWdTFGOeQcvg%2F17qZq6x3rCAaUeL35uyKHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c62c904bd3-BUF

GET
H3 200 medium.jpg
img.btolat.com/2024/2/2/news/336430/ 15 KB
15 KB 104ms
97ms Image
image/jpeg 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/2024/2/2/news/336430/medium.jpg
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976874c659c57019b3aea59421a6b09746551c14bb0348b695b3138f2dfd9e5d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 14925
last-modified: Fri, 02 Feb 2024 16:40:18 GMT
server: cloudflare
etag: "5a9e6d81f655da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0I%2F0fCGN5lYCpklsiHMqya2bTuJDO9B%2Ba9%2FGJkUxPgRhrPS1pw4DwVykox97dfqYv6lotoTkY2OM608na0hvhxC8MQWYnyNHN1e%2B1R14LQfKTXyRI%2BJNufxEt3s4P%2FElrnje2vPEJA2gmPPpYg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c62c914bd3-BUF

GET
H3 200 medium.jpg
img.btolat.com/2024/2/2/news/336427/ 20 KB
21 KB 106ms
99ms Image
image/jpeg 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/2024/2/2/news/336427/medium.jpg?v=55
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45525d7344ce66396376e0d74934921bd1249227825c9997ed3753bef99997cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 20539
last-modified: Fri, 02 Feb 2024 16:08:55 GMT
server: cloudflare
etag: "3fc21d1ff255da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D69xCxJhpDLVJoMBYIdJoJMVbqCK0j9gRy5ESZlonkve9HctmNI8IKJSmi%2FDBNjvpz9r1mfynu20BXsd6mhBrQl3Hcnr5skGmg7Vyta6Bzw%2ByVpy59rOD79eclD%2FHFHvMx8%2FKZmftfVJ%2B3wXJw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c62c934bd3-BUF

GET
H3 200 medium.jpg
img.btolat.com/2024/2/2/news/336426/ 13 KB
14 KB 108ms
100ms Image
image/jpeg 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/2024/2/2/news/336426/medium.jpg
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dc5eb5a1c1047fe35716d547f786b2e6dab88eb710055dd6e17fdd67905ba2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 13481
last-modified: Fri, 02 Feb 2024 16:03:10 GMT
server: cloudflare
etag: "27d56751f155da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xM6Kd6TrkF%2FPCBRtRjJUOSeI7MMlvTCblPl0jdajofXu5cYPa%2F2D8okkyPEnsc6vXeax2Ydfwq07J%2BNBr9ozl5WnGTpcv%2BS2pUTDbDIhZVjyOR0KWSVmuvFtEVjNV1s4M%2BbxYd8860vHhLc5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c62c944bd3-BUF

GET
H3 200 medium.jpg
img.btolat.com/2024/2/2/news/336425/ 10 KB
10 KB 105ms
100ms Image
image/jpeg 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/2024/2/2/news/336425/medium.jpg
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 267bcaa6d5c8b423764b143f8cc0d50986cc404efaa6b38deb9927d7a01460d8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 9936
last-modified: Fri, 02 Feb 2024 15:46:53 GMT
server: cloudflare
etag: "b87952bef55da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcPp8x9i14DHn0p%2F%2FPulRdBHa2JAqGovT2gCpsJeFFb5R%2BMQn%2FopH%2FpIoEhcJ%2FszvQ50FdYQ8Ju74aD72m2PZQkiH4p0fGpkGgWolLSG5j%2B3TjTPT8cv3JwJJEEmDZl31Vf4Iiy7PpvMTv6nCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c62c954bd3-BUF

GET
H3 200 medium.jpg
img.btolat.com/2024/2/2/news/336424/ 8 KB
8 KB 108ms
103ms Image
image/jpeg 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/2024/2/2/news/336424/medium.jpg
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ec6f2a376e33e43dd0ac32946a6fed1e1b865f258886da1d1d8aa800ad4d694

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 7829
last-modified: Fri, 02 Feb 2024 15:41:01 GMT
server: cloudflare
etag: "ac123f39ee55da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cbYQkUS5Ulvg25WvGUhq0IxyTctzSD%2FdZgB7OvyD4wBElCS6keKM5ghf0jmHvhykA83B1Kykpc2sq%2B0mYPliOi93gvGmg9zrcV0Ajkod80SlN9mhjh08uyyp4445Bga3jn6xjGAK5BSFg5q9w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c62c974bd3-BUF

GET
H3 200 medium.jpg
img.btolat.com/2024/2/2/news/336422/ 8 KB
8 KB 108ms
104ms Image
image/jpeg 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/2024/2/2/news/336422/medium.jpg
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59289e96a9b37e4668081ef40bd08bff0af822699ee8a23b8c8c1424f5717720

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 8203
last-modified: Fri, 02 Feb 2024 14:57:57 GMT
server: cloudflare
etag: "13503835e855da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E11BOYylUU9ft5BXDjZKHAqIw901R7ZPqWC7%2F4S0yey7BQcSvqVgCf9lCOxinfV4Kd5i9nOuDtgZvIo5ZmOj9jCaeiNjknbmm1iOfHOjw7HIXGhXzWiUG2CK9rpH9GrZ9X0geMYPph7Fxol5mA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c62c984bd3-BUF

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame 5ABB 4 KB
1 KB 52ms
40ms Document
text/html 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.btolat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
age: 798423
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 84f3f6c659ca4bc6-BUF
content-encoding: br
content-type: text/html
date: Fri, 02 Feb 2024 16:55:49 GMT
expires: Mon, 04 Mar 2024 16:55:49 GMT
last-modified: Tue, 07 Feb 2023 10:27:13 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H3 200 16837.png
img.btolat.com/teamslogo/ 2 KB
3 KB 84ms
75ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/teamslogo/16837.png?v=45
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff66c7021cb249375c8249c2a22f7b78a907d179a42f510de3acd707b44b4d6b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 2542
last-modified: Mon, 22 Jan 2024 00:00:00 GMT
server: cloudflare
etag: "aab70f1c54cda1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lj0BvnLmQMWdwMC%2Bx2ttKdAElezyQ%2BvGSRF7jO7sMQGz22JLI9%2F2R03yxoNAOnuhU75Snw%2F4WyRHLShwHgy9TP04YB8SQPNIoyWEKQ%2BCiBciu54vzR5OwXbf4Jm6AjZsyZvjQoqIyV1EJ7Ylg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c65ca74bd3-BUF

GET
H3 200 12196.png
img.btolat.com/teamslogo/ 20 KB
21 KB 84ms
76ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/teamslogo/12196.png?v=438
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 694862fded68c26a6d846df4aeaefab129f532681e387581707ba132837ffbb5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 20591
last-modified: Mon, 29 Jan 2024 00:59:53 GMT
server: cloudflare
etag: "28f3f5774e52da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyeSDzkpd3KG25fl%2B9uWl0s40OXSfVn7g%2F7wHPbSN7n3A5QFyWDtGRAV6zUmbhkjvxmkaUxVd%2BnJzj1PLDZktHqFGmf%2F0UwMLPfjc954RxOidAyhG%2FgQtIdP9RT%2BLI%2FTi2brvgZDhfmPtrE%2Fhw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c65ca84bd3-BUF

GET
H3 200 13584.png
img.btolat.com/teamslogo/ 18 KB
18 KB 85ms
77ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/teamslogo/13584.png?v=738
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38b93a380a25062cc97b648adf99e681b5f5ac899d618e4e5138a8fff0d8e581

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 18463
last-modified: Thu, 18 Jan 2024 00:20:29 GMT
server: cloudflare
etag: "a2a28a24a449da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITSSyrTgM7YMh36eTvtxAsiGJ6loLmiNNmOub6j9dlp%2FDOmoSZso93DayjZvEm53DER%2Bw2JoaaXMV5OB5yogHNt1b%2BI6BPhJ1aPvGYfd%2FZtPcLcVUKAfQOvwU1TzgfuqWXpLUAT62czvSdrqVw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c65caa4bd3-BUF

GET
H3 200 5842.png
img.btolat.com/teamslogo/ 14 KB
14 KB 85ms
77ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/teamslogo/5842.png?v=611
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00760f0f99baca15aee36219035d322b28a51c435c1576984a4cbaeeb9484814

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 13899
last-modified: Tue, 23 Jan 2024 00:29:59 GMT
server: cloudflare
etag: "ab26474c934dda1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLVgnps84oji4z29EQi3p0qRoXKHI8KJOTrcq6k3vlpde6%2F7CDFr3TG2nJAikPugOuyO%2FOSu7VD0m%2B4iqE2ENwQYdOonkqcM17WjiZqH%2BEHgiXBIY%2BaPyTOBz4S0Ki8Q3sT9gsm7aLaqJfmxQA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c65cab4bd3-BUF

GET
H3 200 10433.png
img.btolat.com/teamslogo/ 10 KB
11 KB 86ms
78ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/teamslogo/10433.png?v=19
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88dbd445a9da748d92e5c6377c32a461cfb02bab123007b08241ce50af040889

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 10559
last-modified: Fri, 02 Feb 2024 00:08:26 GMT
server: cloudflare
etag: "63a5ef16b55da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bf%2BHShBxocc0PzFLGUP5drWybz9SCbKz3x8CQC93bdo2vh0oT%2FKFC4tdKDJ3s6b5q%2FfO8CRJKQvgQSmwkFzpHDovx%2FSyQFKZmWrb%2BL0FWLeomvhsHHbuFpPnKXdUzPLj6yi0XUE1zyg%2B8U4idA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c65cac4bd3-BUF

GET
H3 200 10303.png
img.btolat.com/teamslogo/ 11 KB
11 KB 87ms
79ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/teamslogo/10303.png?v=44
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 448d631ee06f79f0281913f71dcbd540551f7e274d9f6da67d6cb04942f371ca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 10804
last-modified: Fri, 02 Feb 2024 00:09:44 GMT
server: cloudflare
etag: "acd1df1f6c55da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YyR3W1nAm6zkVc8eK07rvYvVQx5y4lhbLP8Pz0D2CqOl7%2FMr6Y5wECdHAiGwFe9HFyOqXeAc1PS4X1UXzO9rFq2%2FdytCUP%2FfkrYM0LaWdw%2F1eG3FOAM5sFlBfrXgLrpZPhxEgzunixqQtLkcZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c65cad4bd3-BUF

GET
H3 200 10124.png
img.btolat.com/teamslogo/ 13 KB
13 KB 86ms
79ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/teamslogo/10124.png?v=179
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9a5dcab9c4f4abd7b573c15c8e645ed53d3108e09c4e4253ddc1fba49d6c34d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 13117
last-modified: Fri, 02 Feb 2024 00:04:24 GMT
server: cloudflare
etag: "b35e38616b55da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0BuAWD6zFjpdMwdKBGlO0DWP4YdTEmlzMJ7vYQuy0qDyz5rbDf%2FUQrDZvb2FjJ0Eh1NoZOjauiJq7DCR07eEIqBvTkg36ofk%2BH8tI6NSMKXw9jCucjczCdv%2F2q6XvPgWlwK%2BzkcDFU%2FE4knosA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c65cae4bd3-BUF

GET
H3 200 8173.png
img.btolat.com/teamslogo/ 18 KB
19 KB 87ms
80ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/teamslogo/8173.png?v=991
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ef57e3b68e991e7f960f5d5a82a179d01df0ca2dfcfc5919496610b1f112bd2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 18810
last-modified: Wed, 24 Jan 2024 00:31:29 GMT
server: cloudflare
etag: "22d08fac5c4eda1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kG%2BcSb6sa4QhEzePalQOyDE88iv050ysc091o6%2BgPQTMuO%2BVZOx4TQXK27dGeYqVWzZ4ijlgpaT5Rp9%2FX7A0LGbhCNFw0nHQXvt9YH%2BHISwYLM3XsnKmz%2BOJln%2FL4L9%2B82Dz6Ib9Y6ZOt%2ByZcw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c65caf4bd3-BUF

GET
H3 200 10963.png
img.btolat.com/teamslogo/ 12 KB
12 KB 87ms
80ms Image
image/png 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/teamslogo/10963.png?v=53
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f06f40eba9a86a026036462084bee29b78224fb6aeb84ffe1f47dd147c72352d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 12069
last-modified: Tue, 23 Jan 2024 00:23:25 GMT
server: cloudflare
etag: "86621a61924dda1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DQDABSeJfsl6XkQ8ceyFVALV9mGQkLFAzHy8xDdUJDFwd%2BsQNMSBnUf1ANJIFVYn4e4tshQU8CfVWVRv%2BgJ042ZSK6saOec%2BOatKq%2FP5PBgMm1YgRrdeB211Dj9ecV6WHHalz8lskZeZszZZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6c65cb04bd3-BUF

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 331ms
109ms Image
text/plain 2a03:2880:f13f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=294875567365157&ev=PixelInitialized&dl=https%3A%2F%2Fwww.btolat.com%2F&rl=&if=false&ts=1706892949516

Requested by

Host: www.btolat.com
URL: https://www.btolat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f13f:83:face:b00c:0:25de Düsseldorf, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 02 Feb 2024 16:55:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/ 436 KB
136 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:40:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 895
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139565
x-xss-protection: 0
server: cafe
etag: 12534472742743793976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 01 Feb 2025 16:40:54 GMT

GET
H2 200 projectagora.min.js Show response
palibzh.tech/libs/ 367 KB
103 KB 182ms
51ms Script
application/javascript 2606:4700:3033::6815:5ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://palibzh.tech/libs/projectagora.min.js
Requested by: Host: pahtuo.tech
URL: https://pahtuo.tech/c/btolat.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c09919f06ceb799754bfe3810c1955cb270dc433e8eebe6c55ffac70db4b732f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: F2K4VEJ5SVXB6MNY
age: 4052
x-amz-server-side-encryption: AES256
x-amz-meta-version: 3.20.0
alt-svc: h3=":443"; ma=86400
content-length: 104452
x-amz-id-2: 9cn2cZN5QAIOXURqBVrz5yKtb1Mh2tSscknKOSuBqT767nnbbAsIu+1lWIaPYeSr/VZ63F3CPd4=
last-modified: Mon, 22 Jan 2024 12:32:42 GMT
server: cloudflare
etag: "edf92d9be2cd081a45cfbe08e49a0092"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8iaAbykvq9EwXv6ZG2z5kNaeL2SVgR847SILBCnoooh%2B6DlkcKNxajObS%2F8N2VCWlEGUTA0qneOcgUMQHX5M7541D2T0nwScGg6kiJTErj7dW%2BC0iAUJbMsNER2yD40DRljVU5NojwqH8I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84f3f6c7fa814bc6-BUF

POST
H2 204 collect
www.google-analytics.com/g/ 0
253 B 97ms
38ms Ping
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8D6S73ZBHH&gtm=45je41v0v874051100za200&_p=1706892949148&gcd=11l1l1l1l1&npa=0&dma=0&cid=191236476.1706892950&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706892949&sct=1&seg=0&dl=https%3A%2F%2Fwww.btolat.com%2F&dt=%D8%A8%D8%B7%D9%88%D9%84%D8%A7%D8%AA&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=903
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8D6S73ZBHH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.btolat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 106213651 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 141ms
73ms Script
application/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/106213651?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7aae1c8ba31001d9f86bb039d6651315f2556d36335f9548149ac4f40000f225

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-AtF6jiolu5Hktn7QF87MYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-AtF6jiolu5Hktn7QF87MYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsOoxSXF4KshxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5l4vr5kkgBiDSB-J_mK6RsQ7_DxYHkTPp2VK2I6K1vFdFY-II6rm86aB8R866az6q6fzrrlzHTWPUAc83w6awoQL2adwboaiKcEzmCdA8Qt0UA2EDulz2ANAuLPmTNYfwOxb_0M1lggLrt9jrUOiIXlzrNKA7EQD8fUvV_WsglM-LVjOjMA4p9Z1A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 137ms
137ms Fetch
text/plain 2a03:2880:f13f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=219054418138691&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.btolat.com%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=770e98f06eebec55f454c7030d5fe69d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f13f:83:face:b00c:0:25de Düsseldorf, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=()
strict-transport-security: max-age=15552000; preload
date: Fri, 02 Feb 2024 16:55:49 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: 2cEzXSZRM/dDrhWDSUTpITTMzi/kYxCyczPt5Rx4p43tyahV1UjG4MPXHkz0RX8iPXRH7XKtn1ZTjCX/u9YD3w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.btolat.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/btolatmena-p17602488/ 674 KB
58 KB 69ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/btolatmena-p17602488/loader.js
Requested by: Host: palibzh.tech
URL: https://palibzh.tech/libs/projectagora.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7b520dd3caf8992dae95a6909e9b27af88b88ce2de00bd96cf73611a54fb2c02

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qMLDZfo4XzJOm8Iay283lq8qygFrJDNG
content-encoding: gzip
via: 1.1 varnish
date: Fri, 02 Feb 2024 16:55:49 GMT
x-amz-request-id: YED2PG7H4BPZ2MXT
age: 24
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 58462
x-amz-id-2: dzYuwGJ09uJNYqX3vtIJmUhoNlXG0k/R8r/TwtFjLBXjhyDK5rKMyYJHSlhlyApMnVQODLF9uk8=
x-served-by: cache-yyz4556-YYZ
last-modified: Thu, 01 Feb 2024 10:15:50 GMT
server: AmazonS3
x-timer: S1706892950.926069,VS0,VE1
etag: "dce23ae9d312cf397486fff9d91ce17d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 41
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 xtb.min.js Show response
cdn.exitbee.com/ 58 KB
21 KB 128ms
38ms Script
application/javascript 2606:4700:3032::ac43:b2aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.exitbee.com/xtb.min.js
Requested by: Host: palibzh.tech
URL: https://palibzh.tech/libs/projectagora.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:b2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c804a48c27c95ece02166174d1ed784187384ae36ea58848fd362f30824d21f1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 659
x-guploader-uploadid: ABPtcPqBTfIFBboG_G8h8PlL4pYidEs1wOlR5qSs_mnEwwf--V_tXdJyCWxQlJxWcd6RqvccqZtz9NXF9RjubFXUrz-ClA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jul 2023 13:16:53 GMT
server: cloudflare
etag: W/"e18d7a0b2b82d7299647e58634778c51"
vary: Accept-Encoding
x-goog-hash: crc32c=1Bru1g==, md5=4Y16CyuC1ymWR+WGNHeMUQ==
x-goog-generation: 1690291013680966
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQu%2BzrQLN8y6H%2FQ%2FgyAewEV3XPAESVtzPfHlLSy%2BktwKmBU3TSFY1xsUfL6PNpbfHVP0Aj6r5PYBmdFpHEzK5A1aAMiP4awVNJEszHMdCT%2FSfMrLQdhxzPttKaE7nkadVBNCXmp3K94OG2GW68A%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 59423
cf-ray: 84f3f6c948414bcf-BUF
expires: Fri, 02 Feb 2024 17:11:38 GMT

GET
H2 200 AGSKWxW52DNX0Ibf7AvLjfUpcQhK3eeBTrp5fuqlxxQxSCSnw3PuFVaq_wj9sCjQpF7r4ppro1SmKiDLNjC8ZrJk-MskLBjSWQfQS7_gnSDiuZUELFIXho647PUnPSoadY2CaPZ0xmewsw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 67ms
66ms Script
application/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW52DNX0Ibf7AvLjfUpcQhK3eeBTrp5fuqlxxQxSCSnw3PuFVaq_wj9sCjQpF7r4ppro1SmKiDLNjC8ZrJk-MskLBjSWQfQS7_gnSDiuZUELFIXho647PUnPSoadY2CaPZ0xmewsw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2ODkyOTQ5LDk0MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuYnRvbGF0LmNvbS8iLG51bGwsW1s4LCJEVmo2azJsUUtVcyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.DVj6k2lQKUs.es5.O/am=wA/d=1/rs=AJlcJMworyhFgXmYbi3tXdGV6oQwMuLjDQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71b6dff9ec67e79aaffe745d29812a1e3699e8c303bd08e7e6259fe4ffcd0d67

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GM4ye9YEC_DxnzKqApKb3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-GM4ye9YEC_DxnzKqApKb3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4KAhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5l4vr5kkgBiDSB-J_mK6RsQ7_DxYHkTPp2VK2I6K1vFdFY-II6rm86aB8R866az6q6fzrrlzHTWPUAc83w6awoQL2adwboaiKcEzmCdA8Qt0UA2EDulz2ANAuLPmTNYfwNx2e1zrHVALCx3nlUaiIV4OKbu_bKWTeBH69EbzAAZ9Fce"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 186ms
115ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 5f58802b09f895c51c3907296a66aa5f
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 97ms
27ms Script
text/javascript 108.138.128.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:07:04 GMT
content-encoding: gzip
via: 1.1 d877346b368e974486e739220882b59e.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 31727
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: BaB2zZm6zHT5D1lM-mpREPMJIVtRT5_tP68ICl8yCmUYzBg4uEazEQ==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 95ms
26ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 08:07:44 GMT
content-encoding: gzip
age: 809286
x-guploader-uploadid: ABPtcPo1HT_cc7tLNkJ5Rlyz7bViWl5eRkoGe6AjskMODd3RIDISMGEF5KQxRlAFn1HF_19iGa4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 23 Jan 2025 08:07:44 GMT

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 156ms
26ms Script
application/javascript 2600:9000:21ea:c600:10:dd8:5e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21ea:c600:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:45:45 GMT
via: 1.1 7f59e30d6672b7ea91c10bca6108d29a.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'
x-amz-cf-pop: EWR50-C1
age: 606
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8730
x-amz-expiration: expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified: Tue, 17 Oct 2023 13:17:45 GMT
server: AmazonS3
etag: "c46e30de24d0f12167e302e9e32ff4a5"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: y072rvQfWN-g-BBJh-HGKCotAW80CcBR5hCec5b-aY6Xc6VPVvykzw==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 205ms
99ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 18 Jan 2024 07:12:05 GMT
server: nginx
etag: W/"65a8cf45-a585"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Feb 2024 16:55:50 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
6 KB 111ms
58ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c053296a9992bdff00722df969399ef088f8cc97b3c61811d94fde5dcb039967

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 01 Feb 2024 19:04:32 GMT
server: cloudflare
age: 77316
etag: W/"65bbeb40-42d0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 84f3f6ca0fd536ad-YYZ
expires: Mon, 05 Feb 2024 16:55:50 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
902 B 110ms
31ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Feb 2024 16:55:50 GMT
x-content-type-options: nosniff
content-encoding: br
age: 33261
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-nyc-kteb1890077-NYC
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
404 B 74ms
74ms Fetch
text/plain 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1677513056325833&correlator=1073414368089604&eid=31080791&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fifs&gdpr=0&iu_parts=283733231%2CIdeaProgrammaticBtolat%2CBtolatInArticle&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=1x1%2C1x1&ifi=1&didk=4240517600~2034687731&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1706892949973&lmt=1706892949&adxs=-9%2C-9&adys=-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.btolat.com%2F&vis=1&psz=0x-1%7C0x-1&msz=0x-1%7C0x-1&fws=2%2C2&ohw=0%2C0&ga_vid=191236476.1706892950&ga_sid=1706892950&ga_hid=461504789&ga_fc=true&dlt=1706892948977&idt=732&cust_params=Btolat_League%3DHomePage&adks=1219129674%2C3205783397&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

317167a1450aef9fc1f9f55e04b3bec22c75ec28e512938f09149c290706b0eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 374
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.btolat.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 655 B
313 B 4133ms
4130ms Fetch
text/plain 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3facec91842124c9cd42006ec4c9bb3ee4a59b84bcb1ca77fa42232fb0209232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 283
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.btolat.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
15 KB 4134ms
4132ms Fetch
text/plain 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c91a30c0e50400550b487126118ebbcf5439b4410a997893f1a7c96f4e967356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15029
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.btolat.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
15 KB 885ms
882ms Fetch
text/plain 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d2cdd6a3294a3ac5d4a4495822b01f60a793c9081759e2a79bdecacc4eec47a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15033
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.btolat.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
15 KB 379ms
376ms Fetch
text/plain 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99d21169095c7dc6c8314f18e7e6b198fed51afd5b58684f68f8bd1645dcfaa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14991
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.btolat.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
15 KB 3834ms
3832ms Fetch
text/plain 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8249e082115c5e858fdb8beac27ef3cd2df1bc2bda577b1afaa1f1a53b6c9fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:53 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15030
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.btolat.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
15 KB 4541ms
4539ms Fetch
text/plain 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

904af3f64e47ba074ef1030a488f0a44eacf3b779d7a45a0c5c6c772463b8661

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15023
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.btolat.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 655 B
316 B 4538ms
4536ms Fetch
text/plain 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

877cdfa04964a9e81e0b716c850a75dbdab5954f92e8b753e483f4093ca5ec17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 286
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.btolat.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
13 KB 91ms
89ms Fetch
text/plain 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1677513056325833&correlator=1073414368089604&eid=31080791&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fifs&gdpr=0&iu_parts=22892919920%2CBtolatFooter2023&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=10&didk=607409652&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1706892949997&lmt=1706892949&adxs=0&adys=4292&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.btolat.com%2F&vis=1&psz=1600x4292&msz=1600x0&fws=4&ohw=1600&ga_vid=191236476.1706892950&ga_sid=1706892950&ga_hid=461504789&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRjS8_3V1jFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjS8_3V1jFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGNLz_dXWMUgAUgIIZBIZCgpwdWJjaWQub3JnGNLz_dXWMUgAUgIIZBIXCghydGJob3VzZRjS8_3V1jFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y0vP91dYxSABSAghkEhQKBW9wZW54GNLz_dXWMUgAUgIIZA..&dlt=1706892948977&idt=732&cust_params=Btolat_League%3DHomePage&adks=3517830795&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0c9a9eb7454c1f1a9519e6eb7eb1fd331966ce401a869acfb6d29bea4b7b8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13031
x-xss-protection: 0
google-lineitem-id: 6383636573
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138446714762
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.btolat.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
17 KB 4555ms
4554ms Fetch
text/plain 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67ac59eb8f1911ed3ea10baac36fbce1e6b5b73b33a83dc5289da11c22d2acca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17749
x-xss-protection: 0
google-lineitem-id: 6494381007
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138461193150
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.btolat.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 646 B
306 B 4547ms
4545ms Fetch
text/plain 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7c37708941ba6aa1d633badb37269ac5adaa76ed77a53986cecfb0c63b7145a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 276
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.btolat.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A7B5 6 KB
3 KB 122ms
39ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.btolat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 16:55:50 GMT
expires: Sat, 01 Feb 2025 16:55:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxUBAHmLN0rnqxHAz2Y796jfxpLg1Llcfr3yczSoT6kpSGUpxmP9p_4bOqsYP25z5LWEvbLmcx36lUCSAnaF7NcYcq24PLJVEHZUc72oOZaCoQD3EVijNvXvxkm9dUS8eDfniQqM7g== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 76ms
75ms Script
application/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUBAHmLN0rnqxHAz2Y796jfxpLg1Llcfr3yczSoT6kpSGUpxmP9p_4bOqsYP25z5LWEvbLmcx36lUCSAnaF7NcYcq24PLJVEHZUc72oOZaCoQD3EVijNvXvxkm9dUS8eDfniQqM7g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2ODkyOTUwLDM4MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5XSxudWxsLDIsbnVsbCwiZW4iXSwiaHR0cHM6Ly93d3cuYnRvbGF0LmNvbS8iLG51bGwsW1s4LCJEVmo2azJsUUtVcyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d52a64488263a8b7be682fd9f84caf1a4522adf543b7a421fc979b0addc31f4c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ssOMs2ZjKbIQQ7es7iB64w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ssOMs2ZjKbIQQ7es7iB64w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNxj0LQWEYBuDjySMOSSw-ymQ4kTKaTQYGFopMSlIyycLEP5D3DMpgFBaDgc0oMkkMFg6SxcfC4B6uuuSFzi-7pbjiltaRA21h4zvRDurSmVpwTJ3pAiFFozBUShrVQPe7kAkerytZ3ldyggIP140-MI1F9feUYDkt2FATbIVcQ3AZrCPBwbHgyVLwDLKa4Dz0WeUBtBMqd6GZwSFSUDkJz6LKX6juV9wAh3fNHrCbjZ35a2iwTXv9wB_Li1Yz"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl.20240131-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 846 KB
175 KB 19ms
18ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240131-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/btolatmena-p17602488/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83caf67b8921dbd831ff7fd069b7e6b210d4128a2b75385e0d0bfa5e843b64a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: vNG_llu5xdB3xkRG6u5SgYU0QN7ZPC_u
content-encoding: br
via: 1.1 varnish
date: Fri, 02 Feb 2024 16:55:50 GMT
x-amz-request-id: GR8XHQBN807JKEMZ
age: 23974
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 179184
x-amz-id-2: pGEzYpbyvIrBtFvGRdj6g2vue9H2s3sZChDCnb0nXHqvQPlGPmCUKHJKQeCIWpebhzFY+cYnfSA=
x-served-by: cache-yyz4556-YYZ
last-modified: Wed, 31 Jan 2024 10:06:37 GMT
server: AmazonS3-br
x-timer: S1706892950.085393,VS0,VE0
etag: "e02188c67b12fb3bb33e7c81f68bf749"
vary: Accept-Encoding
content-type: application/javascript
abp: 47
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E3CF 0
0 93ms
92ms Fetch
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_5RF3BJtu5jRahrc-jIHtvrvm77HT2c4pQzb0V4o6vDOQBnb1lcoqqXQybcgQTRzodOSsbBt9fTSU2nGzoN5ZTbx4P2IEbKp-VjLUZsgqBBa1ZEPpxLJvGugUZM1BoB8YHKLSbSSuG_DG53rOb7NpO3mRQ1jTiJRT5WL79RjTZJWebHA-9UdomU2XVbUdeG98_NoT4UNwOzcbcO2Ot15Uv6PnvvSJR6xDaMF8RfNVAcNgcCZm4YzIo3z6TG5iAqUaAkZoXmdHUzv56LCUBNHSKvbNsoSUhj0sSzfljmGHi7QHDag4CTGoedFvYfDAQKNfuyK2P89MrWnhLWKWlr9LPxDEGQ&sai=AMfl-YQF759KSydkmhd4bwzob-_cygIoree3Xr0Q2Ybzzuf2nQ3BDuFiMg7G9uMtTkbfI_oDSederIyTt5G-ZorbkWnu8QwtuNrxo34F0U4-ERutPhiROomBTwLZqCFwgfhe7j9SzuQO0W0_4KKTegXb8dwe&sig=Cg0ArKJSzK96F3xkxbHzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.btolat.com
URL: https://www.btolat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 02 Feb 2024 16:55:50 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 100 KB
30 KB 57ms
56ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.btolat.com
URL: https://www.btolat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90cb4d46776c875a4c78e44018869a25b68d2b2aa567764a3bf19d91c59fc3a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30310
x-xss-protection: 0
server: cafe
etag: 300 / 19755 / 31080792 / config-hash: 16504606021960176266
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:55:50 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E3CF 205 KB
65 KB 124ms
59ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:55:50 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 90ms
89ms Fetch
text/plain 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1677513056325833&correlator=1073414368089604&eid=31080791&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fifs&gdpr=0&iu_parts=22892919920%2CBtolatFooter300x250&enc_prev_ius=0%2F1&prev_iu_szs=300x250&ifi=13&didk=3098427636&sfv=1-0-40&sc=1&cookie=ID%3D8a060c196319b02b%3AT%3D1706892950%3ART%3D1706892950%3AS%3DALNI_MYg76AZXTzT89JJg19jtmVpbSQZbA&gpic=UID%3D00000a0aa3dd8ac8%3AT%3D1706892950%3ART%3D1706892950%3AS%3DALNI_MZ3TnOXYRM-GPZWXiJq4o1waGtFBw&abxe=1&dt=1706892950150&lmt=1706892950&adxs=0&adys=1003&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.btolat.com%2F&vis=1&psz=236x-1&msz=236x-1&fws=516&ohw=1600&psts=AOrYGsk_9L34SMC-H67GOscqfymVrf7aXkvDZZ0K4GLy-zWEVrpZWWP6ax4hoTfwk_vIQgOthfQm5PyAqJqj_15Jxw&ga_vid=191236476.1706892950&ga_sid=1706892950&ga_hid=461504789&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRjS8_3V1jFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjS8_3V1jFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGNLz_dXWMUgAUgIIZBIZCgpwdWJjaWQub3JnGNLz_dXWMUgAUgIIZBIXCghydGJob3VzZRjS8_3V1jFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y0vP91dYxSABSAghkEhQKBW9wZW54GOf0_dXWMUgAUgIIbw..&dlt=1706892948977&idt=732&cust_params=Btolat_League%3DHomePage&adks=2063569840&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa291e49a8cd495a946c87338cb91458d242ba62b1261c3ff05ba44416f1dbc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12172
x-xss-protection: 0
google-lineitem-id: 6383625359
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138446669028
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.btolat.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
613 B 146ms
50ms XHR
application/json 18.211.142.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.142.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-142-103.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ffa5ec13f0cce16c6d4375ae5a743b01b7ec2bab1c5c45bbb6d66e4d4570736c

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:50 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.btolat.com
cache-control: no-cache
x-server: 10.40.59.216
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7BC6 0
0 94ms
93ms Fetch
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtlJkWjLVq5meYjm5bjWjLxY4vd-MzNFODzEKmDvLWAhvqzIiyUYHroarTKQ_-nsXJNV87M-dZAXhQ1ZdKjkr7ScL1GcQjYq0GRKSstaFXynK4-pyShuENmbJx7-DbTdC-0K0UmCY9Kx1XKHm-jvr36pOz-26tWfHGh_T1mPLpdxcLEHT0dWZaxJcINPhIjhUqkFIvYPIXAXCwME7zK96pCt8j5mvydsvTwVBrJZ5K1XDGTyw3qrIelMEZFKa_Sgyw-NNSp-XspAeV_2F2WEM7uHjFIrOzFjzCn_z8t1epgZ1TLHvE_Bz4lmdhuiQYQfWuub2MCAnceZEeCsTr0638OmAOk6yo&sai=AMfl-YQrKSSX6jGiFa4PXlsqAjUiJQb-lISGjt4xZCKaUpX1Re8jpFB_V23SyGWqc-HEhgCgWlcmM8bmyJd5ejt5I1nz6psPaOjjcFD4kwi4HOmrY1jrGxgWUwcXewe4oV8&sig=Cg0ArKJSzNaI4qBFOsP2EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.btolat.com
URL: https://www.btolat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ Frame 7BC6 33 KB
6 KB 309ms
93ms Script
application/x-javascript 68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to

Full URL: https://udmserve.net/udm/img.fetch?sid=16003;tid=1;dt=6;
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: 77137bbce2301309e562a9c10b48b59b5068f14d0c79c0a7ee59d0e1990042c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Feb 2024 16:55:50 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Type: application/x-javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Expires: 0

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7BC6 205 KB
65 KB 59ms
59ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:55:50 GMT

GET
DATA 200
OK truncated
/ Frame E3CF 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad0704e19c68e2757adb852c8b39a71437926d56f42a81c81ac5cda79e0bc932

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E3CF 0
0 145ms
93ms Fetch
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRa8a7jyi9hzn1oDtP3mvLmFHQS1yHPfkdGXz2AFqL3Oj9-jkLUrWkeGvCACB7fnUyp84dTnFgiSjBB7iFvvePEh40sjSKBYW8XZnwS5v8gOndaGjKrdGONTSdOC-uaMkryxlOyKwmXk0MrIuuiNz7CnBuS3QihRm6Gt0BBf7f4oshCy-MiLRZtyxPp7GE82tQCbbwomaNKLxfQLm9dbCJ7hr6nBo771sfTWwuGF3xydFWyyFOFEU3nBsgsscqenPakODkEdhWVTeqORtW7voP2KbUPiXMc4a_gss5BZ01XxmIN6KyZ7j79ktz8qQQcqC_F1_gt5YPejc7SKdKfgdM_yVlHxGh&sai=AMfl-YTeCwqRFsLcYsev4WBH9C_ubIW7QCFZykyCLpoaGvxnwZF6_FZV0x4MaKliBAlXkp4cOCIJwEhfv-EixwkBswiQ84XtHRMzH7bGhejUCsMJnqw60lbWpL3yPJKEnDEPec8lX0Bf6rJVKLttGw9gQzLN&sig=Cg0ArKJSzGQgerWv7K1QEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 02 Feb 2024 16:55:50 GMT

GET
DATA 200
OK truncated
/ Frame 7BC6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 026bddb7135c0bc7d98b5d491c955741ee7fd229de2d9182c5e46da802c9edab

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CA58 6 KB
3 KB 26ms
25ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.btolat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 16:55:50 GMT
expires: Sat, 01 Feb 2025 16:55:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 339B 183 KB
57 KB 222ms
133ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0elgABCOcIg4rOAAdFmUZyMZAiU1fmjy_WpA&u=%7CkBYb1OrAxsmbcsCcleGkzrpppfw5%2Bezo9JKHrWAjobY%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPbZQiC09DurE6LvhJEVfnpona7yZr6CGip8a0O0VRnOfDVSJxtXdF-Lkz9iieRXRrJBPkIVjcuU6DcQ_nq6vR7qmXoYYy45uzCntxmvnFOcP6teFpbNOZfMm9iF77RtSP_nUM6WfytuG6ZrYWv3nxg39CkzhXDjp_QkdahDolBTPB_MR9ql-7pI06qNnH8R_C7dZA30LrONYUDt3zxe7Lcggqm7vvIo39FF8vphhD1eZulmaRlNTobHi_00Av83q4wF3cKMgnfDaZt2Cc5XlVHBrVDWwPBIKaOeKVAC3BQ30riXxe9FzbYYWx5HR-z9iy6HzjoO_I2wxaQN9jNONeVWTNbx9_Tby9tXJNsW593Xxj9W0Vuk5bSPr8KqIvsfjf1cZnLrhJSyklDGdFH8esaN-aK-50CKWa0U3ibDwRq07liVTjG1UwUllFGPkCWhL0wUDd4SCN2SWwzPhT8x05gva8GBVwZqrI8Pe6UqbswZa5RgInQrmZFoqdHp_KSEoYxrAjsAuEji4F2RQ5vmpflkcZtiEdeZrd1IV7HaHNwui4YEPu6xfhhRJu3oKJPx38l6VGURxJIhHy6KeWGvX8IHil4bTUaY8LM-wBg87gLCrDC8ec43I4APcpZiraQMBnJkQ_230D1MR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ7d7lh69ZeeRBM6VjvQPmYud4Aacge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEnQJP0BUzkY626QUgA6U_gqS6r3qJZ0rc5ib51boaX0MFqSUk_oN5jveoFopfTDf5K0wXT17qSooCgvojofcZOm_hT2B1bSwe7gwqW7H2AGjcqXdfnotZjxYwDxZ3Nba4_EwjUg6jmD6Xj-O8dtAZ7RRpk4_Kysy4PyExTg8PlFM1WcTcHJoqPXfa8hx7AKiSqUZ5U7rws1KDglOenJJvmZLxZaMre2RFPZeKuH_fh8YfF1HLUrZArESlCN42Kdey8pZiqthYET1pYWyCMCYkEqZAApOVm2lb7R08kFRirA_VcELnsHAO8kURseAK2KZ3_Ee23eRsUC5CgSGCzGT2O9FygOPKzSQNP9316kwoK0o-nuteXwQmLyUbxD0y7cPgBAGABovs6v2At7Pwb6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOli0rNTfj42EA_oLAggBgAwB4g0TCLPJ1N-PjYQDFc6KgwgdmUUHbNAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zDRhe7if-z9px11sY8frQqH1tcA%26client%3Dca-pub-5900327121854735%26adurl%3D

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ccc59ddc44606d3ba4bdbf95dc28826f0f266cbaf9d8f680548f4cc20f31c0c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 16:55:50 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=c1mvP53FUcIwQf9fuMGI4UtcFgBUw4FTYOOxG3IYgxLa9dO5FEbKABuHb1u-w5MbUpV9jpQqzcDhzxLpaLcLZEeKoCC3rBOeMh8ov6va5oYTL4BmtonyRqOVOtK_NwBbOVkfiRCYuhXv4SRigTLKMRB-8KVLetCBahqZp_Tce1wQLmXdTn9HOBvH4b9Vg-a9D32T9-eVhR-RXS6eWsPrcP2czSCP__-UukuE_S2B1JrKEoWwNd3O9ZECNYzcA8Wiqk8HCA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 80890198
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame CA58 3 KB
1 KB 118ms
33ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:53:36 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame CA58 20 KB
9 KB 112ms
28ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:53:36 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CA58 24 KB
7 KB 110ms
26ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:16:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 113971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 31 Jan 2025 09:16:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CA58 205 KB
65 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:55:50 GMT

GET
DATA 200
OK truncated
/ Frame CA58 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ceff5b44cbe23bb8cbe4614106aae88cda8f205c6cbd7141cf0d32fccab07101

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 udm-r3_v2.23.3.js Show response
bid.underdog.media/ 490 KB
161 KB 130ms
28ms Script
application/javascript 2600:9000:21da:800:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Requested by: Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=16003;tid=1;dt=6;
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:800:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b59c84236e1aa480f6e46307bc58e447153f649c3e78390495b1ae6ef08730b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 13:08:32 GMT
content-encoding: gzip
via: 1.1 ab3cd7cfdd9d5cf21e29b3ffd33aa170.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 19:41:45 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 1482439
etag: "0550b0566d3b7839b95eb11004434e2f"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 163970
x-amz-cf-id: WTKUc7ritU2fNvpUnJcZ_oZL5-KPdFSA0Ova7rF_CMCD8uVhFcXZYg==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 184ms
74ms Script
application/javascript 2620:116:800b:21:4cb8:1820:80ca:50f7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=16003;tid=1;dt=6;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:4cb8:1820:80ca:50f7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 09 Feb 2024 16:55:50 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 7BC6 23 KB
9 KB 151ms
42ms Script
application/javascript 2620:116:800b:21:4cb8:1820:80ca:50f7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=16003;tid=1;dt=6;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:4cb8:1820:80ca:50f7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 09 Feb 2024 16:55:50 GMT

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.057125248
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.057125248
https://udmserve.net/udm/fetch.pix?dt=1;apnid=6768969262973248592;cb=0.057125248

43 B
612 B

69ms
68ms

Image
image/gif

68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;apnid=6768969262973248592;cb=0.057125248
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: HTTP/1.1
Server: 68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 16:55:51 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:51 GMT
an-x-request-uuid: a0faf988-6b31-43ca-91f0-c88e6cdbc27c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://udmserve.net/udm/fetch.pix?dt=1;apnid=6768969262973248592;cb=0.057125248
x-proxy-origin: 96.9.249.40; 96.9.249.40; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTZEMUQ0RDQtMDM2My00NDAxLTlDQzEtQTlDQjgxRTc0RDkz&gdpr=-1&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://image4.pubmatic.com/AdServer/SPug?cb=0.057125248&gdpr=0&p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3DE6D1D4D4-0363-4401-9CC1-A9CB81E74D93&us_privacy=%24%7BUS_PRIV...
https://udmserve.net/udm/fetch.pix?pmid=E6D1D4D4-0363-4401-9CC1-A9CB81E74D93

43 B
628 B

69ms
68ms

Image
image/gif

68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?pmid=E6D1D4D4-0363-4401-9CC1-A9CB81E74D93
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: HTTP/1.1
Server: 68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 16:55:51 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://udmserve.net/udm/fetch.pix?pmid=E6D1D4D4-0363-4401-9CC1-A9CB81E74D93
date: Fri, 02 Feb 2024 16:55:50 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

usermatchredir
ssum-sec.casalemedia.com/
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.057125248%3Bindx%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.057125248%3Bindx%3D&s=199174&C=1

43 B
337 B

46ms
45ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.057125248%3Bindx%3D&s=199174&C=1
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7XXrzV6dEZN580v7H8cabpGc5ilNElCS5AXJKhZHNdr8hI5WTClDzO5kqmlI5gEEhyeifbQjB2sTYJ%2FBvmmu4Q%2BGeK8FDJ6El2dXGelubrOwf9hTu7Ssv3hXDjr4%2BuCjywrWaZz3KFjVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84f3f6ce0b9239dd-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2DKgGJmNeei5RCOO1NrSTZ%2BI44SOZuAv6Wf3xjzbSC1L0LICjA9MBiEIQX2928cnAl26eHzcs9XeK%2F9%2BwFRwQeCCvcXJKrkJGFHmWiiGMtRgbI3OkMfvMATdfrzTGNIScR0hNgLte%2F0ug%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.057125248%3Bindx%3D&s=199174&C=1
cache-control: no-cache
cf-ray: 84f3f6cd9ad139dd-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58806/sync?redir=true&cb=0.057125248
https://ups.analytics.yahoo.com/ups/58806/sync?redir=true&cb=0.057125248&verify=true
https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-dYNpxFRE2uIuzKhYx_1D4Nn.u8nAI_mO~A

43 B
629 B

70ms
69ms

Image
image/gif

68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-dYNpxFRE2uIuzKhYx_1D4Nn.u8nAI_mO~A
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: HTTP/1.1
Server: 68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 16:55:50 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-dYNpxFRE2uIuzKhYx_1D4Nn.u8nAI_mO~A
date: Fri, 02 Feb 2024 16:55:50 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.057125248%3Bsonobi%3D%5BUID%5D
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.057125248;sonobi=6a07821f-247f-4aa0-965a-0b5f6c181c83

43 B
630 B

69ms
68ms

Image
image/gif

68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;cb=0.057125248;sonobi=6a07821f-247f-4aa0-965a-0b5f6c181c83
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: HTTP/1.1
Server: 68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 16:55:50 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:50 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-181
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://udmserve.net/udm/fetch.pix?dt=1;cb=0.057125248;sonobi=6a07821f-247f-4aa0-965a-0b5f6c181c83
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=24042&cb=0.057125248
https://udmserve.net/udm/fetch.pix?dt=1;magid=LS4VZQ1D-X-682G

43 B
608 B

85ms
84ms

Image
image/gif

68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;magid=LS4VZQ1D-X-682G
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: HTTP/1.1
Server: 68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 16:55:51 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://udmserve.net/udm/fetch.pix?dt=1;magid=LS4VZQ1D-X-682G
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0963d041a95f271fbba7f411adc03573
Expires: 0

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]%3Bcb%3D
https://udmserve.net/udm/fetch.pix?dt=1;sncr=5E15D2A62FC44EC58D52C87AC88A86C7;cb=

43 B
624 B

119ms
68ms

Image
image/gif

68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;sncr=5E15D2A62FC44EC58D52C87AC88A86C7;cb=
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: HTTP/1.1
Server: 68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 16:55:50 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

date: Fri, 02 Feb 2024 16:55:50 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: text/plain; charset=utf-8
location: https://udmserve.net/udm/fetch.pix?dt=1;sncr=5E15D2A62FC44EC58D52C87AC88A86C7;cb=
access-control-allow-origin: https://www.btolat.com/
x-varnish: 102860872
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://cm-x.mgid.com/4c7eda2d9428691cd8f54d15244a36a7.gif?ccpa=0&gdpr=0&redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bmgid%3D%5BUID%5D
https://udmserve.net/udm/fetch.pix?dt=1;mgid=047cb5f1-d5a4-4def-90ca-2176ff2a581e

43 B
628 B

87ms
68ms

Image
image/gif

68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;mgid=047cb5f1-d5a4-4def-90ca-2176ff2a581e
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: HTTP/1.1
Server: 68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 16:55:51 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 02 Feb 2024 16:55:50 GMT
Transfer-Encoding: chunked
Location: https://udmserve.net/udm/fetch.pix?dt=1;mgid=047cb5f1-d5a4-4def-90ca-2176ff2a581e
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CA58 0
0 104ms
103ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C5g3qlh69ZeeRBM6VjvQPmYud4Aacge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmgJP0BUzkY626QUgA6U_gqS6r3qJZ0rc5ib51boaX0MFqSUk_oN5jveoFopfTDf5K0wXT17qSooCgvojofcZOm_hT2B1bSwe7gwqW7H2AGjcqXdfnotZjxYwDxZ3Nba4_EwjUg6jmD6Xj-O8dtAZ7RRpk4_Kysy4PyExTg8PlFM1WcTcHJoqPXfa8hx7AKiSqUZ5U7rws1KDglOenJJvmZLxZaMre2RFPZeKuH_fh8YfF1HLUrZArESlCN42Kdey8pZiqthYET1pYWyCMCYkEqZAApOVm2lb7R08kFRirA_VcELnsHAO8kURseAK2KZ3_Ee23eRsUGxAobNEcY-MsjpNVG_zKoC8MPX8xFTssLlEFyLgQSg-ruGP_drgBAGABovs6v2At7Pwb6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOli0rNTfj42EA4AKAfoLAggBgAwB4g0TCLPJ1N-PjYQDFc6KgwgdmUUHbNAVAYAXAbIXHAoaEhRwdWItNTkwMDMyNzEyMTg1NDczNRiUrRw&sigh=VdQz2Zw7sgE&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_G3AUbJ6ITJKxjg5TPbADzickLH-y-2g5iL3DwJDtE1JschVNWaFJuimXzpXXuKUYWrKVucjK2M42-vuE2GsQHrlS-uz2WaQzVBgB&cbvp=2&vis=1
Requested by: Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame CA58 0
126 B 205ms
60ms Image
text/plain 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=ktvVDaW6MHjYBOIinRcCAAAAI08GOxpBoMlJ9H-rEJYevWWY-YAgLdQhTi0mAAASAAAKCkFRVURDZ0VCQ2c&wp=Zb0elgABCOcIg4rOAAdFmUZyMZAiU1fmjy_WpA&cbvp=2

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 233705
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 339B 2 KB
1 KB 53ms
52ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0elgABCOcIg4rOAAdFmUZyMZAiU1fmjy_WpA&u=%7CkBYb1OrAxsmbcsCcleGkzrpppfw5%2Bezo9JKHrWAjobY%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPbZQiC09DurE6LvhJEVfnpona7yZr6CGip8a0O0VRnOfDVSJxtXdF-Lkz9iieRXRrJBPkIVjcuU6DcQ_nq6vR7qmXoYYy45uzCntxmvnFOcP6teFpbNOZfMm9iF77RtSP_nUM6WfytuG6ZrYWv3nxg39CkzhXDjp_QkdahDolBTPB_MR9ql-7pI06qNnH8R_C7dZA30LrONYUDt3zxe7Lcggqm7vvIo39FF8vphhD1eZulmaRlNTobHi_00Av83q4wF3cKMgnfDaZt2Cc5XlVHBrVDWwPBIKaOeKVAC3BQ30riXxe9FzbYYWx5HR-z9iy6HzjoO_I2wxaQN9jNONeVWTNbx9_Tby9tXJNsW593Xxj9W0Vuk5bSPr8KqIvsfjf1cZnLrhJSyklDGdFH8esaN-aK-50CKWa0U3ibDwRq07liVTjG1UwUllFGPkCWhL0wUDd4SCN2SWwzPhT8x05gva8GBVwZqrI8Pe6UqbswZa5RgInQrmZFoqdHp_KSEoYxrAjsAuEji4F2RQ5vmpflkcZtiEdeZrd1IV7HaHNwui4YEPu6xfhhRJu3oKJPx38l6VGURxJIhHy6KeWGvX8IHil4bTUaY8LM-wBg87gLCrDC8ec43I4APcpZiraQMBnJkQ_230D1MR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ7d7lh69ZeeRBM6VjvQPmYud4Aacge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEnQJP0BUzkY626QUgA6U_gqS6r3qJZ0rc5ib51boaX0MFqSUk_oN5jveoFopfTDf5K0wXT17qSooCgvojofcZOm_hT2B1bSwe7gwqW7H2AGjcqXdfnotZjxYwDxZ3Nba4_EwjUg6jmD6Xj-O8dtAZ7RRpk4_Kysy4PyExTg8PlFM1WcTcHJoqPXfa8hx7AKiSqUZ5U7rws1KDglOenJJvmZLxZaMre2RFPZeKuH_fh8YfF1HLUrZArESlCN42Kdey8pZiqthYET1pYWyCMCYkEqZAApOVm2lb7R08kFRirA_VcELnsHAO8kURseAK2KZ3_Ee23eRsUC5CgSGCzGT2O9FygOPKzSQNP9316kwoK0o-nuteXwQmLyUbxD0y7cPgBAGABovs6v2At7Pwb6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOli0rNTfj42EA_oLAggBgAwB4g0TCLPJ1N-PjYQDFc6KgwgdmUUHbNAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zDRhe7if-z9px11sY8frQqH1tcA%26client%3Dca-pub-5900327121854735%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:50 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 339B 2 KB
1 KB 51ms
51ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:50 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 339B 308 B
636 B 52ms
51ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 27 Jan 2025 16:55:50 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 339B 293 B
621 B 53ms
52ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 27 Jan 2025 16:55:50 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 339B 43 B
348 B 111ms
32ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=EjyuxYuxfx5hzQUYSKVOuWHQNxlMdg2Ndy278DjjOW5YNKIC1M67pu1K4p28yyv0KJOh9NMIcjMezBhY_0puuuJG_t5FhDXJhxVAkL3qQLV_f86cfIXNELFl0nfV9Zfq75LdZ82aMawPjgYX2PbxWWThX5iVJYA5wXAtu5f5Tr8mCjwq1ri510mHG9_gzg40NwJ7EVRjlzQihxbSX6pme4-o4B4ihcgR-0adbbSHObbdgnZud0xpnEOUC3i7IaniRNqKmy0MIw6sURRL2jT0nnFVeO4CQUcodEq8k1ZW1U3psUYvD5GP4vjgEkFaZ6TXjj1CVOhofH8LwKvO9lRFJ8KcjiTrMDoDOR4lBVcjRRqOmKr72SaedrtjHv1_0tCunMPd4EboFIU5LSMEOIcr21mDBagjkwbrX6Renb4_ieDQ4W80nflqDU4vuht9NaOS_b1TAQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:50 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2188541
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 339B 12 KB
5 KB 148ms
52ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6255865
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDIfpZKy96gt64mfsS%2FvWThCh%2BtjcD98NGogqi%2B29zVMqi68OqpLgYsnr%2Feovu4bU%2B%2FGlszYWdciJNgIBWzeXL0UIN3z9oKWmnYbmtp9QcTCptpncoLgsTK%2F4B5K2pDwDZAhCzvnL0rWpLkgU6EpkbKe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84f3f6ce9f7d4bc6-BUF
expires: Wed, 22 Jan 2025 16:55:50 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 339B 12 KB
6 KB 60ms
59ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:50 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 339B 6 KB
7 KB 195ms
102ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=110&m=0&partner=74129&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F74129%2F200722%2F220ba2ca4c774d81a2d0f40bfd958e37_surthrival_logo_copy.png&v=3&w=236&rid=4&s=SFWABdIFNIWTufW491QtNFLi

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

32df58df31f0e75cd91d691a39efe5a3b62df7dec5fdcbc809822dca1531ddf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6516
expires: Tue, 31 Dec 2024 00:26:20 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 339B 11 KB
11 KB 127ms
35ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=74129&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F2214%2F6729%2Fproducts%2FGear-PinePollenBook.png%3Fv%3D1673647097&v=3&w=400&rid=4&s=NZk5AwmL4prOLJTso9b7_Ybq&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8a5145e33eb729774e50ba83cdbbce0709a4839d2a68bdc1585144447f84092f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 10804
expires: Fri, 03 Jan 2025 01:06:24 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 339B 12 KB
12 KB 185ms
93ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=74129&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F2214%2F6729%2Fproducts%2FProductImage-PPPowder48g.png%3Fv%3D1681010629&v=3&w=400&rid=4&s=T9454WFLwOP27cFWnyM7Jmrl&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f70b02502195fd4cbb1185d81332d67a969629c5f95d635bbae579b73c31603c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 12114
expires: Sun, 29 Dec 2024 05:21:38 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 339B 32 KB
32 KB 176ms
84ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=74129&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F2214%2F6729%2Fproducts%2FProductImage-HealthyGums5ml.png%3Fv%3D1681010794&v=3&w=400&rid=4&s=QrKjfmAmMYj5ps-oeLf0yreq&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

000fbd8aa1620ccdd4d34994f933fba3e8491960c14ec50173bc409fbe7dc32f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 32452
expires: Thu, 26 Dec 2024 03:16:50 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 339B 21 KB
21 KB 156ms
65ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=74129&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F2214%2F6729%2Fproducts%2FHoldster.png%3Fv%3D1511910614&v=3&w=400&rid=4&s=nGFB80smfN8ESLKqxW88YVZo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

473d680317e2c25d831274e1da0f300f77d48155940d736ffe4eda56d8353dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 21392
expires: Sat, 04 Jan 2025 02:56:27 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 339B 24 KB
24 KB 203ms
112ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=74129&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F2214%2F6729%2Fproducts%2FProductImage-BlackWalnut.png%3Fv%3D1681011250&v=3&w=400&rid=4&s=_1wjayxHfSAlz0MJjiuTNJrH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8a0a516a6cdd366b8cbe2f675ca27144241f2623643d01706c46cd63eaf188c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 24832
expires: Sun, 29 Dec 2024 15:49:14 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 339B 21 KB
21 KB 120ms
119ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=74129&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F2214%2F6729%2Fproducts%2FProductImage-PinePollenGold.png%3Fv%3D1681010556&v=3&w=400&rid=4&s=y7F6LhgvJo0SE5lt-FsVt2qP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

eab084a71b95a8dd83f7b754e69b9ba73dda54a3566693058345789666b25c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 21551
expires: Sun, 29 Dec 2024 16:36:03 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 339B 17 KB
17 KB 115ms
113ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=74129&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F2214%2F6729%2Fproducts%2FProductImage-ColostrumCapsules.png%3Fv%3D1685590169&v=3&w=400&rid=4&s=LMqbZYKiQIYRu1NcGv2lZ8cD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2089257e7d30ddaf399c1898726857e31ef7f903286e107bfaa4d4e16afb12ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 17496
expires: Sun, 12 Jan 2025 01:36:26 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 339B 21 KB
21 KB 146ms
145ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=74129&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F2214%2F6729%2Fproducts%2FProductImage-D3K2.png%3Fv%3D1681010375&v=3&w=400&rid=4&s=nkEdkP1_aNVpO9_ZdTmLljpy&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3cc9cf6cd241ae0ceacc50e4fa48fecf0cafae7484317e474a9ea24ab1be86a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 21777
expires: Fri, 10 Jan 2025 16:24:22 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 339B 22 KB
22 KB 125ms
124ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=74129&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F2214%2F6729%2Fproducts%2FProductImage-Chaga.png%3Fv%3D1681009972&v=3&w=400&rid=4&s=ZBv9gp2SqnIIp3WL851bIfJG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5894eb6659eaf9f6f5bee10820b1ba197e45cc3f33b7c83523c84be66488616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 22017
expires: Sun, 29 Dec 2024 13:13:58 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 339B 21 KB
22 KB 131ms
131ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=74129&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F2214%2F6729%2Fproducts%2FProductImage-AntlerGold.png%3Fv%3D1681010403&v=3&w=400&rid=4&s=T1GyqlQnIIHLyk5eKV-4duC6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

51bf4c83e59f191accee907f1e076861e6529a64f3ec19232a2391e12c89ff7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 21874
expires: Fri, 17 Jan 2025 23:35:13 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 339B 23 KB
24 KB 136ms
135ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=74129&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F2214%2F6729%2Fproducts%2FProductImage-AntlerSilver.png%3Fv%3D1681010445&v=3&w=400&rid=4&s=77U9VcMag_Hy80Vje30zAq0c&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b76fa13d5bffdebff131658e673801d68269535a10d7df5befd2bb624a2864cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 23885
expires: Mon, 30 Dec 2024 03:37:33 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 339B 23 KB
23 KB 140ms
139ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=74129&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F2214%2F6729%2Fproducts%2FProductImage-AntlerPlatinum.png%3Fv%3D1681010426&v=3&w=400&rid=4&s=BGLIR2NviF6nrCj-U96xb-K-&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

eea13bd68eef41a976badd064101348264fbdb5d4268a896cfe93c6e848b1ac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 23837
expires: Mon, 30 Dec 2024 01:44:23 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 339B 0
128 B 114ms
29ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=c1mvP53FUcIwQf9fuMGI4UtcFgBUw4FTYOOxG3IYgxLa9dO5FEbKABuHb1u-w5MbUpV9jpQqzcDhzxLpaLcLZEeKoCC3rBOeMh8ov6va5oYTL4BmtonyRqOVOtK_NwBbOVkfiRCYuhXv4SRigTLKMRB-8KVLetCBahqZp_Tce1wQLmXdTn9HOBvH4b9Vg-a9D32T9-eVhR-RXS6eWsPrcP2czSCP__-UukuE_S2B1JrKEoWwNd3O9ZECNYzcA8Wiqk8HCA&sds=2&rev=90469&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 16:55:50 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 339B 2 KB
1 KB 53ms
51ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:50 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 339B 2 KB
1 KB 51ms
50ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:50 GMT

GET
H2 200 bc_UZYxC75kqDLRiEd9GoEYOmovVVM.js Show response
bid.underdog.media/ 5 KB
2 KB 52ms
52ms Script
application/x-javascript 2600:9000:21da:800:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/bc_UZYxC75kqDLRiEd9GoEYOmovVVM.js
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:800:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5abd4d592ab3d6008cd901ad585957239465c51270c75d7ab782d3ff5e243165

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:41:13 GMT
content-encoding: gzip
via: 1.1 ab3cd7cfdd9d5cf21e29b3ffd33aa170.cloudfront.net (CloudFront)
last-modified: Fri, 02 Feb 2024 16:30:09 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 878
etag: "47428f61a55eb91e5f5429da907c5439"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 1718
x-amz-cf-id: 1HLT2A_NIYSPpMLoDbzcF1Fe594snJvhiqJRg_gOHu9VevDhO1nNhw==

GET
H2 200 rrv7.js Show response
bid.underdog.media/ 1 KB
1004 B 50ms
50ms Script
application/x-javascript 2600:9000:21da:800:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/rrv7.js
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:800:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3197782721b8b7d31dc092b4c7536e568703fea6445dd489808ff42cb597421

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 15:55:39 GMT
content-encoding: gzip
via: 1.1 ab3cd7cfdd9d5cf21e29b3ffd33aa170.cloudfront.net (CloudFront)
last-modified: Fri, 02 Feb 2024 15:30:03 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 3612
etag: "46e2aca34b1adcbdd92c3c8dc4d263b5"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
accept-ranges: bytes
content-length: 613
x-amz-cf-id: UTqRTX1PSgc3qd-RJ2NlC9yPhsKWtW1_dU0B5Jjk9loriKV_sLQpcg==

POST
H2 204 ortb Show response
bid.contextweb.com/header/ 0
845 B 116ms
31ms XHR
text/plain 198.148.27.131
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.contextweb.com/header/ortb?src=prebid

Requested by

Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
cwdl: 22/4211,22/4211,22/4211,22/4211,22/4211,22/4211,22/4211,22/4211
access-control-allow-origin: https://www.btolat.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
cw-server: bid-deployment-6cc5b5775b-rbdl7

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 118 B
192 B 314ms
233ms XHR
application/json 34.149.20.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dmK730KmGr7ikOrkHcnlKl
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: f486ee13d5d1ebec9547910bfa85e06ec621e178c1ac69745dbf1a992d9cade3

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://www.btolat.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 118 B
183 B 306ms
225ms XHR
application/json 34.149.20.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dmK730KmGr7ikOrkHcnlKl
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: f486ee13d5d1ebec9547910bfa85e06ec621e178c1ac69745dbf1a992d9cade3

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://www.btolat.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 118 B
354 B 142ms
62ms XHR
application/json 34.149.20.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dmK730KmGr7ikOrkHcnlKl
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: f486ee13d5d1ebec9547910bfa85e06ec621e178c1ac69745dbf1a992d9cade3

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://www.btolat.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 16 KB
10 KB 295ms
215ms XHR
application/json 34.149.20.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dr5CFEKmGr7ikOrkHcnlKl
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 671cc13dd0cce3ae25659c138f7e490429570422a59b5a811fd9f83db32e2c4e

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://www.btolat.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 14 KB
8 KB 303ms
223ms XHR
application/json 34.149.20.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dr5CFEKmGr7ikOrkHcnlKl
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 00f4303c90554ed1a870b9c282e09a7e5c9401bd35a47ebe43264c61299029ca

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://www.btolat.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 118 B
183 B 188ms
108ms XHR
application/json 34.149.20.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dr5CFEKmGr7ikOrkHcnlKl
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: f486ee13d5d1ebec9547910bfa85e06ec621e178c1ac69745dbf1a992d9cade3

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://www.btolat.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 136ms
65ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.btolat.com
date: Fri, 02 Feb 2024 16:55:49 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 807 B
2 KB 977ms
599ms XHR
application/json 2602:803:c002:200::32
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24042&site_id=403056&zone_id=2257012%3B2257012%3B2257012%3B2257008%3B2257008&size_id=2%3B2%3B2%3B15%3B15&p_pos=atf&rp_schain=1.0,1!udmserve.net,3204,1,,,&eid_pubcid.org=dffeab18-8951-4a35-969e-9e60ee6233a8%5E1&rf=https%3A%2F%2Fwww.btolat.com%2F&kw=%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%D8%A7%D9%84%D9%8A%D9%88%D9%85%2C%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%2C%D8%A7%D9%84%D8%AF%D9%88%D8%B1%D9%8A%2C%D8%AA%D9%88%D9%82%D8%B9%D8%A7%D8%AA%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%D8%A7%D9%84%D9%8A%D9%88%D9%85%2C%D8%A7%D9%84%D8%AA%D9%88%D9%82%D8%B9%D8%A7%D8%AA%2C%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D9%87%D8%A7%D9%84%D9%8A%D9%88%D9%85%2C%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%D8%A7%D9%84%D9%8A%D9%88%D9%85%2C%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%2C%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%2C%D8%AF%D9%88%D8%B1%D9%8A%2C%D8%A7%D9%84%D8%AF%D9%88%D8%B1%D9%8A%2C%D8%AA%D9%88%D9%82%D9%8A%D8%AA%2C%D9%86%D8%AA%D9%8A%D8%AC%D8%A9%2C%D9%8A%D9%88%D8%A7%D8%AC%D9%87%2C%D8%B6%D8%AF%2C%D9%86%D8%AA%D9%8A%D8%AC%D8%A9%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%D8%AA%D9%88%D9%82%D8%B9%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%2C%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%D8%A7%D9%84%D9%8A%D9%88%D9%85%2C%D8%AA%D9%88%D9%82%D8%B9%D8%A7%D8%AA%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%2C%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%2C%D8%A7%D9%84%D8%AF%D9%88%D8%B1%D9%8A%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%2C%D8%A7%D9%84%D8%AF%D9%88%D8%B1%D9%8A%D8%A7%D9%84%D8%A5%D9%8A%D8%B7%D8%A7%D9%84%D9%8A%2C%D8%A7%D9%84%D8%AF%D9%88%D8%B1%D9%8A%D8%A7%D9%84%D8%A5%D9%86%D8%AC%D9%84%D9%8A%D8%B2%D9%8A%2C%D8%A7%D9%84%D8%AF%D9%88%D8%B1%D9%8A%D8%A7%D9%84%D8%A3%D8%B3%D8%A8%D8%A7%D9%86%D9%8A%2C%D9%83%D8%A3%D8%B3%D8%A3%D8%B3%D9%8A%D8%A7%2C%D8%AF%D9%88%D8%B1%D9%8A%D8%A3%D8%A8%D8%B7%D8%A7%D9%84%D8%A3%D9%88%D8%B1%D8%A8%D8%A7%2C%D9%83%D8%A7%D8%B3%D8%A7%D9%84%D8%A3%D9%85%D9%85%D8%A7%D9%84%D8%A3%D9%81%D8%B1%D9%8A%D9%82%D9%8A%D8%A9%2C%D8%A3%D8%A8%D8%B7%D8%A7%D9%84%D8%A3%D8%B3%D9%8A%D8%A7%2C%D8%A3%D8%A8%D8%B7%D8%A7%D9%84%D8%A3%D9%81%D8%B1%D9%8A%D9%82%D9%8A%D8%A7&tg_i.domain=btolat.com&tg_i.page=https%3A%2F%2Fwww.btolat.com%2F&tg_i.pbadslot=slider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-300x250%3Bslider-300x250&tk_flint=pbjs_lite_v8.8.0&l_pb_bid_id=36e30a910a946b9%3B372ba743eea5cd%3B380c96a388762a6%3B399acbeb7bf431%3B40715e0dce061c6&p_screen_res=1600x1200&rp_floor=0.04395604395604395&rp_secure=1&rp_hard_floor=0.04&rp_maxbids=1&p_gpid=slider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-300x250%3Bslider-300x250&slots=5&rand=0.5492623415014855
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f8c6159aa9c5e80febd88e8bf40da8d1b9764cfdb7bbe339984e69e8b21d5817

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:51 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.btolat.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 126ms
59ms XHR
text/plain 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.8.0&cb=30417995911&lsavail=1

Requested by

Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

bidder.va1.vip.prod.criteo.com

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.btolat.com
date: Fri, 02 Feb 2024 16:55:50 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 arj Show response
underdogmedia-d.openx.net/w/1.0/ 175 B
374 B 359ms
288ms XHR
application/json 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://underdogmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.btolat.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=600&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=%2C%2C%2C&nocache=1706892950923&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&pubcid=dffeab18-8951-4a35-969e-9e60ee6233a8&schain=1.0%2C1!udmserve.net%2C3204%2C1%2C%2C%2C&aus=300x250%7C300x250%7C336x280%7C336x280&divids=slider-300x250%2Cslider-300x250%2Cslider-336x280%2Cslider-336x280&aucs=slider-300x250%2Cslider-300x250%2Cslider-336x280%2Cslider-336x280&auid=558952860%2C558952860%2C558952861%2C558952861&aumfs=40%2C40%2C40%2C40
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a4c230434850badb7dc8448fa59c15cabcf0a9cd731ec725dbed7d054e02eab2

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:51 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.btolat.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 avjp Show response
underdogmedia-d.openx.net/v/1.0/ 106 B
287 B 220ms
150ms XHR
application/json 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://underdogmedia-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.btolat.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=600&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=&nocache=1706892950923&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&pubcid=dffeab18-8951-4a35-969e-9e60ee6233a8&schain=1.0%2C1!udmserve.net%2C3204%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A250%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A30%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2F3gpp%22%2C%22video%2Fx-m4v%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22placement%22%3A5%2C%22playbackmethod%22%3A%5B2%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545669798&vwd=400&vht=250&vos=101&aucs=slider-400x250&aumfs=20
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:51 GMT
via: 1.1 google
server: OXGW/0.0.0
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.btolat.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 avjp Show response
underdogmedia-d.openx.net/v/1.0/ 106 B
287 B 269ms
200ms XHR
application/json 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://underdogmedia-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.btolat.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=600&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=&nocache=1706892950923&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&pubcid=dffeab18-8951-4a35-969e-9e60ee6233a8&schain=1.0%2C1!udmserve.net%2C3204%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A250%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A30%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2F3gpp%22%2C%22video%2Fx-m4v%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22placement%22%3A5%2C%22playbackmethod%22%3A%5B2%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545669798&vwd=400&vht=250&vos=101&aucs=slider-400x250&aumfs=20
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:51 GMT
via: 1.1 google
server: OXGW/0.0.0
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.btolat.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 avjp Show response
underdogmedia-d.openx.net/v/1.0/ 106 B
497 B 200ms
130ms XHR
application/json 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://underdogmedia-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.btolat.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=600&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=&nocache=1706892950923&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&pubcid=dffeab18-8951-4a35-969e-9e60ee6233a8&schain=1.0%2C1!udmserve.net%2C3204%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A250%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A30%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2F3gpp%22%2C%22video%2Fx-m4v%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22placement%22%3A5%2C%22playbackmethod%22%3A%5B2%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545669798&vwd=400&vht=250&vos=101&aucs=slider-400x250&aumfs=20
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:51 GMT
via: 1.1 google
server: OXGW/0.0.0
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.btolat.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ad_companion Show response
fundingchoicesmessages.google.com/f/AGSKWxWHpQCdP2ifk1F4l6VvFQ1CYAEfoXmCeOgmHMBJy8DZ9kf8mgnjoNULeJLnRQNzNkAnBvmTESEu07lTD5N2pUcxHHpH3mACBpPXoDYqy5-Z8t57Fpls0sZOzgiIwVGp3EPuJu7FV17-RkqtCzx6dbyrjtAz6... 54 B
110 B 51ms
50ms Script
application/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWHpQCdP2ifk1F4l6VvFQ1CYAEfoXmCeOgmHMBJy8DZ9kf8mgnjoNULeJLnRQNzNkAnBvmTESEu07lTD5N2pUcxHHpH3mACBpPXoDYqy5-Z8t57Fpls0sZOzgiIwVGp3EPuJu7FV17-RkqtCzx6dbyrjtAz6pW_NbE-yIdeKJAPaahSqosLCQiS87TV/_/adevents./banneradviva./ad_companion?/ad_bsb.?action=ads&

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.DVj6k2lQKUs.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMx3JBHAq4VEDkbKvq4R0K6nnH8xHw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2496ca32281440c21a2f668fd6dc1fc44a88cedab44bc489fa023a07178c3c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Cb6jVsu7IvMN4uVnkzT55w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
content-security-policy: script-src 'report-sample' 'nonce-Cb6jVsu7IvMN4uVnkzT55w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4KQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5l4vr5kkgBiDSB-J_mK6RsQ7_DxYHkTPp2VK2I6K1vFdFY-II6rm86aB8R866az6q6fzrrlzHTWPUAc83w6awoQL2adwboaiKcEzmCdA8Qt0UA2EDulz2ANAuLPmTNYfwNx2e1zrHVALCx3nlUaiIV4OKbt_bKWTeDC7h9XmQEcPldf"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
455 B 85ms
25ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 06:11:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38651
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 06:11:40 GMT

POST
H3 204 AGSKWxXJnoKMfdjQ_FDbzSiQiQI_tdc0peIDmm5YX8fxY6pGgbrNkTBkHjFGw72IWoxSKm4kx0R1ZJY015oH3EH_-35scs6TO0eocnUdaRgDrgRtoak1MVVvaVO-oQ5UPLsf5XSy8V-vWg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 106ms
48ms XHR
text/html 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXJnoKMfdjQ_FDbzSiQiQI_tdc0peIDmm5YX8fxY6pGgbrNkTBkHjFGw72IWoxSKm4kx0R1ZJY015oH3EH_-35scs6TO0eocnUdaRgDrgRtoak1MVVvaVO-oQ5UPLsf5XSy8V-vWg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b-IDqje6whpQWbp1CWblbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-b-IDqje6whpQWbp1CWblbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmLw05BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQListvnWOuAWFjuPKs0EAtxc0zf-2Utm8CCb0tEAMjkIjM"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.btolat.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 26B4 6 KB
3 KB 26ms
25ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.btolat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 16:55:50 GMT
expires: Sat, 01 Feb 2025 16:55:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 339B 2 KB
899 B 50ms
46ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:51 GMT

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 7673 155 KB
52 KB 104ms
102ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0elgAFqNsIg5mHAAbR1vUESaXw8xC1qQ9aDA&u=%7CkBYb1OrAxskeVxWCmYjaJvP68gOESqzvSDZImmQmftk%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPbZQiC09DurE6LvhJEVfnpona7yZr6CGip8a0O0VRnOfDVSJxtXdF-Lkz9iieRXRrJLdnVzeQ_G15K3Sx6jpYdO4GP4omQyX_4L1EODzkeqgSl8E2_vxpWTWH1jow-vpxl2ambypHa3rTFxnrsnesn6jkOCXnBRPITfzHIjxQjrCzepBJUPJnNWDWY2g5UhgNWhFtPMZOWI1KnYBdnZ0GDHPmC9J-IOWBht1dBOJtVRRfBwnrSHP55QPZaALxhRyN0UyZAdsKhk5McU7t5D8pruBv3AWO0Si5OB2MTwVTnVPhEtZwjzGz1HezGHrRp2k0yBoiF5FGEFJ21hDzDoD0DrAtUAaXbX2dfAl048TivHJlhBBXfaXPEy08h5S_RwYPd-GPXXeV6GMrJbuFCg_tkgolMQLtVId9JD9SRMv5JSpooe5oVL10kgrpAmhfv5bakNQKGkMr1urpY0Cf-RF01pfWfFBQTp6l4vVTztTMlkupD0UU6uFDTKLUxZC9egi5UOniubxpmueAZFAAWvHmtfB9XwS8lolhEn1CKhuRsnh2RnwPXpsVYfeRR-zUjobnZE9NtgE8gKhq6vNHCM2PZHVoVUiLROiRz15BuYipE4rCVkJ8Pn0rLLA87LGKlHKdXchi0_GIbMq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu53-lh69ZdvRFoezjvQP1qObyA-cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEngJP0MhkAxbndtPO7a2SLt-IcOugIZeStgAyHWr_cmF7IL3URkifSCD7sEP_mPEw0YKOGE0TbBIvhIDpu2WxeQ65l2Gn20m_grIXrYhpMlUDwZrOHnNcSbFtoof8IO8Wmh1Xt9AmKjfoHfvPsuXVYgwQGSV-3y5CtDUDpkKBJFp4L0y_aACoIl2D4J_jh8K7WV-pOvt4oSKzbzdq9IOlkRljjh2IG7m2sz84Jxy20_-Qw8BSHMYa4Jn4-tyBZMIVG3hqveFw9pan0S-jPrOuJEzaqb20trcRH_7xjpC0NKA6cds04yikMsZYaXSxJlewM_MGBzvj4J2bMqcBwhH1jjIzVSi66HzShsdCM1g7srkJXPWcDFxHeTE-VeMaXFC14AQBgAbypqqq0eLdvHegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYnavU34-NhAP6CwIIAYAMAeINEwjq0tTfj42EAxWHmYMIHdbRBvnQFQGAFwE%26num%3D1%26sig%3DAOD64_3FC_rRwnDjrmPlMEbx9RnqthUVUA%26client%3Dca-pub-5900327121854735%26adurl%3D

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

6b464a41c874c4dff3155624c93077e98324e88a27b30821dd80953a43638a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 16:55:50 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=mNAdkp3FUcIwQf9fD06FbFO9SMfB5GbrSCdadUAjB3_YD6jv3jDh77g4UQ7otMWrgSdW4_Jquebphb4vaoStIjIwfUgiRNfQSBYdIeb-v5itmgh9L34Y8nC9SFYvuUifZ8yOZJNZoNbufTef0ZOSrKFJDQjlIbbikn4bv78CGwkrlns1QL6ljTgSFWUBcXQkruyK9z3-5Cf7Tn59BQl67axSwmVK68F9vSvTrpTc21dtHVL0TUKO1LXaFWHOozTEDdkmVA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 58694243
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 26B4 3 KB
1 KB 36ms
33ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 135
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:53:36 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 26B4 20 KB
8 KB 28ms
26ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 135
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:53:36 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 26B4 24 KB
6 KB 31ms
30ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:16:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 113972
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 31 Jan 2025 09:16:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 26B4 205 KB
65 KB 46ms
45ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:55:51 GMT

POST
H3 204 AGSKWxXJnoKMfdjQ_FDbzSiQiQI_tdc0peIDmm5YX8fxY6pGgbrNkTBkHjFGw72IWoxSKm4kx0R1ZJY015oH3EH_-35scs6TO0eocnUdaRgDrgRtoak1MVVvaVO-oQ5UPLsf5XSy8V-vWg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 50ms
50ms XHR
text/html 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXJnoKMfdjQ_FDbzSiQiQI_tdc0peIDmm5YX8fxY6pGgbrNkTBkHjFGw72IWoxSKm4kx0R1ZJY015oH3EH_-35scs6TO0eocnUdaRgDrgRtoak1MVVvaVO-oQ5UPLsf5XSy8V-vWg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Y9Gg-V14Xu7C9AdiY9mdkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-Y9Gg-V14Xu7C9AdiY9mdkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmLw1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQListvnWOuAWFjuPKs0EAtxc0zf-2Utm8CEScckAcbCIeM"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.btolat.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 339B 16 KB
17 KB 140ms
70ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:51 GMT

POST
H3 204 AGSKWxXJnoKMfdjQ_FDbzSiQiQI_tdc0peIDmm5YX8fxY6pGgbrNkTBkHjFGw72IWoxSKm4kx0R1ZJY015oH3EH_-35scs6TO0eocnUdaRgDrgRtoak1MVVvaVO-oQ5UPLsf5XSy8V-vWg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 53ms
52ms XHR
text/html 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXJnoKMfdjQ_FDbzSiQiQI_tdc0peIDmm5YX8fxY6pGgbrNkTBkHjFGw72IWoxSKm4kx0R1ZJY015oH3EH_-35scs6TO0eocnUdaRgDrgRtoak1MVVvaVO-oQ5UPLsf5XSy8V-vWg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1Sd1_IRikF-wY1PkhJiZZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1Sd1_IRikF-wY1PkhJiZZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmJw1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQListvnWOuAWFjuPKs0EAtxc0zf-2Utm8CDz3dVAMa2Iq4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.btolat.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXJnoKMfdjQ_FDbzSiQiQI_tdc0peIDmm5YX8fxY6pGgbrNkTBkHjFGw72IWoxSKm4kx0R1ZJY015oH3EH_-35scs6TO0eocnUdaRgDrgRtoak1MVVvaVO-oQ5UPLsf5XSy8V-vWg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 57ms
56ms XHR
text/html 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXJnoKMfdjQ_FDbzSiQiQI_tdc0peIDmm5YX8fxY6pGgbrNkTBkHjFGw72IWoxSKm4kx0R1ZJY015oH3EH_-35scs6TO0eocnUdaRgDrgRtoak1MVVvaVO-oQ5UPLsf5XSy8V-vWg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bbG1CzewvTPhu9bnNCiNMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-bbG1CzewvTPhu9bnNCiNMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmII1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQListvnWOuAWFjuPKs0EAtxc0zf-2Utm8CJed_UAMoxImo"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.btolat.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVrRsyeJqIxLM4_mszLUwi12l1WgZd8MDy0661b1XtepzFu0bCxqE06iZupDfDLQsI8nydOkD61VqEYb6Kr0yLHlN2zbfZsPESmQ2tHoUoJ3Ij3_cyjx4ffYSoC330OwIend2wcOg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 84ms
83ms Script
application/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVrRsyeJqIxLM4_mszLUwi12l1WgZd8MDy0661b1XtepzFu0bCxqE06iZupDfDLQsI8nydOkD61VqEYb6Kr0yLHlN2zbfZsPESmQ2tHoUoJ3Ij3_cyjx4ffYSoC330OwIend2wcOg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2ODkyOTUxLDQ4MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5LDZdLG51bGwsMixudWxsLCJlbiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL3d3dy5idG9sYXQuY29tLyIsbnVsbCxbWzgsIkRWajZrMmxRS1VzIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

794198f384403178da7acd2628adad043742db45b3f8419fb7a0f9e2b209eb49

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-qhWq_aoz36MLERJiQvmy5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-qhWq_aoz36MLERJiQvmy5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4K4hxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAvG7Ly-ZeL6-ZJIAYg0gfif5iukbEO_w8WB5Ez6dlStiOitbxXRWPiCOq5vOmgfEfOums-qun8665cx01j1AHPN8OmsKEC9mncG6GoinBM5gnQPELdFANhA7pc9gDQLiz5kzWH8Dcdntc6x1QCwsd55VGoiFuDmm7_2ylk1gxv63pgDnzVuS"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 26B4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06ded308a6e2228c2617ae1b6fe66480541618280b649b97d3dd5402410c2aff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7673 2 KB
1 KB 52ms
52ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0elgAFqNsIg5mHAAbR1vUESaXw8xC1qQ9aDA&u=%7CkBYb1OrAxskeVxWCmYjaJvP68gOESqzvSDZImmQmftk%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPbZQiC09DurE6LvhJEVfnpona7yZr6CGip8a0O0VRnOfDVSJxtXdF-Lkz9iieRXRrJLdnVzeQ_G15K3Sx6jpYdO4GP4omQyX_4L1EODzkeqgSl8E2_vxpWTWH1jow-vpxl2ambypHa3rTFxnrsnesn6jkOCXnBRPITfzHIjxQjrCzepBJUPJnNWDWY2g5UhgNWhFtPMZOWI1KnYBdnZ0GDHPmC9J-IOWBht1dBOJtVRRfBwnrSHP55QPZaALxhRyN0UyZAdsKhk5McU7t5D8pruBv3AWO0Si5OB2MTwVTnVPhEtZwjzGz1HezGHrRp2k0yBoiF5FGEFJ21hDzDoD0DrAtUAaXbX2dfAl048TivHJlhBBXfaXPEy08h5S_RwYPd-GPXXeV6GMrJbuFCg_tkgolMQLtVId9JD9SRMv5JSpooe5oVL10kgrpAmhfv5bakNQKGkMr1urpY0Cf-RF01pfWfFBQTp6l4vVTztTMlkupD0UU6uFDTKLUxZC9egi5UOniubxpmueAZFAAWvHmtfB9XwS8lolhEn1CKhuRsnh2RnwPXpsVYfeRR-zUjobnZE9NtgE8gKhq6vNHCM2PZHVoVUiLROiRz15BuYipE4rCVkJ8Pn0rLLA87LGKlHKdXchi0_GIbMq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu53-lh69ZdvRFoezjvQP1qObyA-cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEngJP0MhkAxbndtPO7a2SLt-IcOugIZeStgAyHWr_cmF7IL3URkifSCD7sEP_mPEw0YKOGE0TbBIvhIDpu2WxeQ65l2Gn20m_grIXrYhpMlUDwZrOHnNcSbFtoof8IO8Wmh1Xt9AmKjfoHfvPsuXVYgwQGSV-3y5CtDUDpkKBJFp4L0y_aACoIl2D4J_jh8K7WV-pOvt4oSKzbzdq9IOlkRljjh2IG7m2sz84Jxy20_-Qw8BSHMYa4Jn4-tyBZMIVG3hqveFw9pan0S-jPrOuJEzaqb20trcRH_7xjpC0NKA6cds04yikMsZYaXSxJlewM_MGBzvj4J2bMqcBwhH1jjIzVSi66HzShsdCM1g7srkJXPWcDFxHeTE-VeMaXFC14AQBgAbypqqq0eLdvHegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYnavU34-NhAP6CwIIAYAMAeINEwjq0tTfj42EAxWHmYMIHdbRBvnQFQGAFwE%26num%3D1%26sig%3DAOD64_3FC_rRwnDjrmPlMEbx9RnqthUVUA%26client%3Dca-pub-5900327121854735%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:51 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 7673 2 KB
1 KB 67ms
67ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:51 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7673 308 B
636 B 53ms
52ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 27 Jan 2025 16:55:51 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 7673 293 B
621 B 52ms
51ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 27 Jan 2025 16:55:51 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 7673 43 B
347 B 31ms
30ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=QV67kB5Innu5wm3HX1fpyuiu4ErT3CwSMD5UYWJC3ziDKUHcBPgzwtTbYtItRH_kVrKhg_z3SILE6SiygSSwLn1QlYemRNy92kmeGNypgt1iOIzrWjvOJNFNNVuwsuWdiZtVSiMr_r3ktfMpYOixhQHsHxKy9g5_8NJ5jTcaKuKiyWZzYu-LUbz5dS-oV5W6tP5r6yWitpLyVdY8iBcje1qhSI-RlH0hlHECxv4CEU2bm0fRFTPuD-ibUB4lQsA-154tT2v0V7a5mfFrI8Cy3ik6mdL_u44V2IWoXiXXcgWRiwfAjCFd5G6fr_KMfEhwVs9QJJUN5gR9uFsfi4ujWmAvUuCi7bTg7aGT_1rckKdlq-jeZ4pAM9V039mHpqRi5aqL4nAH76hyFlDDMEJyxNOLI9STermHUnneJWTAQx-jlee6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:50 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1862087
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 rules-p-effSsmMYCbAck.js Show response
rules.quantcount.com/ Frame 7BC6 160 B
634 B 109ms
24ms Script
application/javascript 2600:9000:21dd:4800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:4800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:54:13 GMT
via: 1.1 0a84c1b70b100e694edd23e638bf7fa8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 98
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 22:21:01 GMT
server: AmazonS3
etag: "435cbd9bc4b3440e866ad1f4f7d1ef02"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: mM3hJR-wGA3XYfUX_bnRWzUSdd_NX_SSqzvA2dKz_0FjrycoB5l0QA==

GET
H2 200 rules-p-Pz67dCqdsHfxh.js Show response
rules.quantcount.com/ Frame 7BC6 160 B
632 B 109ms
25ms Script
application/javascript 2600:9000:21dd:4800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:4800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:28:58 GMT
via: 1.1 0a84c1b70b100e694edd23e638bf7fa8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 1614
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 23:00:33 GMT
server: AmazonS3
etag: "eee1bd1fc55b604b66cd9e63c4f811b8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: Y96E2j-dUP4hCjVc9-YXNtqbPKg2K_anuIVznNO8HG-7gcVl3netRA==

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 7673 12 KB
5 KB 52ms
52ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6255866
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wC03muDcs1GjjdoiNMNDfKClfDV%2BlIIZrB6Io2V3B3E5Bq0bkUCwtduJKteeh2ePbL9kRQCO0BLHdvCjEhxNHF%2FU8FKKAYSbNqGigXWI0lHvx36T3FvAwOiStf54wDZuPSd5zzQBhNY%2BSjofq4u7dPYd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84f3f6d0b8c44bc6-BUF
expires: Wed, 22 Jan 2025 16:55:51 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 7673 12 KB
6 KB 55ms
55ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:51 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 7673 17 KB
17 KB 32ms
30ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=110&m=0&partner=65947&q=80&r=0&u=https%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F65947%2F200117%2Ff16c04a00e9e4da59158962917a2f40e_aed_us_logo_new.png&v=3&w=236&rid=4&s=xIkgSMoeUP8zKLaCBTDmasP8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

57a8fe161358732fbd3ad2e7750d180df7b8f033f88621b93f9a250934e6c3b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 17141
expires: Fri, 10 Jan 2025 00:27:15 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 7673 6 KB
7 KB 34ms
33ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=65947&q=80&r=0&u=https%3A%2F%2Fwww.aed.us%2Fpub%2Fmedia%2Fcatalog%2Fproduct%2Fa%2Fe%2Faedus-defibtech-lifeline-view-4-year-battery.jpg&v=3&w=800&rid=4&s=ogjtZ32b-CdNEsfqYlV4NJIc&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

bab2d19256cb770c2334d1f0280f9a35563b2369389ce62e7945e7d0fa2100c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6574
expires: Sun, 12 Jan 2025 16:51:21 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 7673 11 KB
11 KB 33ms
32ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=65947&q=80&r=0&u=https%3A%2F%2Fwww.aed.us%2Fpub%2Fmedia%2Fcatalog%2Fproduct%2Fz%2Fo%2Fzoll-cpr-d-padz-one-piece-electrode-pad-with-real-cpr-help.jpg&v=3&w=800&rid=4&s=q4oI9PTA4XR0wfI_jRa2yIs1&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

06d3d741cd31435bd2ae69303bd5c04bf62ed156e63b4ae35693e73f8abb104a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 11324
expires: Sun, 12 Jan 2025 16:50:23 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 7673 10 KB
10 KB 32ms
31ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=65947&q=80&r=0&u=https%3A%2F%2Fwww.aed.us%2Fpub%2Fmedia%2Fcatalog%2Fproduct%2Fz%2Fo%2Fzoll-aed-plus-encore-series.jpg&v=3&w=800&rid=4&s=xBPUBz_ulthO3_nxD6eOoGbF&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

19cf03eebb95dc892017074b68f681873de20920c928081963b1e992e56651fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 10398
expires: Sun, 12 Jan 2025 16:50:17 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 7673 0
127 B 29ms
28ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=mNAdkp3FUcIwQf9fD06FbFO9SMfB5GbrSCdadUAjB3_YD6jv3jDh77g4UQ7otMWrgSdW4_Jquebphb4vaoStIjIwfUgiRNfQSBYdIeb-v5itmgh9L34Y8nC9SFYvuUifZ8yOZJNZoNbufTef0ZOSrKFJDQjlIbbikn4bv78CGwkrlns1QL6ljTgSFWUBcXQkruyK9z3-5Cf7Tn59BQl67axSwmVK68F9vSvTrpTc21dtHVL0TUKO1LXaFWHOozTEDdkmVA&sds=2&rev=90469&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 16:55:51 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7673 2 KB
1 KB 52ms
51ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:51 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7673 2 KB
1 KB 52ms
51ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:51 GMT

POST
H3 204 AGSKWxX6w2MQY58K0lpKVMou4pawHTi1a-JlIbQnWwayudUH5VwW1eZNjHlZzjXJN_AYLzGQw8Wrzj7FZCyvJ3BJW1VOeUNAZgETEiffN4bUc6Aqq3plj2GY38y1FC8MXhPs1dg-tg83pA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 50ms
49ms XHR
text/html 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX6w2MQY58K0lpKVMou4pawHTi1a-JlIbQnWwayudUH5VwW1eZNjHlZzjXJN_AYLzGQw8Wrzj7FZCyvJ3BJW1VOeUNAZgETEiffN4bUc6Aqq3plj2GY38y1FC8MXhPs1dg-tg83pA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-K-nPP1ZNfanL_U4UkNUK7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-K-nPP1ZNfanL_U4UkNUK7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmLw0ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQListvnWOuAWFjuPKs0EAtxc0zf-2Utm8COXbcyAcinIpg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.btolat.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 oswald-400.css
static.criteo.net/design/googlefont/oswald/ Frame 7673 2 KB
800 B 70ms
69ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/oswald/oswald-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

0b8a1d9d8eed5af68ed7ce830f43968deefcaa01a3a2fa146b156cc01f6e4a98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f083-639"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:51 GMT

GET
H2 200 oswald-700.css
static.criteo.net/design/googlefont/oswald/ Frame 7673 2 KB
801 B 56ms
56ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/oswald/oswald-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b6d163f6ac847d2ae411128f4a3b9397034b109bff2bfd4db86182761eb1bbd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:16 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f084-639"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:51 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7BC6 0
0 93ms
92ms Fetch
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNeTlwB5ZOSHQ4y1R3l9ZsKs8yN1i7yb9YFk56XiDZsHTB1T8B2pqpbeakTlvkvF8dnYv-t3SccXsGzMUfzuQT1sxmnE497oNEhYIzaC3uWnInCdbgfXR0ZRdt2diNaDmY_aC9-FhsAi-W83PpjXqUQ9_j64U28HEmO0j5phMb38diuJ9eFwTMwvpEiFz1ppguGKTuv09q5084dGv4x3eXxOxUSyUEKKmQejeD1wag3Ta7csUROyx_xgb7DlVKLXEDBoxZT9pD9MO6V53oyHfSu6iy45xrEmVEXZkcjC_HE-ZE1Y250QjikE6hKxRB4wEp5vkpxdbm1Foa24FD8-nAbnx9ZEzgttQ&sai=AMfl-YS1TruTSATTXh6zpc9MQKe4NlBptteMspuJ4yFFvp0R2kCiKoqjVsvvU3DnwHRXjMkUzlcbzr6H5vpqUF1sgIJ1mUaqMogNRY9k6rA7BQy-sAjNxJ7iLSUyJFxoZ_8&sig=Cg0ArKJSzO5k88tmSiccEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 02 Feb 2024 16:55:51 GMT

GET
H2 200 pixel;r=1598027289;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.btolat.com%2F;ref=https%3A%2F%2Fwww.btolat.com%2F;uht=2;fpan=1;fpa=P0-1935350463-1706892951136;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231...
pixel.quantserve.com/ Frame 7BC6 35 B
456 B 39ms
38ms Image
image/gif 2620:116:800b:21:4cb8:1820:80ca:50f7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1598027289;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.btolat.com%2F;ref=https%3A%2F%2Fwww.btolat.com%2F;uht=2;fpan=1;fpa=P0-1935350463-1706892951136;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=btolat.com;dst=0;et=1706892951249;tzo=600;ogl=;ses=f94bf619-43dd-4aae-bf88-f6cb155b8aba;mdl=

Requested by

Host: www.btolat.com
URL: https://www.btolat.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:4cb8:1820:80ca:50f7 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:51 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=1362094074;labels=edge.1%2Csid.16003;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.btolat.com%2F;ref=https%3A%2F%2Fwww.btolat.com%2F;uht=2;fpan=1;fpa=P0-1935350463-1706892951136;pbc=;ns=1;ce...
pixel.quantserve.com/ Frame 7BC6 35 B
551 B 40ms
39ms Image
image/gif 2620:116:800b:21:4cb8:1820:80ca:50f7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1362094074;labels=edge.1%2Csid.16003;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.btolat.com%2F;ref=https%3A%2F%2Fwww.btolat.com%2F;uht=2;fpan=1;fpa=P0-1935350463-1706892951136;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=btolat.com;dst=0;et=1706892951255;tzo=600;ogl=;ses=f94bf619-43dd-4aae-bf88-f6cb155b8aba;mdl=

Requested by

Host: www.btolat.com
URL: https://www.btolat.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:4cb8:1820:80ca:50f7 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:51 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["sid.16003"],"pcode":["p-effSsmMYCbAck"]},{"label":["edge.1"],"pcode":["p-effSsmMYCbAck"]}],"trigger_data":"1"}]}
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 oswald-700-latin.woff2
static.criteo.net/design/googlefont/oswald/ Frame 7673 10 KB
10 KB 45ms
45ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/oswald/oswald-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/oswald/oswald-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/oswald/oswald-700.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f083-27bc"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:51 GMT

GET
H2 200 oswald-400-latin.woff2
static.criteo.net/design/googlefont/oswald/ Frame 7673 10 KB
10 KB 45ms
45ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/oswald/oswald-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/oswald/oswald-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/oswald/oswald-400.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f083-2670"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:51 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 26B4 0
0 98ms
98ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CScWLlh69ZdvRFoezjvQP1qObyA-cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmwJP0MhkAxbndtPO7a2SLt-IcOugIZeStgAyHWr_cmF7IL3URkifSCD7sEP_mPEw0YKOGE0TbBIvhIDpu2WxeQ65l2Gn20m_grIXrYhpMlUDwZrOHnNcSbFtoof8IO8Wmh1Xt9AmKjfoHfvPsuXVYgwQGSV-3y5CtDUDpkKBJFp4L0y_aACoIl2D4J_jh8K7WV-pOvt4oSKzbzdq9IOlkRljjh2IG7m2sz84Jxy20_-Qw8BSHMYa4Jn4-tyBZMIVG3hqveFw9pan0S-jPrOuJEzaqb20trcRH_7xjpC0NKA6cds04yikMsZYaXSxJlewM_MGBzvj4J3ZMIeTBKwe9LvYavw20Zt2N8hqOnYjdiL6JnxVskJrYbD6wdr94AQBgAbypqqq0eLdvHegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYnavU34-NhAOACgH6CwIIAYAMAeINEwjq0tTfj42EAxWHmYMIHdbRBvnQFQGAFwGyFxwKGhIUcHViLTU5MDAzMjcxMjE4NTQ3MzUYlK0c&sigh=p1wTZSjhz6w&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_vQC-SasDyG0mLXC58Ex1Ma1lJpkA4NS_2JkstG_K_BawhRAxYQXWaYJ7HtlT-YrXVFkPYjZu2HBXFihkShDMYOqtitB-u9G23xIYAQ&cbvp=2&vis=1
Requested by: Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 26B4 0
125 B 53ms
52ms Image
text/plain 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=krWSDKW6MHjYBOIinRcCAAAAcsl0vIIIJ7FJ9H-rEJUevWVjiV6Z4pfHDSKmAAASAAAKCkFRVUJDZ0VCQ2c&wp=Zb0elgAFqNsIg5mHAAbR1vUESaXw8xC1qQ9aDA&cbvp=2

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 164468
server: Kestrel
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 108ms
57ms XHR
application/json 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401250101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a00126aee181ced651688d9a051b8a67b64da864333bd8e3f04454a7455bc272

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12303
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 52ms
52ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 16:55:51 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CA58 42 B
64 B 93ms
92ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRNR_4Tdk7mdmhTToEnR0qtmU7JTmWF0p4u5cybpPg_V2FdWaILwoqTPEVb81igsxNIPgrkdzRewbaNCuYXRd8dSIEgPFuEXt7jRhv3kLl0tTawJsW1V0Hk1KLX01dnpk&sig=Cg0ArKJSzKThdiPx4VQeEAE&id=lidar2&mcvt=1000&p=180,125,780,245&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3177319226&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=282575000&rst=1706892950408&rpt=186&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D300 13 KB
5 KB 27ms
25ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.btolat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 74679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 20:11:12 GMT
expires: Fri, 31 Jan 2025 20:11:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FCE9 829 B
1 KB 109ms
51ms Document
text/html 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5579c895275de7a114a70a0a6c4774a7793cb52bbdba5f7e5d760bc1115f556c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9FC5zDt8L5fnxSTMDwI0Cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.btolat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-9FC5zDt8L5fnxSTMDwI0Cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 16:55:51 GMT
expires: Fri, 02 Feb 2024 16:55:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame D300 39 KB
15 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:33:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Jan 2025 16:33:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FCE9 0
0 100ms
99ms Image
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401250101&jk=1677513056325833&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

POST
H2 200 all
csm.us.criteo.net/ Frame 339B 0
127 B 30ms
29ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 16:55:51 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D300 0
10 B 25ms
25ms Image
text/plain 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Fu2yxQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ Frame 92EC 0
680 B 73ms
71ms Script
application/x-javascript 68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to

Full URL: https://udmserve.net/udm/img.fetch?sid=16003;tid=2;dt=7;p=1;rri=1706892950531_603358_96.9.249.40;mid=47859;zzz=%5B47859%2C1706892950%2C%22QP0esRWdr%2FglmzqkAKmMfg%22%5D;version=v2.23.3;cb=0.017149519675945468;qqq=15.527950310559003;session=1;style=slider;vis=visible;traffic_info=%7B%7D;
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: application/x-javascript
Date: Fri, 02 Feb 2024 16:55:51 GMT
Expires: -1d
Connection: Keep-Alive
Content-Length: 0
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT

GET
H2 200 aa.js Show response
q.adrta.com/s/udm/ Frame 92EC 891 B
1 KB 148ms
46ms Script
application/javascript 34.227.136.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://q.adrta.com/s/udm/aa.js?cb=0.057125248
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.136.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-136-147.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a181bd575acac3e33ee0d4eb2f6e098d3e8c79ebcaa91e023c7a40db532982ec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 16:55:52 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 ttj Show response
ib.3lift.com/ Frame 92EC 5 KB
3 KB 123ms
24ms Script
application/javascript 2600:9000:210b:f400:d:c38f:29c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=33Across_HiView_Desktop_Display_RTB
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:f400:d:c38f:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4af04694d8e69474ce2f0170c4f17279b6d16abdb77f166b1a122133d8f13b77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:48:12 GMT
content-encoding: br
via: 1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
age: 469
etag: W/"9233bfbf69b2c6bb4bec4bc0cdf1b9466dd7ca76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: TRlXFz7a8ymH-dxVfSFVO7MoYYcs3D1ANHfgqVNt6O-3YYckmaM3YQ==

GET
H2 200 imp
lbs-event.gcp.lineate-33x.net/ Frame 92EC 68 B
289 B 97ms
34ms Image
image/png 34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbs-event.gcp.lineate-33x.net/imp?id=10be0696712e6b2&bidid=26634200495993808108470&impid=147bc509121c4db&adid=2711_64_11094530&nurl=&randsalt=402518&auctionPrice=0.07&impression=AAAAAD_IayFwdgACAn1Xa4hcZxneObM7l9NbkpZaCZYhBU3K2cl3P9-XYLbJoqkkaaNNLJHCcGbmzO6YuSyzs2kulOpCse6f1ChW80usigYtuL80KEp-iOZHsfESE0FIUNBUpA0qdqXE5z3fZJ2AZn7Md973e-_v875zJnx3c_jPzeEDnNVTZpyJuUhNXWx6gKu43tDMccEbqll_5NUf__17hcrp9977zW_54_l2d-ET9zhTdVWhXFWxTw0P9E-2O51ku66yytZn271m__nFylOHKpxV2c4KGEbtrBw3altl98JCJ302re9rD7drGVelqWzd9-ShA_ujSqd9NK3sTRtH-9sqs_ODfjfdDv9VVjXcxFUuXeWZpJUM2iO9-ibGuE4YPuKEqs8e2b37yKcLXCgr4kFBMu2cPZkvfTdYzuVLa7mV3MSZXFAqncVX7lwurA_7nWRYbfS753PlQXqstjifDNKruUmK-UYuOPzMzVxxz1KrlXT6a7ngqSPLwSSrCr4SFEcJngly4myw8WA6WOz3kk5ltt9dWBqmg68HU08P59PBuSCQcjX41f1W6jg2kWFWWh7FTBgbR7EW0jJP2chYzRnuhAIXTBnHIuIs5sxoz439ATNScCmi2AjuTIRkHWeRZpoJ65nKH6Biboiiw0TOsdhqT9nIScW0ipxwMbOR1bHSLOJcaqdGXIMwFEPcXBuhNfdcFRknYjuSEd6ciKDFwOQ6NlzBiTU8JtJJDs2MNP6gXIXF4fAF1zGKw-CaWetinsWlYJbDt8uccMpVSmhk4WmHuKBkMq5V_iAN1EFERkAB8aBSMG5QRuMdU61JkiEBiwJ5JhSc0SSildYiKwRVXmAY4D8W2jhqktbIHJSU5EIrsuakg0YsBXMjCiIoDgqYMYVnju7QKmWt9Z6U9UwcHM1GavAO6CJE5E0lF5xzFFApxwgXzGW-jFQUMryYEcUiK5mhLjGNEsCZlsagoxa9wiGEReRUVUDPKoCAOugUjyMbO2Nk5IwCFnFAT3gzBEjOkYTnomSWK_IYK8dHrgBhukRehD3KRDLrsiZxRfgEvAA-T1KUOiZICsFkVnuNrK1UAs3SDk1A65VBmhHaKAlCsXQkAnxn1rhAXRCHhiu0B-Wl4gkaF04BSOq2RVwwLiw6eujQ7lqrpeqYLDHdMg01rer1dBp6eprBf1Jvpi5NYdTFgmqtsWey6sIKOgEkGDOyjWJZpwhsMs6QJAAiUNwwMWJC0SowIm2z1qGxWJ9ZrQFvwgzNrpOSjGKSOWeZD0m4FBolF5xQb7LMYQd90yTjYsKnNY4TvqQTWXCIVlGNpSCYYU5phIB1tF7jijBI3NEhsmrEiYBGg00nCRPTCuiZTlRDT-vENhPTEEykjYiipn45y2ksJDYQld-pbMasybZMTCJO4hfCUoZS0MhLKgnqJRjTtNeoCQQRmnxg3O8sOEGjkZ_0d5AEJgEUy6HGvCTzd5wajDnM6kT7SGC5UGWBhRhpokLZdsv2kAOSaH4gazxTRZgibYWnjPfOPGX9HUkqQi3Aa6T2B5XX50mSKIVWhiKzynC_C6gDRAlPCU8pT1HLsnWBCUJGpI_QrD9iQid2JbqLlZltPzKK8ceG0P6SHNNS8hQtbiwz1ALljSUaY4wHedZkOmglIQtsLykRqxehSG22JhXPIjU0QgQuQ3ASmii0WtEPhj-9f531GRNGFaafIewJR0BidEl3lkQYKkVbTEku_CEjLo1E5zAsmoCcHTGta1rpBoBztMqAO0NbC5sh24KUv5YcncCCwgRScfDjDYBg39OCsyz7bYNLjAVQh9E5H_w1OLUl7TVrzWSYbtmxBbiSDBO0JdrSPpbWFtJBI-0N6QKcY-30-aTe7rSHJ8AB0MCb6-Ix7S6ARSrNMRUuM1Z9jKU8qzHGkmQ5meNjZpI5eQclxqiFQb-51BgugrXYTurgDJPGsN0APU8UEQi83atRtLVhu0tpcZf5Tcb8GgplIZlLG0kWrLGgO7XWUqcD1cW2z7PWHy6OKdmsMCPbY2yytThMBsM768jI5lxrPfwXLgThoUEbr277263hxeDBw71mOmj25yoH0mY7iSr7989eCh5uDvTsRz-yr7t3ELePPj04-mSj19nXuRpMUsY3gjwqvxZswC80rxlVQxud0pIt5x-qD5Jmqz9opscb80lvLqXXsnP5Qq8_6Cad1fzE-Xyh9Idbt24VL9x-uJrHa9yN_MRavuDfFX8xefnKKy-2NmyfeXP96cr607X1p7-sP72z_vTu5N_m5j73-tqmmc9OvfjvHQtvvLw68_mpHw2_-MjkJ9-Y-cL60_enbmv8cGoi-7w98-ep3GcKuZcLt25_ct8u5FYLiO4SfV0vTN03MfHzPTcLE2tELxfxtUJfrxT_q_KVsedLxW3ho6MWocsZEtZhwVltMW1sfOmtj__g0Zd-P3OpuDX8wP-T1ZnotudOX_jH1j9C9OHwnrFB2OgTOPLEXf1J7-8bCx8OL7_207v747Vuu7fx1EOv77128kszd0_Dx-Zlfw3ZD4abCcCAbW-xMUjT3rroALjcePk1CuAtCL4vvHfc0igL-UR2c4cOpf3c6Rsz14tTH9u9h8dvF3Nrxfvwdi8Yr3JRxZvJSikovf-rpdshf610cLWU4-dLU2F-qXf0Ap2zBw9cLBXDqeyfyFppW_ih29BHbdhxodmO_4365fK94difjJUyjDSXut0TZ8r50pdzZ8v0N6S8IbyfR0vN7mI6OJZWe-lwtVwOiyPLF-408Wb51Xe--a0Hf_K7XVfLE9fKj81Ef_rZruu7bsLSzn-Vc8vhZBicemElvH-Op7KepHjFaYmWOB8G8_WLIdz9MsxdCRNxmD3-ncdm_gM=
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

GET
H2 200 v1.1.html Show response
cdn.izooto.com/newshub/widgets/2/ 97 KB
23 KB 104ms
42ms XHR
text/html 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/newshub/widgets/2/v1.1.html

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46c82f5a01bae64f72f59003f7fbb4122724c7616016c44a7869457ff27b07ea

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 20 Oct 2023 06:54:24 GMT
server: cloudflare
age: 140233
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 84f3f6d66b624bbd-BUF
x-xss-protection: 1; mode=block
expires: Mon, 04 Mar 2024 16:55:52 GMT

GET
H2 200 r.js Show response
q.adrta.com/s/udm/ Frame 92EC 106 B
314 B 42ms
41ms Script
application/javascript 34.227.136.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://q.adrta.com/s/udm/r.js?v=23.000&rcb=821320&cb=0.057125248
Requested by: Host: q.adrta.com
URL: https://q.adrta.com/s/udm/aa.js?cb=0.057125248
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.136.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-136-147.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 26c083121d34d879a05b5919b41261ad43ade8e2ab52a941cdbdc9aab934ab62

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 16:55:52 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame 92EC 37 B
221 B 124ms
40ms Image
image/gif 34.234.202.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=0.237&ts=1706892951&aid=26634200495993808108470&ec=2711_64_11094530&n=GvwFaHR0cHM6Ly9ydGIudmEudXMuY3JpdGVvLmNvbS90cmlwbGVsaWZ0b3J0YmJhbm5lci9hdWN0aW9uL25vdGlmeT9wcm9maWxlPTI3OCZpbXA9TDUySHFnZ3VTNl9fUWF0ejQzZ0V5cDZXQlgyYzBGSEY4WHNFUEQwZngxYm1BeDVxcUR3RFcxbWYtam91dmgtN1V1ZldCZHk1ZHBvaHN3NnVCQTBCZGNzZGUzc0s3N2ZWTDNXVEFrdl85QUFFN3VtZ2pXcndTcVp2RHJOYlJwRzJ4WmZRdzRXQmJXNld2aW5pcktaME1jV3pqVXR1WlVVcW85UlJhQzY2ZWZlSnVtamlDR3A4Q2JSYjVidGJ5dXRySzN2TFJ0LWtIMThGUVN1NzVjSi1yRkdqRFRqaXp0a3RKX01GbXB5S1VWVHA4alJOS1A1UXVaQ09QT1RjNzZRZDJJeTllM1VsQjk4YWxnb2NfOFExN25YV21IbVFfOW10dzY0eEFxYU5fODJ0eTN6X0t5bWNNMmJrMTBDQ0NNUVlnTWJtSnNuMHRiM25iaWZvdzlmVnkwdmIwZmNWSUNScHg4Sm1neDIwTDVZYnR5VFl6enRhT3pPYURxaG94bllFZ0tadWt6TVZNQ0VMb1lJYmZsMmxlQzk2UjFDZjZLN1ZwcWlrN2k1Vno0VUgtQmtlbDJNaVFzbjNGWFNSNW90TFJzNEFvNU9pbGc2d1F4NWpTNGNnQmRubUZVM1dBS2o4YWdjZldERUFvZXR0WmNzSlBuQ1hDVGR2UmpRM2lYUnY4RFVScVBkUmNZMkdneV9KZy1qS1N0Q3BsbWZOM0NobjJyVDI2MlRQQlFzVnJsZ0ZsSVNhZXZ2WWY0STZVRW9rclQ3T2xlSDVpTEJtaU44Mzd3NVprRTkxMmpXOFFzTlJkV3dqWEkzQVotVzF2MEhna1pyTE1fTWMta2gxRDVKVGZHYVhVMm94amxQb1NhV3pndzVYU3U4LUxQVzk2Yjh5Q0h1cDc0RURPRXfyApsCCAASFzI2NjM0MjAwNDk1OTkzODA4MTA4NDcwGAAgASiXFTBAQAFIAVABYApoAHCZxgGQAQCYAQCoAQC4AdIBwAHtAcgBogLwAQD4AaICgALtAZECAAAAAAAA8D%2BZAgiLwV1aCsc%2FqAIAsAIByAIE2AIA%2BAKyK4ADrAKIA%2FoBkAMCmAMBoAMBqAMLuAPaJcgDANIDCDExMDk0NTMw4APoiWbpAwAAAAAAAAAA8AOiAvkDAAAAAAAAAACABAmJBFK4HoXrUcg%2FoAQEqQQIi8FdWgrHP7gEDcAEJMoEHQgFGQAAAAAAAAAAIQAAAAAAAAAAKaDU0nUSeYS%2F0AQA2gQZMjY2MzQyMDA0OTU5OTM4MDgxMDg0NzAgMeAEAPgCPIgDAJIDBDAxM2KYAwCgA7eeFqgDAA%3D%3D
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.234.202.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-202-79.compute-1.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Feb 2024 16:55:52 GMT
cache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/6d571b4b4389cd889117897edaa600eeb0a6a3bd/dist/ Frame 92EC 196 KB
57 KB 29ms
28ms Script
text/javascript 2600:9000:210b:f400:d:c38f:29c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/6d571b4b4389cd889117897edaa600eeb0a6a3bd/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=33Across_HiView_Desktop_Display_RTB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:f400:d:c38f:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38dea2343096b54df738b3ed21ee159cac78d9ae9ac32226343f7628f1552301

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 18:43:01 GMT
content-encoding: br
via: 1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified: Mon, 29 Jan 2024 18:39:08 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 339172
etag: W/"c43ec50af154eb72b16b41724ea83458"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000, immutable
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: KV8E1lU-yfHrAuWy0CPg2rF050QLhjgdgbki3P2UaijMvtebpn7lHg==

GET
H2 200 cdnf.js Show response
pix.adrta.com/ Frame 92EC 33 KB
12 KB 132ms
40ms Script
application/javascript 18.160.41.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.adrta.com/cdnf.js?v=23.000
Requested by: Host: q.adrta.com
URL: https://q.adrta.com/s/udm/aa.js?cb=0.057125248
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.41.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-41-11.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6d6e1b5a8106e8624cd94dfb25383a222f722bb8fa8817780d91405bccd991b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 13:13:17 GMT
x-amz-version-id: o8Dqn2fSaANd7t63xhmbtoZe_cmSJAMf
content-encoding: gzip
last-modified: Sat, 28 Oct 2023 05:29:11 GMT
server: AmazonS3
via: 1.1 25a2a3d250d148773038ad8acabb820c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
etag: W/"82b6743c32bc1214117ff9c6593e4ac5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 13356
x-amz-cf-id: Pr9Mhohf15A9il1nKL32yLedGOcHxEbWP380587UeWJJxKnUSCsRag==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 26B4 42 B
64 B 92ms
92ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_tZV1ySmNmYwLb9kx3k3zsWQeJ-xNxN8ySnWxtsJBKi5oNWsm8icdquUljQXKl1jbEYj8tWFrjHMEKNp8AwOhffwy27YkiI6lutFNixVMWLKuFHLh1-GJ5WbwcEpa46M&sig=Cg0ArKJSzB_Vxaf6O5q7EAE&id=lidar2&mcvt=1004&p=180,1354,780,1474&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1262678493&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=282575100&rst=1706892950970&rpt=143&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dyn
eb2.3lift.com/ 37 B
139 B 109ms
35ms Image
image/gif 52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/dyn?long1=20230221&string1=26634200495993808108470&cb=90522
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 notify
tlx.3lift.com/s2s/ 37 B
220 B 42ms
41ms Image
image/gif 34.234.202.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=0.237&ts=1706892951&aid=26634200495993808108470&ec=2711_64_11094530&n=GvwFaHR0cHM6Ly9ydGIudmEudXMuY3JpdGVvLmNvbS90cmlwbGVsaWZ0b3J0YmJhbm5lci9hdWN0aW9uL25vdGlmeT9wcm9maWxlPTI3OCZpbXA9TDUySHFnZ3VTNl9fUWF0ejQzZ0V5cDZXQlgyYzBGSEY4WHNFUEQwZngxYm1BeDVxcUR3RFcxbWYtam91dmgtN1V1ZldCZHk1ZHBvaHN3NnVCQTBCZGNzZGUzc0s3N2ZWTDNXVEFrdl85QUFFN3VtZ2pXcndTcVp2RHJOYlJwRzJ4WmZRdzRXQmJXNld2aW5pcktaME1jV3pqVXR1WlVVcW85UlJhQzY2ZWZlSnVtamlDR3A4Q2JSYjVidGJ5dXRySzN2TFJ0LWtIMThGUVN1NzVjSi1yRkdqRFRqaXp0a3RKX01GbXB5S1VWVHA4alJOS1A1UXVaQ09QT1RjNzZRZDJJeTllM1VsQjk4YWxnb2NfOFExN25YV21IbVFfOW10dzY0eEFxYU5fODJ0eTN6X0t5bWNNMmJrMTBDQ0NNUVlnTWJtSnNuMHRiM25iaWZvdzlmVnkwdmIwZmNWSUNScHg4Sm1neDIwTDVZYnR5VFl6enRhT3pPYURxaG94bllFZ0tadWt6TVZNQ0VMb1lJYmZsMmxlQzk2UjFDZjZLN1ZwcWlrN2k1Vno0VUgtQmtlbDJNaVFzbjNGWFNSNW90TFJzNEFvNU9pbGc2d1F4NWpTNGNnQmRubUZVM1dBS2o4YWdjZldERUFvZXR0WmNzSlBuQ1hDVGR2UmpRM2lYUnY4RFVScVBkUmNZMkdneV9KZy1qS1N0Q3BsbWZOM0NobjJyVDI2MlRQQlFzVnJsZ0ZsSVNhZXZ2WWY0STZVRW9rclQ3T2xlSDVpTEJtaU44Mzd3NVprRTkxMmpXOFFzTlJkV3dqWEkzQVotVzF2MEhna1pyTE1fTWMta2gxRDVKVGZHYVhVMm94amxQb1NhV3pndzVYU3U4LUxQVzk2Yjh5Q0h1cDc0RURPRXfyApsCCAASFzI2NjM0MjAwNDk1OTkzODA4MTA4NDcwGAAgASiXFTBAQAFIAVABYApoAHCZxgGQAQCYAQCoAQC4AdIBwAHtAcgBogLwAQD4AaICgALtAZECAAAAAAAA8D%2BZAgiLwV1aCsc%2FqAIAsAIByAIE2AIA%2BAKyK4ADrAKIA%2FoBkAMCmAMBoAMBqAMLuAPaJcgDANIDCDExMDk0NTMw4APoiWbpAwAAAAAAAAAA8AOiAvkDAAAAAAAAAACABAmJBFK4HoXrUcg%2FoAQEqQQIi8FdWgrHP7gEDcAEJMoEHQgFGQAAAAAAAAAAIQAAAAAAAAAAKaDU0nUSeYS%2F0AQA2gQZMjY2MzQyMDA0OTU5OTM4MDgxMDg0NzAgMeAEAPgCPIgDAJIDBDAxM2KYAwCgA7eeFqgDAA%3D%3D&b=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.234.202.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-202-79.compute-1.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Feb 2024 16:55:52 GMT
cache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 r
eb2.3lift.com/ 37 B
140 B 101ms
31ms Image
image/gif 52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=33Across_HiView_Desktop_Display_RTB&aid=26634200495993808108470&rev=6d571b4&pr=un&bc=AAABjWq_forWJOTByTedfiwzus3urmstrhKUbg%3D%3D&bmid=2711&biid=5554&sid=64&brid=25369&adid=11094530&crid=1672424&ts=1706892951&bcud=290&ss=60&unid=0&domain=www.btolat.com&ref=https%253A%252F%252Fwww.btolat.com%252F&rr=creative&fid=10&rb=0&g=0&tmplid=249330&cb=79278
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 pe
eb2.3lift.com/ 37 B
139 B 103ms
33ms Image
image/gif 52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?inv_code=33Across_HiView_Desktop_Display_RTB&aid=26634200495993808108470&rev=6d571b4&peid=1&fid=10&tid=0&cb=77270
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 dyn
eb2.3lift.com/ 37 B
139 B 103ms
33ms Image
image/gif 52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/dyn?long1=230710&string1=26634200495993808108470&string2=tc_new&cb=16766
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 92EC 3 KB
3 KB 27ms
26ms Image
image/png 2600:9000:210b:f400:d:c38f:29c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:210b:f400:d:c38f:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 02:47:59 GMT
via: 1.1 208179bfee14e9f51f5eb16e238b2f6c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
age: 137274
x-amz-cf-pop: EWR53-C3
etag: "ddf020e069f1706b72b7698b28fede09"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3125
x-amz-cf-id: 3G-fJGBANocnApWY8xw30s8Dlxkc0IOcvQQa7haGGaJoJRqMu27Xug==

GET
H3 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 92EC 3 KB
4 KB 26ms
25ms Image
image/png 2600:9000:210b:f400:d:c38f:29c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:210b:f400:d:c38f:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 02:47:59 GMT
via: 1.1 208179bfee14e9f51f5eb16e238b2f6c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
age: 137274
x-amz-cf-pop: EWR53-C3
etag: "7ceab27af00fa466072a3c3360041755"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3518
x-amz-cf-id: WfRAmhgycZZo_4e0zrlnT53Wz1zVOgaUeIMwHiGZYPN-bJzw1oMlSQ==

GET
H2 200 ctar
eb2.3lift.com/ 37 B
139 B 99ms
32ms Image
image/gif 52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ctar?inv_code=33Across_HiView_Desktop_Display_RTB&aid=26634200495993808108470&rev=6d571b4&cta_render_method=1&cta_render_text=&cb=80747
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame D88F 154 KB
49 KB 157ms
157ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=AAABjWq_forWJOTByTedfiwzus3urmstrhKUbg==&u=%7CECTiOiLbtrcCMssJaKqiK2ylmiSST%2B0xq0tXeRSAvr0%3D%7C&c1=SEEq4vz4aLAYktY1lOO9P1-5t829v_C2AVI79eRMpCeERC383T9inH8CF6gtJy5Ol3WtUyPR2Dw3LfzcR7ZXdorWj5H66lBLcRnaS_VDz3yhxNnxYN0qE7yJccG2g7to97wQ32VQDlC--TqGHMP4h9NDusRl-FCmHLyn3PaX0XHvxBGWJ4JiB_jApBJzvOZsUBtEvdWtwV1dCBQVwuoEN_TJDhcKXjzUPdIZJ2XF1_6Dl4riZ2jl37fkztGzLQZGR83by2Qkx2V7grHSGoaz-OLDPS1lNDmQqPAqVi75PNbZxeXpi3isAqS1wCSmyvOmV1IB4OTAk1wjsqn2v4t_xFbXxpoBWZ0_64C7mH0z35_BmGT9IUkcjbq_Hckcwayg51EeoIar-Cu-P1TeRPSIWd_fkKqTZCxZ2HIhbLPlHlfa8L-ZJuVDSXS43QNBalRN0CkHD5QqfOL7EByecHtnMpHUBtx6rERp9T-dkGQUvp-NPaIr_KKS-1fZpRNoBk07JSRvo-eo63lZRDZwI3_4XEJx4SXEArrTnPvIiZDmqJ-17rXCl3CujlTvwhaYXoDgUZ-Dz001V8SLayjLCQfyierrLUngsgjJKSWs7ohQgQhzeFEOgFsjbA0kQXatcsj1U_UpeQ8D2VU7TAsgLgyDwzZOl4xsDYmTsZbEF--XuV6q--T3mdV1u0pEbxN2vYkxqMt0FtXZ5n0PCijuDOCafA&ct0=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3D33Across_HiView_Desktop_Display_RTB%26aid%3D26634200495993808108470%26rev%3D6d571b4%26pr%3D0.237%26bc%3DAAABjWq_forWJOTByTedfiwzus3urmstrhKUbg%253D%253D%26bmid%3D2711%26biid%3D5554%26sid%3D64%26brid%3D25369%26adid%3D11094530%26crid%3D1672424%26ts%3D1706892951%26bcud%3D290%26ss%3D60%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D75459%26rdir%3D

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/6d571b4b4389cd889117897edaa600eeb0a6a3bd/dist/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e9971329da8a078d119880b5107c02931267f6dda16085575125f9511f8f15ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.btolat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 16:55:51 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=IBDegJ3FUcIwQf9fXETFYQw88MdqUZ9huA7WTZD6bvrCWt7h4QA_4Hek8kdd8FqFB2BQe0fgoxWpKqPF3V8ccapoIv1V3GDZ75Az5b0tiKlEJkxRo5-G2pyM7rynK91w_hozO2EIS1VCPMVHc9C0mPfjaRsUOj7dnjk85C8viekooYdYi8Oj5WGT7Ff69h8NUAU1Qh58-FHwqn3N-9fu6yQO7bAs6k84rJHwF1Fa3YlEAo_p4NYhKRSCDH4UK8DZ9g7zkw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 112009521
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 aop
eb2.3lift.com/ 37 B
139 B 93ms
35ms Image
image/gif 52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=33Across_HiView_Desktop_Display_RTB&aid=26634200495993808108470&rev=6d571b4&pr=un&bc=AAABjWq_forWJOTByTedfiwzus3urmstrhKUbg%3D%3D&bmid=2711&biid=5554&sid=64&brid=25369&adid=11094530&crid=1672424&ts=1706892951&bcud=290&ss=60&unid=0&domain=www.btolat.com&ref=https%253A%252F%252Fwww.btolat.com%252F&rr=creative&fid=10&rb=0&g=0&tmplid=249330&cb=11398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 dr
eb2.3lift.com/ 37 B
139 B 32ms
31ms Image
image/gif 52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/dr?inv_code=33Across_HiView_Desktop_Display_RTB&aid=26634200495993808108470&rev=6d571b4&disclosure_render_method=3&disclosure_render_text=Learn%20more&cb=62471
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

200

sync Show response
eb2.3lift.com/ Frame E929
Redirect Chain

https://eb2.3lift.com/sync?max=10&gdpr=false&cb=99163
https://eb2.3lift.com/sync?max=10&gdpr=false&cb=99163&ld=1

1 KB
2 KB

32ms
31ms

Document
text/html

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=99163&ld=1
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/6d571b4b4389cd889117897edaa600eeb0a6a3bd/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: a5a5eec0a638c2e8cbc85741f40b515f6b554852d5f93c99d6627a0d08a1c376

Request headers

Referer: https://www.btolat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1343
content-type: text/html; charset=utf-8
date: Fri, 02 Feb 2024 16:55:52 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Fri, 02 Feb 2024 16:55:52 GMT
location: /sync?max=10&gdpr=false&cb=99163&ld=1
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 ev1
eb2.3lift.com/ 37 B
139 B 32ms
32ms Image
image/gif 52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ev1?inv_code=33Across_HiView_Desktop_Display_RTB&aid=26634200495993808108470&rev=6d571b4&pr=0.237&bc=AAABjWq_forWJOTByTedfiwzus3urmstrhKUbg%3D%3D&bmid=2711&biid=5554&sid=64&brid=25369&adid=11094530&crid=1672424&ts=1706892951&bcud=290&ss=60&unid=0&cepos=0&ceid=0&cb=37736
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

POST
H2 200 all
csm.us.criteo.net/ Frame 7673 0
127 B 29ms
29ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 16:55:51 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 / Show response
ipv6.adrta.com/ Frame 92EC 130 B
243 B 275ms
82ms Script
text/javascript 2600:1f14:b4f:4b01:7091:955:d445:d0bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ipv6.adrta.com/?callback=_1706892952276

Requested by

Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f14:b4f:4b01:7091:955:d445:d0bb Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e2772ea954281d04b4e4572eaa56fcaeffdce140f854a8b635973e1fb36acffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
content-type: text/javascript; charset=utf-8

GET
H2 200 i Show response
adrta.com/ Frame 92EC 143 B
271 B 143ms
40ms Script
text/javascript 52.207.14.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adrta.com/i?cb=77493296&__aasv=23.001&__aaii=16775149935104503375&__aait=1706892952097&__aavz=600&__aaib=1&__aaai=1&__aaaa=0&__aafl=1200&__aaaf=1&__aaag=7&__aahd=%7B%22chrome%22%3A1%7D&__aaax=0&__aaay=0&__aasz=300x250&__aapf=0&__aaec=4&__aaup=1&__aaae=0&__aaat=0&__aaav=0&__aaas=0&__aaah=0&__aaph=0&__aapw=0&__aapc=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=0.057125248&__aaxf=96.9.249.40%2C%2010.1.1.241&__aaci=udm&paid=udm&avid=1484&caid=9377&plid=47859&siteId=16003&publisherId=3204&kv14=UDM_MEDIA&kv5=edge&kv3=3913BAD1-0648-3F54-ADDD-A38D0D38D469&kv4=96.9.249.40&kv24=Desktop&kv12=16003_1_slider&kv6=&kv8=&kv9=&kv11=69d42eb928006a3&kv2=btolat.com&__aapu=https%3A%2F%2Fwww.btolat.com%2F&__aapr=&__aatu=https%3A%2F%2Fwww.btolat.com
Requested by: Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.14.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-14-250.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7a1da8457df27511da04c224a43b88bed9d535c943949a0b2935612f9081d90e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: text/javascript;charset=ISO-8859-1
pragma: no-cache
date: Fri, 02 Feb 2024 16:55:52 GMT
cache-control: no-cache
content-encoding: gzip
server: nginx
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7BC6 42 B
64 B 92ms
91ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss48wfSNjujC8jvzW9mCQNpASKYbE0d7zIZstSqEkr1ZhjvBWmokS0rHBWNzpKqf1syDGA08d2cQ3BIQuPYXBBFYcztsMIsxsK7HpSj3K0tdPW4THS_np1lx1ICfubIDUamfRWCyyuGgPxFkMEAtjusEWJw&sig=Cg0ArKJSzBUQEGJd1rzBEAE&id=lidar2&mcvt=1021&p=1002,0,1252,300&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20240131&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2063569840&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=282575000&rst=1706892950251&rpt=1006&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame E929
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=9f10ebaf-c646-4db0-8c16-f9857643db0f&dongle=0cfd&gdpr=0&gdpr_consent=

37 B
354 B

33ms
32ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=9f10ebaf-c646-4db0-8c16-f9857643db0f&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=99163&ld=1
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 02 Feb 2024 16:55:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=3658&xuid=9f10ebaf-c646-4db0-8c16-f9857643db0f&dongle=0cfd&gdpr=0&gdpr_consent=
date: Fri, 02 Feb 2024 16:55:52 GMT
server: Kestrel
content-length: 251

GET
H2

200

ebda
eb2.3lift.com/ Frame E929
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE4Mjc0MTU1OTQ3MDQwMjQzNDA3MA%3D%3D
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
139 B

32ms
31ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=99163&ld=1
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame E929
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEAmw6wxt0vBxZaZCr7fVFug&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
354 B

32ms
32ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEAmw6wxt0vBxZaZCr7fVFug&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=99163&ld=1
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 02 Feb 2024 16:55:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEAmw6wxt0vBxZaZCr7fVFug&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E929
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE4Mjc0MTU1OTQ3MDQwMjQzNDA3MA%3D%3D

170 B
243 B

49ms
49ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE4Mjc0MTU1OTQ3MDQwMjQzNDA3MA%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=99163&ld=1

Protocol

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE4Mjc0MTU1OTQ3MDQwMjQzNDA3MA%3D%3D
date: Fri, 02 Feb 2024 16:55:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame E929 0
630 B 362ms
278ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1182741559470402434070&dbredirect=true&gdpr=0&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=99163&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 82E5D30E9AFF484FB963C272B5B8D77F Ref B: NYCEDGE1716 Ref C: 2024-02-02T16:55:52Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQaPwb/x/VjAE+aPeebA==

GET
H2

200

xuid
eb2.3lift.com/ Frame E929
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/1182741559470402434070?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-MdTeugxE2oSGzjPoOeoBAzUCaZYBCLwj_NGzgj5fbQ--~A&dongle=0883

37 B
354 B

33ms
32ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-MdTeugxE2oSGzjPoOeoBAzUCaZYBCLwj_NGzgj5fbQ--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=99163&ld=1
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 02 Feb 2024 16:55:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Fri, 02 Feb 2024 16:55:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-MdTeugxE2oSGzjPoOeoBAzUCaZYBCLwj_NGzgj5fbQ--~A&dongle=0883
content-length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame E929
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=1182741559470402434070&gdpr=0&gdpr_consent=${GDPR_CONSENT}
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=1182741559470402434070&gdpr=0&gdpr_consent=${GDPR_CONSENT}
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift
https://x.bidswitch.net/sync?dsp_id=70&user_id=3117114042597968690&ssp=triplelift
https://eb2.3lift.com/xuid?mid=2409&xuid=ff2036f8-d120-4770-9c22-ae1b86d2707e&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

37 B
354 B

34ms
34ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=ff2036f8-d120-4770-9c22-ae1b86d2707e&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=99163&ld=1
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 02 Feb 2024 16:55:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=2409&xuid=ff2036f8-d120-4770-9c22-ae1b86d2707e&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date: Fri, 02 Feb 2024 16:55:53 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame E929 43 B
363 B 106ms
30ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=99163&ld=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:51 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 254680
expires: Fri, 02 Feb 2024 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame E929
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=6768969262973248592&dongle=4d58&gdpr=0&gdpr_consent=

37 B
354 B

33ms
32ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=6768969262973248592&dongle=4d58&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=99163&ld=1
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 02 Feb 2024 16:55:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:52 GMT
an-x-request-uuid: 7d7112f8-9314-462e-bb4e-a0c4e6b92238
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://eb2.3lift.com/xuid?mid=3335&xuid=6768969262973248592&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin: 96.9.249.40; 96.9.249.40; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 setuid
ib.adnxs.com/prebid/ Frame E929 43 B
1 KB 59ms
58ms Image
image/gif 68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=1182741559470402434070

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=99163&ld=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:52 GMT
an-x-request-uuid: 6ea8d8e3-32cf-4668-bb4a-42d48123eb58
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.40; 96.9.249.40; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 latest.json Show response
nh.iz.do/nh/e33a2420443e20bfa49b78c813eaacc658f872b9/ 838 B
597 B 185ms
60ms XHR
application/json 2606:4700::6811:3663
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nh.iz.do/nh/e33a2420443e20bfa49b78c813eaacc658f872b9/latest.json

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:3663 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5942eefe94f05d709e07d3370bcc6f18e29d455239ebec6f820a4a308b6cbfba

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Feb 2024 16:31:57 GMT
server: cloudflare
age: 25
etag: W/"65bd18fd-346"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=1200
cf-ray: 84f3f6d8cb764bd5-BUF
x-xss-protection: 1; mode=block
expires: Fri, 02 Feb 2024 17:15:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 99ms
99ms Image
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401250101&jk=1677513056325833&bg=!ZmWlZSrNAAa8BdJLnAU7ADQBe5WfOHF7vZmOhU6KLW-plYsQJvYGsHkLckaKNrbpE8juFyI2PjJHCTP5CfmVm-coD4ruAgAAAEdSAAAAA2gBBwoADR6PNYrrpXM2ExV8FnCZAsob72WFIrIo8KG4QOrUMFRdoojesWbkNeKcSPKkjnV0w1SLc1ZUOZdpBaMFZDvf9WRS4P2OSTpQRkKW6rk5wj9rgXIk4PfNr-zoASM-mf6kmmHxFyQjoUXLMtelkYdzDxDZi3QVzHalkwlP9h0MOioDmEregTER96Cg1rBhCaCJX-HI_0oWU6TIamIzGSNWE23yMZPiNOZH30krggOPG5nzyIn_tsGgS246wRfRv2g5wMjldsXnEhIo8C0RFLn9K7CgrG2xUzZ7H9w3MHxIa0bGc_bq7q47mrrgj8F_DuVMOUMRf8ytX9BHixTiZn26wEpH5aFmLhsLcNIiwiCdTyA-D4zgenDss-Kd1KDV0DMYPdGhzZdEodozCjiVhfM7ewd0bRZZliW-QTtfKz6JGhlvAJepJ52yVGCURbj66tSibWL20lo3SxiKWjwdtlRPm1Hiw-lsopwBQ9ZxEaiLTtGAUAB7lT7jLzk_TT97zBCH1GntKSCmYq4hC0p1idfZFZI7NYVI4xAaSVhXeyKo2ikn6nqIZGAFNouH3-dkAhiePFPSimJyUhgkphMsTIsVDKilXB2XywykQEgGahsMAQUl2VeNHacBER54691lVfAWdB7x1xJ100WDv1l6rfA8KXkVPufFF7ybeixMTvNwcVmP0oQB0tsJ7NHm8EvBzOtUaxw__4zzPK3Ccw6UeNHz69xP5qw_eOwxDIZCLq1E-OrPepZWJ7Gj0bTEYNNewrEwZZ4X9DBR1z_GpMA3A_uDXL2axMXDptTxhg2oFdN61BLl9vW4Mt3WdCoupo4xllAEUhGHvSLiThbUlXrS1Fswt1fiLdEF8G4LsoRw5dTcAOa5SN_uEDs3Yj5l748YwUQQwngtOa3M-QBRKb9ZclUMt-el1k7taO-HkArj6qsrylvCv1r-kuDk1QGi661aKjLwbbWufz_jNJgs-GA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D88F 2 KB
1 KB 50ms
48ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=AAABjWq_forWJOTByTedfiwzus3urmstrhKUbg==&u=%7CECTiOiLbtrcCMssJaKqiK2ylmiSST%2B0xq0tXeRSAvr0%3D%7C&c1=SEEq4vz4aLAYktY1lOO9P1-5t829v_C2AVI79eRMpCeERC383T9inH8CF6gtJy5Ol3WtUyPR2Dw3LfzcR7ZXdorWj5H66lBLcRnaS_VDz3yhxNnxYN0qE7yJccG2g7to97wQ32VQDlC--TqGHMP4h9NDusRl-FCmHLyn3PaX0XHvxBGWJ4JiB_jApBJzvOZsUBtEvdWtwV1dCBQVwuoEN_TJDhcKXjzUPdIZJ2XF1_6Dl4riZ2jl37fkztGzLQZGR83by2Qkx2V7grHSGoaz-OLDPS1lNDmQqPAqVi75PNbZxeXpi3isAqS1wCSmyvOmV1IB4OTAk1wjsqn2v4t_xFbXxpoBWZ0_64C7mH0z35_BmGT9IUkcjbq_Hckcwayg51EeoIar-Cu-P1TeRPSIWd_fkKqTZCxZ2HIhbLPlHlfa8L-ZJuVDSXS43QNBalRN0CkHD5QqfOL7EByecHtnMpHUBtx6rERp9T-dkGQUvp-NPaIr_KKS-1fZpRNoBk07JSRvo-eo63lZRDZwI3_4XEJx4SXEArrTnPvIiZDmqJ-17rXCl3CujlTvwhaYXoDgUZ-Dz001V8SLayjLCQfyierrLUngsgjJKSWs7ohQgQhzeFEOgFsjbA0kQXatcsj1U_UpeQ8D2VU7TAsgLgyDwzZOl4xsDYmTsZbEF--XuV6q--T3mdV1u0pEbxN2vYkxqMt0FtXZ5n0PCijuDOCafA&ct0=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3D33Across_HiView_Desktop_Display_RTB%26aid%3D26634200495993808108470%26rev%3D6d571b4%26pr%3D0.237%26bc%3DAAABjWq_forWJOTByTedfiwzus3urmstrhKUbg%253D%253D%26bmid%3D2711%26biid%3D5554%26sid%3D64%26brid%3D25369%26adid%3D11094530%26crid%3D1672424%26ts%3D1706892951%26bcud%3D290%26ss%3D60%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D75459%26rdir%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:52 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame D88F 2 KB
1 KB 51ms
50ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:52 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D88F 308 B
636 B 51ms
50ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 27 Jan 2025 16:55:52 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D88F 293 B
621 B 52ms
51ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 27 Jan 2025 16:55:52 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame D88F 43 B
347 B 35ms
35ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=c9bEBRJD3pw0pxyUp6xt_rXr0vzqmPII1QRDW39kkVEHWC1_4bxDwhFTtrF2Aw51co6yx8HqSttAVdCftERws5sKYud5DSl8twAiX_TvNBwYQuVxyLMZJ531eg4uhV4iBPRDWVCKDyXJz4V_qYEPDbG1S_C_Z72FtvCrSYbUyv4Od8J2d6Stj54dawGGnL9Kq1svK_GFgUmW1mdElRJ7d-Q4hvsGxfAitSblhuCP-Oj-w1aDxZQ9v8882eL0CaRMhW6XFLgPsNtUeCpoTPqLdLvPzIqVlZBXf4d_RVWq9j905dU6kmevaxrViEXNnUK_NydsfVVHzie7dnELj09y2CdFGIMKZK1HQX23XhOL3to7lY6ESSO8_MC7cjxFaWZrgdNRb4vIk_0skF5bs0XbiFMriJzEnIhOHoEW-wo95REy6u6Zk393EFX9W3qUuI8W5ot9mw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:52 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4971110
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dis.aspx Show response
widget.va.us.criteo.com/dis/ Frame 8849 28 B
472 B 107ms
31ms Document
text/html 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.va.us.criteo.com/dis/dis.aspx?pu=87961&cb=65bd1e98f3a2ea5581f9fcefdd336707&r=https%3a%2f%2fwww.btolat.com%2f&crossorigin=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

28246fc455ed80a6d38f2779e518e2fb49031680c01ae393a7cae3d04462daf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Fri, 02 Feb 2024 16:55:51 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1593786
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D88F 12 KB
6 KB 54ms
54ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:52 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D88F 32 KB
32 KB 37ms
31ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49635&q=80&r=0&u=https%3A%2F%2Fmedia.bradfordexchange.com%2Fimage%2Fupload%2Fd_bxus_default.png%2Fw_600%2Ch_600%2Cq_auto%2Cf_auto%2Ce_sharpen%3A100%2Fdatafeed-images%2F922804_nca&v=3&w=400&rid=44&s=gexkR9Nhh09IlhvVMuUq70ey&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

bafaeefbb707009e6b0679fe20173e0c5ce936812f89254b79408a45a675dabe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 32492
expires: Wed, 15 Jan 2025 01:41:57 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D88F 21 KB
21 KB 35ms
29ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49635&q=80&r=0&u=https%3A%2F%2Fmedia.bradfordexchange.com%2Fimage%2Fupload%2Fd_bxus_default.png%2Fw_600%2Ch_600%2Cq_auto%2Cf_auto%2Ce_sharpen%3A100%2Fdatafeed-images%2F923179_nca&v=3&w=400&rid=44&s=5wbukz6_b8mfvuQjVPqzyluc&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

6ada9859bfe0473d4e974a7a20285312e9898cc6c0e1a5c3bd3f2d6c43f5e0fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 21602
expires: Tue, 14 Jan 2025 00:52:19 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D88F 25 KB
26 KB 39ms
33ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49635&q=80&r=0&u=https%3A%2F%2Fmedia.bradfordexchange.com%2Fimage%2Fupload%2Fd_bxus_default.png%2Fw_600%2Ch_600%2Cq_auto%2Cf_auto%2Ce_sharpen%3A100%2Fdatafeed-images%2F922208_nca&v=3&w=400&rid=44&s=7LD2bvwZL2P-WCFzeiQT7zVz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f59ea4e1ad6bed241182bdf4ace7a1e70edcfdee9b20fc02528f1a0260b2360e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 25890
expires: Tue, 21 Jan 2025 08:30:27 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D88F 1 KB
1 KB 36ms
30ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=76&m=0&partner=49635&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F49635%2F190814%2F80d75fe547214969b05a6cd024fced45_bex_logo.jpg&v=3&w=596&rid=44&s=mFocKlCAAkFvH2euNheEoPz_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

956985b694383ea62cd9be68c31def57c2edf1db137f66e12f3b41a39bb50166

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 1118
expires: Tue, 31 Dec 2024 01:52:52 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame D88F 0
127 B 37ms
31ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=IBDegJ3FUcIwQf9fXETFYQw88MdqUZ9huA7WTZD6bvrCWt7h4QA_4Hek8kdd8FqFB2BQe0fgoxWpKqPF3V8ccapoIv1V3GDZ75Az5b0tiKlEJkxRo5-G2pyM7rynK91w_hozO2EIS1VCPMVHc9C0mPfjaRsUOj7dnjk85C8viekooYdYi8Oj5WGT7Ff69h8NUAU1Qh58-FHwqn3N-9fu6yQO7bAs6k84rJHwF1Fa3YlEAo_p4NYhKRSCDH4UK8DZ9g7zkw&sds=2&rev=90469&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 16:55:51 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D88F 2 KB
1 KB 53ms
49ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:52 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D88F 2 KB
1 KB 50ms
47ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:52 GMT

POST
H/1.1 200
OK radApi Show response
edge.udmserve.net/ 20 B
160 B 328ms
78ms XHR
application/json 68.71.249.120
PERFORMIVE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.udmserve.net/radApi
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.120 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS: underdogmedia.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 02 Feb 2024 16:55:52 GMT
Content-Length: 20
Content-Type: application/json

GET
H2 200 i Show response
adrta.com/ Frame 92EC 15 B
172 B 40ms
40ms Script
text/javascript 52.207.14.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adrta.com/i?cb=14272348&__aasv=23.001&__aaii=16775149935104503375&__aait=1706892952097&__aasi=15499156055406744842&__aast=1706892952048&__aavi=106184943854201948&__aavt=1706892952048&__aavz=600&__aaib=1&__aaai=1&__aaaa=1&__aafl=1200&__aaaf=1&__aaag=7&__aahd=%7B%22chrome%22%3A1%7D&__aarf=7&__aart=200&__aacd=1&__aaax=1300&__aaay=950&__aasz=300x250&__aapf=1&__aaec=4&__aaup=2&__aaat=100&__aaae=1&__aaav=0&__aaas=222&__aaah=0&__aapc=100&__aaph=4316&__aapw=1600&__aap1=1&__aap2=0.39&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=0.057125248&__aaxf=96.9.249.40%2C%2010.1.1.241&__aaci=udm&paid=udm&avid=1484&caid=9377&plid=47859&siteId=16003&publisherId=3204&kv14=UDM_MEDIA&kv5=edge&kv3=3913BAD1-0648-3F54-ADDD-A38D0D38D469&kv4=96.9.249.40&kv24=Desktop&kv12=16003_1_slider&kv6=&kv8=&kv9=&kv11=69d42eb928006a3&kv2=btolat.com&__aapu=https%3A%2F%2Fwww.btolat.com%2F&__aapr=&__aatu=https%3A%2F%2Fwww.btolat.com
Requested by: Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.14.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-14-250.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: text/javascript;charset=ISO-8859-1
pragma: no-cache
date: Fri, 02 Feb 2024 16:55:52 GMT
cache-control: no-cache
server: nginx
content-length: 15
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 i Show response
adrta.com/ Frame 92EC 15 B
172 B 72ms
71ms Script
text/javascript 52.207.14.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adrta.com/i?cb=88902354&__aasv=23.001&__aaii=16775149935104503375&__aait=1706892952097&__aasi=15499156055406744842&__aast=1706892952048&__aavi=106184943854201948&__aavt=1706892952048&__aavz=600&__aaib=1&__aaai=1&__aaaa=1&__aafl=1200&__aaaf=1&__aaag=7&__aahd=%7B%22chrome%22%3A1%7D&__aarf=7&__aart=200&__aacd=1&__aaax=1300&__aaay=950&__aasz=300x250&__aapf=1&__aaec=4&__aaup=3&__aaat=800&__aaae=1&__aaav=1&__aaas=811&__aaah=0&__aapc=800&__aaph=4316&__aapw=1600&__aap1=1&__aap2=0.39&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=0.057125248&__aaxf=96.9.249.40%2C%2010.1.1.241&__aas21=2602%3Affc8%3A2%3A104%3A%3A11&__aas23=2602%3Affc8%3A2%3A104%3A%3A11%2C%2010.2.1.214&__aaci=udm&paid=udm&avid=1484&caid=9377&plid=47859&siteId=16003&publisherId=3204&kv14=UDM_MEDIA&kv5=edge&kv3=3913BAD1-0648-3F54-ADDD-A38D0D38D469&kv4=96.9.249.40&kv24=Desktop&kv12=16003_1_slider&kv6=&kv8=&kv9=&kv11=69d42eb928006a3&kv2=btolat.com&__aapu=https%3A%2F%2Fwww.btolat.com%2F&__aapr=&__aatu=https%3A%2F%2Fwww.btolat.com
Requested by: Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.14.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-14-250.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: text/javascript;charset=ISO-8859-1
pragma: no-cache
date: Fri, 02 Feb 2024 16:55:53 GMT
cache-control: no-cache
server: nginx
content-length: 15
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ev
eb2.3lift.com/ 37 B
139 B 31ms
31ms Image
image/gif 52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ev?inv_code=33Across_HiView_Desktop_Display_RTB&aid=26634200495993808108470&rev=6d571b4&pr=0.237&bc=AAABjWq_forWJOTByTedfiwzus3urmstrhKUbg%3D%3D&bmid=2711&biid=5554&sid=64&brid=25369&adid=11094530&crid=1672424&ts=1706892951&bcud=290&ss=60&unid=0&cepos=0&ceid=0&cb=86867
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

POST
H2 200 all
csm.us.criteo.net/ Frame D88F 0
127 B 30ms
30ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 16:55:53 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 container.html Show response
60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 128C 6 KB
3 KB 27ms
26ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.btolat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 16:55:50 GMT
expires: Sat, 01 Feb 2025 16:55:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 6B3E 206 KB
59 KB 157ms
156ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0elgANasMIg6HuAA9ybul8Cj60xBSii6u38w&u=%7CkBYb1OrAxsm8nYiblcw%2B3XVjkhToP2hYzH296UCOj%2BU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQY7vZHtQjj3j9oagF2XCmsd8eXN_YDv36Yf6L6lz_aNl-EjT8feMAh7YTJCXL7ShZNXK0CKfc8Q9PEzXMHONns-yiklnc0qOr4CUKbhAVVWcw0gFaYVtfLmyXHOjSTv9Zr_PIpyGADH5yQ8a1M8vFX7NgH4BnZTN2d0SQYxNA-1LHoBM366I-t_rJnpvW7wrKiGvlyvmc4I3nz2--VnXdM9tFhrtdZAp0nEv0Yhp_lDSf761TCcQAAvj32rdjNBWbN_rbHcYftzhbx9e5RmfCWls8QpHFlXCcUwNJU17fbdKbiHv2EfaCQwNd6NJtHkTv-9dZGGBtPwOBGdNL65pe0g3j0nJDuNByWZtf9HlSJKf4nUPH5fL6idhgY39eIOWnQau-w6ndDfQNB0wp9-umSXKO3zXSTcoUr-V9GAcTlEHe5NpPoSrulo3HCqJtUlWUYz_plQdcoINTo7FDlVnmZNLHXYUUjVZplGNmYZMI3xa4xPrODetChiOhc-9SJbgZsQ4EzfyY8axRM0swGBMnGLb9tNOvsG7bSxcmXUw68wxvQb-pw9gF6g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC257ilh69ZcPVNe7DjvQP7uS9wAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoElQJP0BBiGluBEt1hMJ95Z0kHXLnRjKt_GJceNXHb_9jfOc1UxIMeNHYRIWHX4sVBEQBpXOPGWPRZJAkqqd7iWWxyIyURF9RkxPJpDrtnFW6v2qzU8bCkxTt7St0vGrem-1xJzm4qxCrnsNNO1BNQiIVkSLJdrWyFdS7uDyl3TJzRk_I-2Wy9I6m_gcOd2LdthqdpCtLUWKZv2GpxSNStQK15rgilcLgvrcNUHXikxz_LLtHPlUPk172JOXofuwNspIJdclnpCckLzRxAKUHxidRMeXB8iyBB9dngau39lx8EWhCmvFVB87DFagCndjXVY9fpYbBLt20h4DmDwlgA2NNWGYwXtcX0klk32Ti6Pj-_zQZz1mI24AQBgAbXh_W_3oqG4tgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJuv1N-PjYQD-gsCCAGADAHiDRMImtfU34-NhAMV7qGDCB1ucg8Y0BUBgBcB%26num%3D1%26sig%3DAOD64_0VpsoTkeNlVxS8IClkPb512H62gA%26client%3Dca-pub-5900327121854735%26adurl%3D

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

89ac5c8a72482bddaa170e5dd1ac1fa2d1eff5ef048e509e77055dd4128f1e45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 16:55:53 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=KE0DQJ3FUcIwQf9fFRumyo6Rj49CRkaLma40QCaTB8_vugtmLQ04MQsGF4FE2OCGHyvDnlsOPkoljPOR6Fj6JDzQ9FBRarlmcZS-BAhtn1Vicz4yEGjH6HaPO35f-auiQTuvCq2E0nkRzvLJbv2To7UrCRs0KK1uD08krgJs3FBnVXIFynxweB5iZ11Q9eB96MsaPa_I7Nqyq--l5GoRM82RGD6EIBmLevhEEZi3NtEou8aHjoZZmDRbf6Cco4iPWBJoDA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 111036822
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 128C 3 KB
1 KB 27ms
25ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:53:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 128C 20 KB
8 KB 28ms
25ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:53:36 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 128C 24 KB
6 KB 29ms
26ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:16:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 113974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 31 Jan 2025 09:16:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 128C 205 KB
65 KB 51ms
49ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:55:53 GMT

GET
DATA 200
OK truncated
/ Frame 128C 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a88ebf574e066bd228e2d6c4efd1042c8dfddef60534f3ffc83832f57866ff2c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 128C 0
0 101ms
100ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHAIjlh69ZcPVNe7DjvQP7uS9wAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEkgJP0BBiGluBEt1hMJ95Z0kHXLnRjKt_GJceNXHb_9jfOc1UxIMeNHYRIWHX4sVBEQBpXOPGWPRZJAkqqd7iWWxyIyURF9RkxPJpDrtnFW6v2qzU8bCkxTt7St0vGrem-1xJzm4qxCrnsNNO1BNQiIVkSLJdrWyFdS7uDyl3TJzRk_I-2Wy9I6m_gcOd2LdthqdpCtLUWKZv2GpxSNStQK15rgilcLgvrcNUHXikxz_LLtHPlUPk172JOXofuwNspIJdclnpCckLzRxAKUHxidRMeXB8iyBB9dngau39lx8EWhCmvFVB87DFagCndjWXYfd7pw2gzeTK3-0P-7-kadx-EKIPcV4H6ND-ZyaWJr57WT-U4AQBgAbXh_W_3oqG4tgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJuv1N-PjYQDgAoB-gsCCAGADAHiDRMImtfU34-NhAMV7qGDCB1ucg8Y0BUBgBcBshccChoSFHB1Yi01OTAwMzI3MTIxODU0NzM1GJStHA&sigh=ydyte40kG0o&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_Y2BY_rHujzFJ6SQlqZyIrEy5q2L_OiYpQMzKBi_GPztWw_Ylt6alXsdo_TYY3ha5MIa4ZMmSF8XPXZjW6u1GYkkWRjqCX_0KmQEYAQ&cbvp=2&vis=1
Requested by: Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 128C 0
125 B 61ms
60ms Image
text/plain 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kuHSFdWCMKwC-gHiIp0XAgAAAAoULoG-lxmXSfR_qxCWHr1loD3Rmu71gWDL-wAAEgAACgpBUVVEQ2dFQkNn&wp=Zb0elgANasMIg6HuAA9ybul8Cj60xBSii6u38w&cbvp=2

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:53 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 213343
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6B3E 2 KB
1 KB 50ms
50ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0elgANasMIg6HuAA9ybul8Cj60xBSii6u38w&u=%7CkBYb1OrAxsm8nYiblcw%2B3XVjkhToP2hYzH296UCOj%2BU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQY7vZHtQjj3j9oagF2XCmsd8eXN_YDv36Yf6L6lz_aNl-EjT8feMAh7YTJCXL7ShZNXK0CKfc8Q9PEzXMHONns-yiklnc0qOr4CUKbhAVVWcw0gFaYVtfLmyXHOjSTv9Zr_PIpyGADH5yQ8a1M8vFX7NgH4BnZTN2d0SQYxNA-1LHoBM366I-t_rJnpvW7wrKiGvlyvmc4I3nz2--VnXdM9tFhrtdZAp0nEv0Yhp_lDSf761TCcQAAvj32rdjNBWbN_rbHcYftzhbx9e5RmfCWls8QpHFlXCcUwNJU17fbdKbiHv2EfaCQwNd6NJtHkTv-9dZGGBtPwOBGdNL65pe0g3j0nJDuNByWZtf9HlSJKf4nUPH5fL6idhgY39eIOWnQau-w6ndDfQNB0wp9-umSXKO3zXSTcoUr-V9GAcTlEHe5NpPoSrulo3HCqJtUlWUYz_plQdcoINTo7FDlVnmZNLHXYUUjVZplGNmYZMI3xa4xPrODetChiOhc-9SJbgZsQ4EzfyY8axRM0swGBMnGLb9tNOvsG7bSxcmXUw68wxvQb-pw9gF6g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC257ilh69ZcPVNe7DjvQP7uS9wAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoElQJP0BBiGluBEt1hMJ95Z0kHXLnRjKt_GJceNXHb_9jfOc1UxIMeNHYRIWHX4sVBEQBpXOPGWPRZJAkqqd7iWWxyIyURF9RkxPJpDrtnFW6v2qzU8bCkxTt7St0vGrem-1xJzm4qxCrnsNNO1BNQiIVkSLJdrWyFdS7uDyl3TJzRk_I-2Wy9I6m_gcOd2LdthqdpCtLUWKZv2GpxSNStQK15rgilcLgvrcNUHXikxz_LLtHPlUPk172JOXofuwNspIJdclnpCckLzRxAKUHxidRMeXB8iyBB9dngau39lx8EWhCmvFVB87DFagCndjXVY9fpYbBLt20h4DmDwlgA2NNWGYwXtcX0klk32Ti6Pj-_zQZz1mI24AQBgAbXh_W_3oqG4tgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJuv1N-PjYQD-gsCCAGADAHiDRMImtfU34-NhAMV7qGDCB1ucg8Y0BUBgBcB%26num%3D1%26sig%3DAOD64_0VpsoTkeNlVxS8IClkPb512H62gA%26client%3Dca-pub-5900327121854735%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 6B3E 2 KB
1 KB 51ms
50ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6B3E 308 B
636 B 53ms
52ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 6B3E 293 B
621 B 49ms
49ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 6B3E 43 B
347 B 35ms
34ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=jHIcOZW9UW_MO_BYjRt90oIhqinV3dzsV1fjon8KFRviv6OmC5SMx9bEbTJE6w4lxJBqpVFPM5CsESwHfFsRn9uLLpuogm7rrVUlU7U8fPL6pOl4a42nXRulgRs4Glg8ZhTK75QkcDltaNxpadFhTlqWn7w6EmQURrvZohr0ZfKVV5aqsA-iKohV68TbY4S8_AzTCzSbo5LsUeUKd5dQ5v0wR2ehLXzZSG8RyNRRm5W-hwEBA7gulD0hcbAOkjPECfXkHdzc0i50P7NPdpPRn4-_D7Gw5ncVxU9gIvPVppic_2cIxkskHH965o3QdPmnjPyVWPDfW32EwBZY5IQjL01r1xRY6gfYwrlQNuPc7bqLGF7nCmt_ZwKyC6utacLlt_Keq_fyGJga6lPE74uxjJBIjuHQyD0TnlPdhPAvOycxtwAQPL_4ZxylQTGiAMkA4TAiEw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4501944
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6B3E 12 KB
6 KB 63ms
63ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 6B3E 11 KB
11 KB 35ms
33ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=76&m=0&partner=100785&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F100785%2F230221%2F149d51260c774f4ab6ea9aaaeef8a0dd_logo_n_horizontal.png&v=3&w=596&rid=4&s=ZF5UkiqHwv2_Z6LKiTamofdT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8b1d19cea7be46f8a2330c4e33f66b525f2f864c3f3d9e326ba0abfcc1bdcab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 11138
expires: Fri, 03 Jan 2025 01:26:47 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 6B3E 8 KB
8 KB 32ms
30ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Fproducts%2Fwb-ebook-cover-main.jpg%3Fv%3D1655467876&v=3&w=400&rid=4&s=Zr9WiV2MINlfZiNFpeAhI0zd&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

beb00a215efa07f175d2da5d59bea3578ae9c67b1699cea139ee9f4b44e53a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 8462
expires: Thu, 16 Jan 2025 13:10:30 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 6B3E 21 KB
21 KB 34ms
32ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Ffiles%2FFA-01-A0001AA_962d361a-e70a-4b5c-92c3-4a064d483ec7.jpg%3Fv%3D1694967992&v=3&w=400&rid=4&s=IM0wuG9ha47Fiqfm4aSR3da_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2fe101c0179046604a21b2762c7e7e44d98646267727910c9fb30383eab3302e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 21568
expires: Fri, 17 Jan 2025 20:58:26 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 6B3E 19 KB
19 KB 33ms
31ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Ffiles%2FFA-01-A000001BA_5d8b6af8-85af-40ae-8057-c0779ec410ee.jpg%3Fv%3D1702455025&v=3&w=400&rid=4&s=t7rnM4g5eTUCazHMQmIdE2Gg&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b3878d13a99341ea76a01f302cafdeebc46c68a7f7aa19147082cbfb982bff9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 19578
expires: Sat, 18 Jan 2025 12:08:44 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 6B3E 17 KB
18 KB 35ms
34ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Ffiles%2FXM-04-O2BA.jpg%3Fv%3D1699370057&v=3&w=400&rid=4&s=YvQ_kg5JuUKSgnyHPPwwzhr9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

290ee15eacb8b58fc7928de2588910d1a5ed2f868b5a178bb0fbf22b2d17271a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 17848
expires: Fri, 10 Jan 2025 13:51:50 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 6B3E 16 KB
16 KB 37ms
36ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Fproducts%2FTR-04-I5BA.jpg%3Fv%3D1632004060&v=3&w=400&rid=4&s=QHi5nieJSpDZWYV7noBODA_j&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d7a62b14778a5e0ccf6040168302eb509cdf9d1a0e8f7f025f7f542efcbd2d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 16042
expires: Fri, 17 Jan 2025 22:40:46 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 6B3E 19 KB
19 KB 36ms
35ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Fproducts%2FSG-02-I1AA.jpg%3Fv%3D1678451159&v=3&w=400&rid=4&s=V5sSr-IHIcsMqor74TpNXTiD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4dfc1bab17adc509be26562eb2313772bef775cf21acda5956fa979d163f76a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 18980
expires: Thu, 26 Dec 2024 04:44:27 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 6B3E 64 KB
64 KB 38ms
37ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=1200&m=0&partner=100785&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F100785%2F230221%2Fa1f1d9acee684a4c843e84bcacde2456_77.jpg&v=3&w=1200&rid=4&s=HvHB8EWGqjkGxZ34h2ydT93F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2c765616d0bb062058d466d27b37704e0478b15d3e0f35d1b4e32a2cccde8d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 65476
expires: Sat, 28 Dec 2024 23:41:15 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 6B3E 0
127 B 29ms
29ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=KE0DQJ3FUcIwQf9fFRumyo6Rj49CRkaLma40QCaTB8_vugtmLQ04MQsGF4FE2OCGHyvDnlsOPkoljPOR6Fj6JDzQ9FBRarlmcZS-BAhtn1Vicz4yEGjH6HaPO35f-auiQTuvCq2E0nkRzvLJbv2To7UrCRs0KK1uD08krgJs3FBnVXIFynxweB5iZ11Q9eB96MsaPa_I7Nqyq--l5GoRM82RGD6EIBmLevhEEZi3NtEou8aHjoZZmDRbf6Cco4iPWBJoDA&sds=2&rev=90469&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 16:55:54 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6B3E 2 KB
1 KB 54ms
54ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6B3E 2 KB
1 KB 50ms
50ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H3 200 container.html Show response
60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5472 6 KB
3 KB 25ms
25ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.btolat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 16:55:50 GMT
expires: Sat, 01 Feb 2025 16:55:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 6C80 159 KB
53 KB 111ms
110ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0emQAMpQ4Ig4eTAA8CFuswBxgr4ablNWw4SQ&u=%7CwIJv8w3ot1X8eOYuj3ztAQHaz%2FcJeiLZ11hi5idVTls%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF00opj_B2EsD7W496DX6MjdNTaYZlf7v6EHQNsiikQKEomdJuyseGT5R892w8ma3yNWo2OrnSkSS9h8VukPxY0Nb1VHIAdCWAaQbp4ORADFDv6iPuzbxEED0qwjX4SNDHspXMRAe4L_iyBTCAHAi0PEIeVVyyfIrZCLncGfgvESsJAlqysrseYvqM37G44EEdkEuW5HLrIvqzwY4zoHPxxNn0QbHzxX-zbPo1DevfNvvT-8WOB-fMeJPk6IcxPn5KH5C3eCo04eQwAO_1MUZNDy5NOvWu1uOapvsJ9mzUsAZ3QKUWvh_BLKaS6UgAhS-S2iTDqwq7qfImFfte7mSF0S_FJBSr_-sEvICQ5PoOaPN3HaUi-Qoxo0k1Be8a6ntjjhHa0tn-cJ1bhUwiR9JQcMaJRW5JFkO8fDlinambxkes7K4u3d3PIJgndc5XO1YPRkBRu5WqztjHZvpz37OHdndI_AM1Qyo-JoEgJA4V36j4CCUCylUR2D-YoqMSEt3tjTbNGTApXzCcCUy_ITEsA1YF8Or1iF9ZpyQO7y4K-1yJQd6mNg8eihQW-qBGnrRdPiiR6yWufwWi0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIhgmmR69ZY7KMpOPjvQPloS8oA2cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmwJP0KDULmoBX7GeEJDk0QhnyrmXH6gaPNGILGFPDn1nOcElaPYfFFruHsJ6CeQYzQrpQGuxupYdy8Pep4UVkujRRN4rWrIdKEUOeGBLA6lTCsihoIoJtQAFbUcva3odqU_lyJrB3vRQjgolSKuhYMT0UymTPaeFN__7PKCNe4g0ltwTroEMA3aiLJpvWBLqcK-pI7Xng1BBviHjyGMbsOKmvm7z3iuu2QG4ndQEjSPgZ5n_hse_FD1eD8ry3tq2Kj708bnvxPzBlhz6FhZ4ixZdpTmOEVfgSawdadGXLk4QlfDHJ-ylw07NlgTK1XTpoU7-UrWhVcmWbtW2Pdblxuay1ob_csLs44Jzjp6_l9r2IdBQvvy7dFeeSQQF4AQBgAbRy_uu6uro4Z8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WIWl1N-PjYQD-gsCCAGADAHiDRMIlNLU34-NhAMVk4eDCB0WAg_U0BUBgBcB%26num%3D1%26sig%3DAOD64_3U-Sf6s463lmyk3G4Xv1pyNjNBTg%26client%3Dca-pub-5900327121854735%26adurl%3D

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e5c38833863ce59fe58c2b7a919eda09412f51e310a514b30c38c9d6ef1c7cd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 16:55:54 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=JeM3rp3FUcIwQf9f-PV_DtVbfm6D8LhfJzef92u8HdpWVIC183JCFk0XsO3i9btC6UlJ0PUwPGN3sm1AmVoQwMoLNBOURvnOk_hnLSStkyb04Eiq1BKlRIsuKbx5uEa0j6nWSGU2rTA7_7oqXH5pfor23qe6RgMmz5aUQ5vLsmvcBNVrBjrHo2hkFoBhwp2khxJ7e7IFcXRXZJ0Sve_f-XohLUQLNo42gNjO0z62nBU9xbH6j7tEaIrO5a2qmD92eLnL7g"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 67857230
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 5472 3 KB
1 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:53:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 5472 20 KB
8 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:53:36 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5472 24 KB
6 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:16:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 113975
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 31 Jan 2025 09:16:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5472 205 KB
65 KB 53ms
53ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:55:54 GMT

GET
DATA 200
OK truncated
/ Frame 5472 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d5adc616d52749a81bdb59144742b3daa4a29cc797bd756bb10cd4b8f2bf613

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5472 0
0 98ms
97ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CjEXOmR69ZY7KMpOPjvQPloS8oA2cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmAJP0KDULmoBX7GeEJDk0QhnyrmXH6gaPNGILGFPDn1nOcElaPYfFFruHsJ6CeQYzQrpQGuxupYdy8Pep4UVkujRRN4rWrIdKEUOeGBLA6lTCsihoIoJtQAFbUcva3odqU_lyJrB3vRQjgolSKuhYMT0UymTPaeFN__7PKCNe4g0ltwTroEMA3aiLJpvWBLqcK-pI7Xng1BBviHjyGMbsOKmvm7z3iuu2QG4ndQEjSPgZ5n_hse_FD1eD8ry3tq2Kj708bnvxPzBlhz6FhZ4ixZdpTmOEVfgSawdadGXLk4QlfDHJ-ylw07NlgTK1XTpoU7-UrXjV-kEqGhdR18O-TI-72Fbw83E6qxrSgVM7VM_n858pn1_4G554AQBgAbRy_uu6uro4Z8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WIWl1N-PjYQDgAoB-gsCCAGADAHiDRMIlNLU34-NhAMVk4eDCB0WAg_U0BUBgBcBshccChoSFHB1Yi01OTAwMzI3MTIxODU0NzM1GJStHA&sigh=ia3OepiMkHI&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_FVg2mC1WhAYsjeULVXBAz3KCPl6rY-GrXhrTXqYYcYNVZLjfRv_sqkQmK9VIHZF16AFvsxAILcW2FF61ohlPyNxOwJ9sxWeR3gAYAQ&cbvp=2&vis=1
Requested by: Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 5472 0
125 B 63ms
62ms Image
text/plain 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=ksLMGNeCMNgFWuIinRcCAAAAVZvUPwPuTyJJ9H-rEJkevWWqPbqKtvRCmI7kAAASAAAKCkFRVUJDZ0VCQ2c&wp=Zb0emQAMpQ4Ig4eTAA8CFuswBxgr4ablNWw4SQ&cbvp=2

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:53 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 351301
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6C80 2 KB
1 KB 54ms
53ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0emQAMpQ4Ig4eTAA8CFuswBxgr4ablNWw4SQ&u=%7CwIJv8w3ot1X8eOYuj3ztAQHaz%2FcJeiLZ11hi5idVTls%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF00opj_B2EsD7W496DX6MjdNTaYZlf7v6EHQNsiikQKEomdJuyseGT5R892w8ma3yNWo2OrnSkSS9h8VukPxY0Nb1VHIAdCWAaQbp4ORADFDv6iPuzbxEED0qwjX4SNDHspXMRAe4L_iyBTCAHAi0PEIeVVyyfIrZCLncGfgvESsJAlqysrseYvqM37G44EEdkEuW5HLrIvqzwY4zoHPxxNn0QbHzxX-zbPo1DevfNvvT-8WOB-fMeJPk6IcxPn5KH5C3eCo04eQwAO_1MUZNDy5NOvWu1uOapvsJ9mzUsAZ3QKUWvh_BLKaS6UgAhS-S2iTDqwq7qfImFfte7mSF0S_FJBSr_-sEvICQ5PoOaPN3HaUi-Qoxo0k1Be8a6ntjjhHa0tn-cJ1bhUwiR9JQcMaJRW5JFkO8fDlinambxkes7K4u3d3PIJgndc5XO1YPRkBRu5WqztjHZvpz37OHdndI_AM1Qyo-JoEgJA4V36j4CCUCylUR2D-YoqMSEt3tjTbNGTApXzCcCUy_ITEsA1YF8Or1iF9ZpyQO7y4K-1yJQd6mNg8eihQW-qBGnrRdPiiR6yWufwWi0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIhgmmR69ZY7KMpOPjvQPloS8oA2cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmwJP0KDULmoBX7GeEJDk0QhnyrmXH6gaPNGILGFPDn1nOcElaPYfFFruHsJ6CeQYzQrpQGuxupYdy8Pep4UVkujRRN4rWrIdKEUOeGBLA6lTCsihoIoJtQAFbUcva3odqU_lyJrB3vRQjgolSKuhYMT0UymTPaeFN__7PKCNe4g0ltwTroEMA3aiLJpvWBLqcK-pI7Xng1BBviHjyGMbsOKmvm7z3iuu2QG4ndQEjSPgZ5n_hse_FD1eD8ry3tq2Kj708bnvxPzBlhz6FhZ4ixZdpTmOEVfgSawdadGXLk4QlfDHJ-ylw07NlgTK1XTpoU7-UrWhVcmWbtW2Pdblxuay1ob_csLs44Jzjp6_l9r2IdBQvvy7dFeeSQQF4AQBgAbRy_uu6uro4Z8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WIWl1N-PjYQD-gsCCAGADAHiDRMIlNLU34-NhAMVk4eDCB0WAg_U0BUBgBcB%26num%3D1%26sig%3DAOD64_3U-Sf6s463lmyk3G4Xv1pyNjNBTg%26client%3Dca-pub-5900327121854735%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 6C80 2 KB
1 KB 53ms
52ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6C80 308 B
636 B 53ms
52ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 6C80 293 B
621 B 54ms
53ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 6C80 43 B
347 B 35ms
34ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=1mCJrKZ06RUpT8km2SXI595JIRWEkH3LY7KT47hEpEHR0jCWgAT4_tpxTd_NFSZYcqhZ3Hgv1CI_qz5j4wW-i-YVuxYH-pO0jhRK1Fh1q8BRMeBNnHfieiSCtyalq4W0F-8Y3ovk9-mlzV0JAfKqtOg8RxVUR-cDW_Wt3Psa3bgq1sfK6RgKtb0Q8BMyzOY-CQcvc5TcctNTO_qvlvEI87zhsB8oy1sTITQncUvdo9wvwjPfbfBGfQIi0WABNV-Myj0FCKX47QHA1VN7xM1jZFp3fNrcYsYC2Lo-ojin00SE12MKarxax2gGZ2lVFTwuzg_uYC_1DbMv0RRQu8vHjF5L_V0D1GFjFvFUwgeZzXEJ0olNhoeJIVH75Tfi1FxWoPZd4V_39d24AE0r3yBZ34TGx2xfHslyRm98g1nUCgx9RKUl

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 5513251
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6C80 12 KB
6 KB 58ms
58ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 6C80 7 KB
7 KB 32ms
31ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=176&m=0&partner=96241&q=80&r=0&u=https%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F96241%2F5029324%2F542acb4f52544568a2939e48c9286d4e_untitled_design_%2834%29.png&v=3&w=256&rid=4&s=zhCBx2iJlnQ0HwIrlRe2Ur9W

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

73e79073e66c1b19307580216c5b86ee24adcae9d62785fd6fafd98a8a580762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 7263
expires: Wed, 08 Jan 2025 03:32:36 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 6C80 14 KB
14 KB 31ms
30ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96241&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1740%2F0017%2Ffiles%2FBedFrameImage.png%3F_%3D1700809578%26v%3D1700809578&v=3&w=800&rid=4&s=lKwaZ5tfPGFv67sSDmPlMKUo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

22f84d5fa7738252545393a318cbce0d7402d558740038184a6c7f28c3fa55cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 13946
expires: Mon, 20 Jan 2025 02:29:32 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 6C80 21 KB
21 KB 32ms
32ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96241&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1740%2F0017%2Fproducts%2FDesktopImage6.png%3F_%3D1691385791%26v%3D1691385791&v=3&w=800&rid=4&s=nAxpAT-hF9KFce3eaYguBO_A&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ab89a73dfe6b53831724660baa5eca23390e6344a93eeff5836a82be7dd2ae1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 21129
expires: Tue, 07 Jan 2025 02:48:39 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 6C80 10 KB
11 KB 31ms
30ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96241&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1740%2F0017%2Ffiles%2Fpuffy-royal-mattress-image-v2.jpg%3F_%3D1700240995%26v%3D1700240995&v=3&w=800&rid=4&s=8aklmp6BUmCsZzAIVsMVwvXL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

a2093b08e230bcafef78c492eb1a9690b23b9c9d3a6a9ccdb21ec5d1c32e905f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 10688
expires: Mon, 13 Jan 2025 01:41:12 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 6C80 0
127 B 29ms
29ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=JeM3rp3FUcIwQf9f-PV_DtVbfm6D8LhfJzef92u8HdpWVIC183JCFk0XsO3i9btC6UlJ0PUwPGN3sm1AmVoQwMoLNBOURvnOk_hnLSStkyb04Eiq1BKlRIsuKbx5uEa0j6nWSGU2rTA7_7oqXH5pfor23qe6RgMmz5aUQ5vLsmvcBNVrBjrHo2hkFoBhwp2khxJ7e7IFcXRXZJ0Sve_f-XohLUQLNo42gNjO0z62nBU9xbH6j7tEaIrO5a2qmD92eLnL7g&sds=2&rev=90469&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 16:55:54 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6C80 2 KB
1 KB 50ms
50ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6C80 2 KB
1 KB 51ms
51ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H3 200 boxl.jpg
img.btolat.com/2023/11/28/photogallery/684/ 16 KB
16 KB 39ms
38ms Image
image/jpeg 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/2023/11/28/photogallery/684/boxl.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ad70f36f63dc51313fbaa3178e3e347de8774f1096e2f41bafd5968d628823e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 16063
last-modified: Tue, 28 Nov 2023 17:21:31 GMT
server: cloudflare
etag: "45ea9541f22da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1pbIqjX5XbO1lc4IYPD9ZA8ovNw4WyOVj%2BUsitQ3keN0iWotXkZM%2BO9Jp0RiFMXRDlCIEp3rEonKAXIgXYqrwJ1D4U%2F0DDMfUFjkw7F0ZLhH2d7zQ2FrNSSb3PBMU9SGvAM%2B7af%2Fw%2BIZsptxw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f6e54cf74bd3-BUF

GET
H3 200 container.html Show response
60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4E49 6 KB
3 KB 25ms
25ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.btolat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 16:55:50 GMT
expires: Sat, 01 Feb 2025 16:55:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 654A 0
0 93ms
92ms Fetch
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVODWCiUs3-qyvcuZa2hGmLyTNxv1U09W_aEgN0hyRqtyC8XcowTilFO7jTHUhTdkEiE_Uc8UXHhvaviU-tXjRw1zfo8Og-c7T9HDMa74o1H2VTNrA3T_BH6HVpyP8udcq1pRhZSGRxdkY2_2Bp2NQI4a7QoLp4s9ooAfP-utaDiVekgyzFQgWntLfde4wZxjmJuDLYQ3NCgG6xImRyqpSyhv_uQN0cuHyJtOy2e-7w2TYgLwlpZI7mEDDPJvpQbMeDuRmJOLYtwl9hfuCQJI8k4PRUI6PLdW0vFKBRejtxfLWSSFYSvIszZpxbNjrJVyI86HXh3N53Ytfw6LYeMTMGQ&sai=AMfl-YRl0eeR4TkiAQczxJQr8GA2xqmpbjAPkyF_ag7uYy8Rq59fMZ2NkGV8GeEen8tNvIiu8PnPZKwIBW1nv-dA5_9Nun5OhW1FNYnJNKGl5w_9e7wu7zUPrSKiubOx5G5KfWpMZYct4gHupBoqYf738A0&sig=Cg0ArKJSzIIogQRs-WOeEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.btolat.com
URL: https://www.btolat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 654A 3 KB
1 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:53:36 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 654A 205 KB
65 KB 75ms
75ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:55:54 GMT

GET
H3 200 8135120046462446828
tpc.googlesyndication.com/simgad/ Frame 654A 126 KB
126 KB 28ms
27ms Image
image/jpeg 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8135120046462446828

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d763512aa9db6d4ab91078318b5fecf6c8d8b4458a7439daba34d1ffef7b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 16:53:19 GMT
date: Thu, 01 Feb 2024 16:53:19 GMT
x-content-type-options: nosniff
age: 86555
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128963
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 14:24:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 654A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26bebe969f16408013116298a3ac4f27d8e8dbff1aca4f1f74b66697e63d202

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 71F3 158 KB
52 KB 97ms
96ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0emgACAvEIg4pGAAGWvy7nIUJk7cwS1QwxGw&u=%7CzxgZEKA86t2L8os7O1Y0y1am9YOsacCZg49zTNJ4AD8%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEaYXno-Gq7T0yJV3NMKe2X672y8vz046MeyG6-CLenxUrtSuZ341Y-n2sxdfhlZqEutOPOaGBCMAVdDcn25PNr_f23Fxd_O06XdeRX_GH1nZ1QTCwzVSAFOrHj2ARUyt8iOzAwRYbpZi4EpzoYSb5XWT35l0r-VMYZJzGNlERjYMdJiHk4arcXO8Ain1Cyr7qgmMXv0tvoDvM8KIr7pmN29Cle8cRQEW_dPuT3tp0iD3o7T9uP1Qu2sjf-y38KG1v3ieK7HjrjWr-06SOc5Z27afFqSLAwtVWisd-8jdHmzlN14JBRA5F2iYzkO8rA4EBL_83FjccRbR3ujcPwsh1Z0RSQO0qFf0Pqrwzn8syOQcBlOFVmXNk1Bc9FY3fpp8kLuJyNdX_1fzcwRQ5gGCzy25EuXhVKllZY1ZMnYY-OKlY5jEPq89H3gLPv6MhifLfF29jUdlOB0pULhxbiv2I4NuKTIV_YDIbdEruBf3a-kzCyZRMFWqjUKgo_6t9p6v74sgYuUpwquRD1MaSqUuGJcS6Ch5t_bOnG2aLnko8gTLkzWXMdORcGmj9Pa3B33tgIEMdF1ZUgQhIZU0aJy7JGs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjJjbmh69ZfGFCMaUjvQPv62GkAOcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0GvaV9v0bguGDS1lcKiw1ckxvsywATxucde7lTBVhXXnVUudEJjlmwJwlhjUf8qVX3OgZIFHBjgcsObCg1n4dczHTgDGEv7YF62N60NxmSY7f0nGwGOVB-q6kZYFTx81fTPLLGNuVwEwpsPi_Nwcpp52ZZ4QxuCPXU0oFVxKcXwr48Wz7VA6kkCBhk6Gzg3GxfAyk0qvBkEwSXdIYBRGaSZYb2q64xSQX5V5BlDl0u8dAaGmPMwzNYC0KGAoypKGqvUV3GCkyUl4aZ4uMX1RTCYjbc0A6i4sVbbtw6Hb4FKSynZMn7_85n4S0jJQ-y0eCz7N7l73MYCvT7GutoCsUpIzSQCTMkhkhEGZ7-mYkK3SfJ5z-HeZ3-AEAYAGmIiDrK-b3-wboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WLiw1N-PjYQD-gsCCAGADAHiDRMIieDU34-NhAMVRoqDCB2_lgEy0BUBgBcB%26num%3D1%26sig%3DAOD64_0mpyOrKvK7AdeWJ4x2TV0cgazrmw%26client%3Dca-pub-5900327121854735%26adurl%3D

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b1595a98ae345c2e2d3074097b5a0dd1af92b5a7fb635f9af9e2985311af63c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 16:55:54 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=qh64Ip3FUcIwQf9f19hb-ip44lACjkSma0bG9ipNZZIs531rZHYlIhgRLkCLfVRpndv2YgBPFw8P1lILqVykvdRON64H6He5cX1Swm-h_A_tBBXcCx3oOovbZAIURkqennUKMxtxSBWxhhWIdajmKdsDW3mbkG8OceWwYSaZBJrlakbRRngXb-xZhZIRiMRXiM25DyKH8H3RYCIcSADis6WaHOiuXJ5cYQFC3n9pzAPm2eYGyAQKkCe59ppVG4R6D26ZXA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 54964399
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 4E49 3 KB
1 KB 40ms
40ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:53:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 4E49 20 KB
8 KB 26ms
24ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:53:36 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4E49 24 KB
6 KB 30ms
28ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:16:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 113975
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 31 Jan 2025 09:16:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E49 205 KB
65 KB 49ms
47ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:55:54 GMT

GET
DATA 200
OK truncated
/ Frame 4E49 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca2c097150f83129a3adfb93d7f6baefca3b415fba036960e7d34618edc3fac7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 654A 0
0 93ms
92ms Fetch
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWx4zN8Rbo-6wZFYu_CWiOOWS5MkijNDgu-PfDaHzTqmfoQo7pg6OGUaOJ5Q1rCgR_GjK5atazizAFOgXc0mGF2-A6b3rfHeNIJ1XXmEe7NoCGT_C8gUNwclOHX62wDZdE-h9oppOYpxfhO_3EnvQzlDc8JCzIF-MhoRnf20a8vTjO6D3ZJS0xWUWdjw6DCNPgHI7dWwZP3XEf2d9gXheFbzxlPo972D8HYD7TgelVcsqPd_TzPrRdbvprVykcja0ouQCOAF3vbzN6NRB5amqGgJbBruCSp05RlqTVA3d3TqlgHkz6iqVdupkS2eOdEaa4s3rIryC9t6HhN1VMGMojTpv8&sai=AMfl-YS9T_-unKknoNPSJ5r-m1zZI3ajkn6B_U1Y_2ubXgXqA2xXRwzIe5Uzoziem3uI9qhiLtMCnYLrzXnsiF3SeWZvdsPIXGYbGeGFaXa28BO6rt7XZttwH-BNqM02WXSH2GxTzQTjdKg7K0k-ZCUHikk&sig=Cg0ArKJSzKraQhA-0SSGEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 02 Feb 2024 16:55:54 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 71F3 2 KB
1 KB 50ms
49ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0emgACAvEIg4pGAAGWvy7nIUJk7cwS1QwxGw&u=%7CzxgZEKA86t2L8os7O1Y0y1am9YOsacCZg49zTNJ4AD8%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEaYXno-Gq7T0yJV3NMKe2X672y8vz046MeyG6-CLenxUrtSuZ341Y-n2sxdfhlZqEutOPOaGBCMAVdDcn25PNr_f23Fxd_O06XdeRX_GH1nZ1QTCwzVSAFOrHj2ARUyt8iOzAwRYbpZi4EpzoYSb5XWT35l0r-VMYZJzGNlERjYMdJiHk4arcXO8Ain1Cyr7qgmMXv0tvoDvM8KIr7pmN29Cle8cRQEW_dPuT3tp0iD3o7T9uP1Qu2sjf-y38KG1v3ieK7HjrjWr-06SOc5Z27afFqSLAwtVWisd-8jdHmzlN14JBRA5F2iYzkO8rA4EBL_83FjccRbR3ujcPwsh1Z0RSQO0qFf0Pqrwzn8syOQcBlOFVmXNk1Bc9FY3fpp8kLuJyNdX_1fzcwRQ5gGCzy25EuXhVKllZY1ZMnYY-OKlY5jEPq89H3gLPv6MhifLfF29jUdlOB0pULhxbiv2I4NuKTIV_YDIbdEruBf3a-kzCyZRMFWqjUKgo_6t9p6v74sgYuUpwquRD1MaSqUuGJcS6Ch5t_bOnG2aLnko8gTLkzWXMdORcGmj9Pa3B33tgIEMdF1ZUgQhIZU0aJy7JGs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjJjbmh69ZfGFCMaUjvQPv62GkAOcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0GvaV9v0bguGDS1lcKiw1ckxvsywATxucde7lTBVhXXnVUudEJjlmwJwlhjUf8qVX3OgZIFHBjgcsObCg1n4dczHTgDGEv7YF62N60NxmSY7f0nGwGOVB-q6kZYFTx81fTPLLGNuVwEwpsPi_Nwcpp52ZZ4QxuCPXU0oFVxKcXwr48Wz7VA6kkCBhk6Gzg3GxfAyk0qvBkEwSXdIYBRGaSZYb2q64xSQX5V5BlDl0u8dAaGmPMwzNYC0KGAoypKGqvUV3GCkyUl4aZ4uMX1RTCYjbc0A6i4sVbbtw6Hb4FKSynZMn7_85n4S0jJQ-y0eCz7N7l73MYCvT7GutoCsUpIzSQCTMkhkhEGZ7-mYkK3SfJ5z-HeZ3-AEAYAGmIiDrK-b3-wboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WLiw1N-PjYQD-gsCCAGADAHiDRMIieDU34-NhAMVRoqDCB2_lgEy0BUBgBcB%26num%3D1%26sig%3DAOD64_0mpyOrKvK7AdeWJ4x2TV0cgazrmw%26client%3Dca-pub-5900327121854735%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 71F3 2 KB
1 KB 60ms
59ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 71F3 308 B
636 B 51ms
50ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 71F3 293 B
621 B 52ms
51ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 71F3 43 B
347 B 31ms
31ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=-gczlmXtqkiueOuQc6rVto8au7Km3pR95KPKuRYAB8SCZ7Jp0Gn3OZg4HZpfFls7cBcCCRiFk72FDbV_niKTeZd1XXy_woj1wUcnWz7p30TDlZp1q6OB15mTYi8Vzn7bCCsYkyxZgXvJk92B6Jej-tftzncfzmw8C_xAHLE4YdtH6F7JMMDr5Ln8IqcRP4209lmrHS6S8iLrN3fRoQBTwVZ8fSp0gOA_gf58K0sms57snISSWvI7L7xaIJqNjSF5i0uxMEdMnaWewi8SDUgKwgKF4vFXJkTuA7MyyuyXarnmzNlGUMmzM-2rB6uDAYKFfcvDEPf6osQxl_RbXT_wtfr7eKXySdKeiMTbumIKlDhmM9HU2SaUHkm8SEdIz_PuF70BSvW9TFlUCPr_6JyfgwcKw7apJxyTH_LVfoQsDQwzxS0E2EJwca1Q09WxNwLdVOb2ig

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2401553
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 71F3 12 KB
5 KB 37ms
36ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6255869
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMxHpKRBbLnH9W5oI6TFItLR98zp4mef1AduK%2BqMgXNQqVoHtAyhvoWuSPPxWJiG8Dk8SYXU7iqNSsuyrleOxLBi%2Bi9XzRzhA0cfsNNM4GyJezBpdwA6SJNhhTEeeTenls9ZIO6fBYHHJJWR7HXYdpII"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84f3f6e78baa4bd2-BUF
expires: Wed, 22 Jan 2025 16:55:54 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 71F3 12 KB
6 KB 95ms
95ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 71F3 10 KB
10 KB 84ms
83ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=132&m=0&partner=48200&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F48200%2F180220%2F65e8a9a7738343e1a5f5a4a0a5adeec6_blix.png&v=3&w=596&rid=4&s=mpga8EC594I8hVxQDn4JEamv

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

7211d5c7ce5067ab5480323f5a75480ca4ab9b1784b95acfed3034a952f898c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 10223
expires: Fri, 03 Jan 2025 01:19:42 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 71F3 33 KB
33 KB 81ms
80ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=48200&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0670%2F8905%2Ffiles%2FBlix_PackaGenie_BrightWhite_WheelGuards.png%3Fv%3D1685047725&v=3&w=400&rid=4&s=pIDLxmY7vth6eG_SXw3FlTh3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

bcfbccbfcfed5bea23fa803211528967b800cbdee9380da7f44aa71d5b3f6179

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 33946
expires: Sun, 29 Dec 2024 01:31:51 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 71F3 35 KB
35 KB 83ms
83ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=48200&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0670%2F8905%2Fproducts%2Fsol-slate-grey.png%3Fv%3D1700963749&v=3&w=400&rid=4&s=deboak66Rh299A17wdL5YSCg&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1f304b10c9ad6baa126ed376ae8341fa5340294dc801f4506efc09999fc27765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 35934
expires: Mon, 23 Dec 2024 04:38:11 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 71F3 13 KB
13 KB 82ms
81ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=48200&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0670%2F8905%2Fproducts%2FBlix_AvenySkyline_5.1Blue_BikeColor2.png%3Fv%3D1693032115&v=3&w=400&rid=4&s=OIgJkQOvb5BObZKdu4fWf1OF&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8f313cbb86583d27e264b5eefa0f1a2aa1cc5a70b77d6237d00161862ac404a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 13294
expires: Thu, 12 Dec 2024 15:03:14 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 71F3 0
127 B 78ms
77ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=qh64Ip3FUcIwQf9f19hb-ip44lACjkSma0bG9ipNZZIs531rZHYlIhgRLkCLfVRpndv2YgBPFw8P1lILqVykvdRON64H6He5cX1Swm-h_A_tBBXcCx3oOovbZAIURkqennUKMxtxSBWxhhWIdajmKdsDW3mbkG8OceWwYSaZBJrlakbRRngXb-xZhZIRiMRXiM25DyKH8H3RYCIcSADis6WaHOiuXJ5cYQFC3n9pzAPm2eYGyAQKkCe59ppVG4R6D26ZXA&sds=2&rev=90469&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 16:55:54 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 71F3 2 KB
1 KB 97ms
95ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 71F3 2 KB
1 KB 94ms
93ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H2 200 montserrat-400.css
static.criteo.net/design/googlefont/montserrat/ Frame 71F3 2 KB
803 B 67ms
66ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H2

200

envelope Show response
lexicon.33across.com/v1/
Redirect Chain

https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.8.0&coppa=0
https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.8.0&coppa=0&b=1&g=NLZ5BuOM1DAyo4thT%2B%2BWo034fblWGyI%2FwLz27Amnjgs%3D

42 B
138 B

34ms
33ms

XHR
application/json

35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.8.0&coppa=0&b=1&g=NLZ5BuOM1DAyo4thT%2B%2BWo034fblWGyI%2FwLz27Amnjgs%3D
Protocol: H2
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.btolat.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Fri, 02 Feb 2024 16:55:54 GMT
via: 1.1 google
referrer-policy: unsafe-url
vary: origin
access-control-allow-origin: https://www.btolat.com
location: https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.8.0&coppa=0&b=1&g=NLZ5BuOM1DAyo4thT%2B%2BWo034fblWGyI%2FwLz27Amnjgs%3D
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 400 fed Show response
ups.analytics.yahoo.com/ups/58809/ 0
273 B 44ms
41ms XHR
application/json 3.225.218.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58809/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://www.btolat.com/&pixelId=58809

Requested by

Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-218-10.compute-1.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://www.btolat.com
content-type: application/json
access-control-allow-credentials: true
content-length: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
700 B 49ms
48ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=1324mj4&fmt=json
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 4e10773eeeb77da0a67f4d5547afa647a416003e5b6fae1bfe6937f4e8e0f9d9

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.btolat.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Sun, 03 Mar 2024 16:55:54 GMT

GET
H2 200 montserrat-400-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame 71F3 12 KB
13 KB 48ms
48ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-31a4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:54 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4E49 0
0 97ms
96ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CdjHImh69ZfGFCMaUjvQPv62GkAOcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoElgJP0GvaV9v0bguGDS1lcKiw1ckxvsywATxucde7lTBVhXXnVUudEJjlmwJwlhjUf8qVX3OgZIFHBjgcsObCg1n4dczHTgDGEv7YF62N60NxmSY7f0nGwGOVB-q6kZYFTx81fTPLLGNuVwEwpsPi_Nwcpp52ZZ4QxuCPXU0oFVxKcXwr48Wz7VA6kkCBhk6Gzg3GxfAyk0qvBkEwSXdIYBRGaSZYb2q64xSQX5V5BlDl0u8dAaGmPMwzNYC0KGAoypKGqvUV3GCkyUl4aZ4uMX1RTCYjbc0A6i4sVbbtw6Hb4FKSynZMn7_85n4S0jJQ-y0eSTztfJhK2vompI56OrlL9iM8YQm9Koz_dzsQJleGvLVTuApKH-AEAYAGmIiDrK-b3-wboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WLiw1N-PjYQDgAoB-gsCCAGADAHiDRMIieDU34-NhAMVRoqDCB2_lgEy0BUBgBcBshccChoSFHB1Yi01OTAwMzI3MTIxODU0NzM1GJStHA&sigh=5NNRO2wuFrg&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_Y_yYiu08tRsZIlxEmgXWqOUnkXvvLsnvvZ52WzH26je2djiYIdhLvYrDjb8BZbxZmZ1Wyy0sCepMDAkE_tdmhfP2wYOkhLe2jGAYAQ&cbvp=2&vis=1
Requested by: Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 4E49 0
125 B 60ms
59ms Image
text/plain 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kpf6CNWCMKwC-gHiIp0XAgAAANwECB-ksh_CSfR_qxCaHr1lcSVtnC8aw5NnywAAEgAACgpBUVVEQ2dFQkNn&wp=Zb0emgACAvEIg4pGAAGWvy7nIUJk7cwS1QwxGw&cbvp=2

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:54 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 214418
server: Kestrel
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 128C 42 B
64 B 92ms
92ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOwxfGWoNOqvh_tx2Yn37SpVHdcIrfPdAcQOu4vnrO2UIVX72nlbVRpl1elmqE9cp1k4m-f-VeWsKen4eO0prI7b27z-_2-6hfueJ88lqnUO7szM-dgCqypRmmBn4WIqI&sig=Cg0ArKJSzM6eBiP_vG2NEAE&id=lidar2&mcvt=1000&p=185,252,435,552&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3525699108&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=282575300&rst=1706892953868&rpt=135&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 39ms
38ms Ping
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8D6S73ZBHH&gtm=45je41v0v874051100za200&_p=1706892949148&gcd=11l1l1l1l1&npa=0&dma=0&tcfd=10000&cid=191236476.1706892950&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEI&sid=1706892949&sct=1&seg=0&dl=https%3A%2F%2Fwww.btolat.com%2F&dt=%D8%A8%D8%B7%D9%88%D9%84%D8%A7%D8%AA&_s=2&tfd=6400
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8D6S73ZBHH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.btolat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 6B3E 0
127 B 29ms
29ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 16:55:54 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5472 42 B
64 B 92ms
92ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSZcpkr653h9prQwq9AXItbdcab_32uSIrDdpeYvxQTXZOHrlxtti5dB819PR1g4LE6lEEU2fN07_PB1rT_WUQcaaJlqABABrgjM_QHuxhl2d3Lo-b6x2cGt6RgvD5Lzs&sig=Cg0ArKJSzKNdhAioS6PQEAE&id=lidar2&mcvt=1000&p=82,436,172,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1278542363&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=282575400&rst=1706892954185&rpt=153&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 6C80 0
127 B 30ms
29ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 16:55:54 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 654A 42 B
64 B 92ms
91ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxrsqc9P6UbykCjj_T3D__RTSyjGRcsaembudwlILX9_qo5LnHFZAJYuF94v8FlEItzo42W0ntY2hEPb1rU431Tas8cvJfAirpsDRYe6Ow514klmsi_cWObwMPg9jpp9rrcAw6Xh9sC57GrLmTqF5K2SL2&sig=Cg0ArKJSzIJWCjEjytCWEAE&id=lidar2&mcvt=1001&p=190,410,590,1190&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240131&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1753927974&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=282575400&rst=1706892954596&rpt=132&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4E49 42 B
64 B 92ms
92ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscbkE7JY6nPdRSAok9ffJ_oOqTtC5ufT2a4IXWAId-0UpKfBv0TaFXYcIVRd_p4-lDLbgj5vkREa0jkQxih7oy91HlQu7-qcVnS8LxImwGcjwch-AQvrvLQ8Hjgbei5D0&sig=Cg0ArKJSzLO5CsWLFN63EAE&id=lidar2&mcvt=1003&p=888,252,1138,552&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2571400492&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=282575400&rst=1706892954568&rpt=188&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 71F3 0
127 B 29ms
29ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 16:55:55 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 nhwimp Show response
nhwimp.izooto.com/ 0
67 B 320ms
296ms XHR
text/plain 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nhwimp.izooto.com/nhwimp
Requested by: Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.btolat.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 16:55:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 84f3f6f76aba4bbd-BUF
content-length: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 100 KB
30 KB 57ms
56ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad89880a8cd1f12e6bef9852757b2eba2701a4293f58fcda69f59ab188c5e837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30283
x-xss-protection: 0
server: cafe
etag: 236 / 19755 / 31080791 / config-hash: 16504606021960176266
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:55:58 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
18 KB 298ms
297ms Fetch
text/plain 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1677513056325833&correlator=1073414368089604&eid=31080791&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fifs&gdpr=0&iu_parts=22809537726%2Cbtolat%2Cbt_fo&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&ifi=14&didk=117550342&sfv=1-0-40&eri=4&sc=1&cookie=ID%3D371a9a7fba40be69%3AT%3D1706892950%3ART%3D1706892950%3AS%3DALNI_MZe0mCgchdp5It_3oWN5lHthtsEZg&cdm=www.btolat.com&gpic=UID%3D00000a0aa474a615%3AT%3D1706892950%3ART%3D1706892950%3AS%3DALNI_MY18ZbnCqWLIfU-OV2-4koea1uLCg&abxe=1&dt=1706892958272&adxs=1236&adys=1098&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbtolat.com&loc=https%3A%2F%2Fwww.btolat.com%2F&vis=1&psz=350x-1&msz=291x-1&fws=516&ohw=1600&ga_vid=191236476.1706892950&ga_sid=1706892950&ga_hid=461504789&ga_fc=true&dlt=1706892948977&idt=732&cust_params=Btolat_League%3DHomePage&adks=545762932&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec6385824ec153a716124fabd85994399f59dade9c12b06d33b74b13d988d0fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17908
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.btolat.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 7673 0
127 B 30ms
29ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 16:55:58 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 container.html Show response
60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F67D 6 KB
3 KB 26ms
26ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.btolat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 16:55:50 GMT
expires: Sat, 01 Feb 2025 16:55:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 649E 87 KB
34 KB 64ms
61ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0engAE_goIg6HuAA9ybpy_kMkzSplrQjZnMw&u=%7C8rVyD6kZIAmiMbw8HGPQxUjB9I2Nvlsgrp168V0FjE8%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxblGjs0kjYw2JAKF78E12ZFKl5XFEkyNV6GTyYUW37hwr-GL1SXvVNMGK9DDJ7tOr-PeLjf_hhBMOxvotSR0xpB11B_pUEJu9V49W6Mb_El3T_SHotfmwWnARLw1ea2oYqxkFX_tghdbSD0Lv4LeaV9QY5FgjJ387DZkhz5-ch_-FPoYIGiz5uzIb4MFXgHwNcqRJlxlo9pvqn-70llZRPftAYSS5lbDV6QUoCxlw_PbvgcMLhmZmS441SyigG5la1KTSLCoUetgBg7XUTAgx7yptCHJ4aOkXh4iSdmWYSN4glp4fz7i2vWBz639lY85H7Z6XtlG9k2_IHe6RqBWpu1l1wwRxILr4B7HGJRGu3MiHmb3-7DMHzgL5P_XlnnZEv7r6BtewHEEaXrSt2K_tA4uBUYnheF62lSc7E1JL-29c_nIOy8ZLEyT0ZaIANupLgpcuJ0dxNiC15MB-fEs9jNJbVKJiLL_NpymKZv0xRvjiVFTUfBqYqI5FVxJHn2grZSJ_tNcz6OwfSKnW_xt5U6SZVBXp7foPdqHtRg_xb-4KMDp4R_xF6Hw3daN-nGtp6aubeZAY3IMpyPHiCCO4_U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgDITnh69ZYr8E-7DjvQP7uS9wAGcge-wXJrwqKp0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNjkyODgyNjk1NDY0MzgwNcgBCeACAKgDAcgDAqoEiQJP0C20q1MBc0Ca1UJcLbgXRdHw-0Fce03ynmRUlhw2AR-mH1cxjf7oz_UE938xzrf7aISrfqTDatKctBLlI4dhGIlUKZkKUA6Bslx8jiqUuLA8NEdJ691LhWkeESEpzX4q6R-IYQ8qLmsx5qKgg12qkrWEIlfedII8yY59QybL8akyFkrhX3eJ4VZd6gehu-in-qVyazf-B-Nf9HpDgyh0tmBMI06rhZPraLrbSoJfkNG5G1DzhfHu-dL0F3EOnHMgQ_YUrgRQIzSPHDRiFXr3KESU4xvpwKzLNN1EJeLSUh6uKKPA8sYP4zrNXptaOqB6zpJwKAq0oNHTsLRzoar9m4Gzp8EWq4OA4AQBgAahjtKampam8-EBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPKczOOPjYQD-gsCCAGADAHiDRMI88fM44-NhAMV7qGDCB1ucg8Y0BUBgBcB%26num%3D1%26sig%3DAOD64_0WkMWYKqwaGY9Rp3VEd1wKQDp90g%26client%3Dca-pub-6928826954643805%26adurl%3D

Requested by

Host: www.btolat.com
URL: https://www.btolat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

808378206165dff58ba1ad25a74660deaddbf3d6d49338dd661378e6e543bf9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 16:55:57 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=6wGEdp3FUcIwQf9f2P99q14k2OhedNSMSaGs_s2e-yYaKGabRy06IDOmjoS-UFbvdN1gtvUcasTj-tlf3s9jcU-bKs4AF_DqZWvca8z39a_l6FxrtTlHXd6LBEk-7SK7RTMT6XyTSI4L_rK9Xt29Ebmwxh6CKy_PcGS0Z3t-DpbSBAr0p-_KMo6eK_6WaF6wVUKnDALQPln1CtEpCMtkBOE2IwUhPF2sa29zmyIurETs1LQ3314gNU-9qQAzvdjJIN_YLw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 20110531
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame C2D5 3 KB
1 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.btolat.com
URL: https://www.btolat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:53:36 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7676 1 KB
643 B 27ms
25ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: www.btolat.com
URL: https://www.btolat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 39893
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 05:51:05 GMT
etag: 48472445140208031
expires: Sat, 03 Feb 2024 05:51:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame C2D5 20 KB
8 KB 28ms
24ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.btolat.com
URL: https://www.btolat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:53:36 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C2D5 0
0 47ms
43ms Image
text/html 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOhb-jPC1LRBinWSvMObqn_V6gnQqJ5fdAkSyU0nuKqJ46AA79KvQcpw02KE18Ggb_e3npkctQrrFVHpEnrRIPq_H3OA
Requested by: Host: www.btolat.com
URL: https://www.btolat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C2D5 24 KB
6 KB 27ms
25ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: www.btolat.com
URL: https://www.btolat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:16:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 113979
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 31 Jan 2025 09:16:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C2D5 205 KB
65 KB 49ms
47ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.btolat.com
URL: https://www.btolat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:55:58 GMT

GET
DATA 200
OK truncated
/ Frame C2D5 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4f6e17456a63a9af1a4d89608f9a415bc5922ad25e9793f59b4b7e5d2151d26

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 7676
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDHkmUfvIG6LV63UBMOi_oo&google_cver=1&google_push=AXcoOmQzVBWQNPy7bl6U5d_aWulOf0POC2FhrT90ifD672VxwMLiqc4mEGXpB4ujtgsYPwBitR71pWfx9lbZjVXqimW2eybdYi2g&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDHkmUfvIG6LV63UBMOi_oo&google_cver=1&google_push=AXcoOmQzVBWQNPy7bl6U5d_aWulOf0POC2FhrT90ifD672VxwMLiqc4mEGXpB4ujtgsYPwBitR71pWfx9lbZjVXqimW2eybdYi2...

43 B
424 B

112ms
111ms

Image
image/gif

2606:4700::6812:19ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDHkmUfvIG6LV63UBMOi_oo&google_cver=1&google_push=AXcoOmQzVBWQNPy7bl6U5d_aWulOf0POC2FhrT90ifD672VxwMLiqc4mEGXpB4ujtgsYPwBitR71pWfx9lbZjVXqimW2eybdYi2g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQzVBWQNPy7bl6U5d_aWulOf0POC2FhrT90ifD672VxwMLiqc4mEGXpB4ujtgsYPwBitR71pWfx9lbZjVXqimW2eybdYi2g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:59 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 84f3f7032d176aee-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:59 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 216
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDHkmUfvIG6LV63UBMOi_oo&google_cver=1&google_push=AXcoOmQzVBWQNPy7bl6U5d_aWulOf0POC2FhrT90ifD672VxwMLiqc4mEGXpB4ujtgsYPwBitR71pWfx9lbZjVXqimW2eybdYi2g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQzVBWQNPy7bl6U5d_aWulOf0POC2FhrT90ifD672VxwMLiqc4mEGXpB4ujtgsYPwBitR71pWfx9lbZjVXqimW2eybdYi2g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 84f3f7026cca6aee-BUF
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7676
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKNsd0ZKdVsCAAttWJESW-E&google_cver=1&google_push=AXcoOmQpp2ncT4SeSbxtks0xaklXM5i57LyUGJVageLFFOi_qHUIhdtGQr_1_Zmq4uL9QB3R9dGXen5A9HTD7Pop2S...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OWYxMGViYWYtYzY0Ni00ZGIwLThjMTYtZjk4NTc2NDNkYjBm&google_push&gdpr=0&gdpr_consent=&ttd_tdid=9f10ebaf-c646-4db0-8c16-f9857643db0f

170 B
188 B

41ms
41ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OWYxMGViYWYtYzY0Ni00ZGIwLThjMTYtZjk4NTc2NDNkYjBm&google_push&gdpr=0&gdpr_consent=&ttd_tdid=9f10ebaf-c646-4db0-8c16-f9857643db0f

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OWYxMGViYWYtYzY0Ni00ZGIwLThjMTYtZjk4NTc2NDNkYjBm&google_push&gdpr=0&gdpr_consent=&ttd_tdid=9f10ebaf-c646-4db0-8c16-f9857643db0f
date: Fri, 02 Feb 2024 16:55:58 GMT
server: Kestrel
content-length: 423

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 7676
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELhM4abwQ-pO2jkfuaboJc0&google_cver=1&google_push=AXcoOmSyYJQn2F9x_YzOQ9LM8lR5EOPw6n744N_Qj2kIdA3bn1aZBSPc4FZu84gVqjJb3WMLY61a7thof_buFYd0...
https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=66149dfc38&gdpr=0&gdpr_consent=

43 B
659 B

317ms
31ms

Image
image/gif

23.105.12.136

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=66149dfc38&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 23.105.12.136 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Feb 2024 16:55:58 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date: Fri, 02 Feb 2024 16:55:59 GMT
via: 1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
location: https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=66149dfc38&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: fMBq_SXb_hKs8ZWHz3AeqoM2rSBFFwRCp_tikPuI0msTgxPtPKT8Gg==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7676
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmRmJOn55_8cVFiEo_wE-hTbwi_EO2yJCP8u5J0BWBaPMYJ93RqYip7mZ2rbEXSkKkh5hN6OLDm5Y-f8QpcjjbWzvUKjP1Imlg&google_gid=CAESEGpz8IvJwOc...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGpz8IvJwOc-cyv-HGq-VfQ&google_hm=T1BVNzBkMjk4Yjk3N2JmNGFkMGJmOGJjMGNlNTYwOTU2OTA&google_nid=opera_norway_as&google_push=AXcoOmRmJOn5...

170 B
188 B

41ms
41ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGpz8IvJwOc-cyv-HGq-VfQ&google_hm=T1BVNzBkMjk4Yjk3N2JmNGFkMGJmOGJjMGNlNTYwOTU2OTA&google_nid=opera_norway_as&google_push=AXcoOmRmJOn55_8cVFiEo_wE-hTbwi_EO2yJCP8u5J0BWBaPMYJ93RqYip7mZ2rbEXSkKkh5hN6OLDm5Y-f8QpcjjbWzvUKjP1Imlg

Protocol

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:59 GMT
server: nginx
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGpz8IvJwOc-cyv-HGq-VfQ&google_hm=T1BVNzBkMjk4Yjk3N2JmNGFkMGJmOGJjMGNlNTYwOTU2OTA&google_nid=opera_norway_as&google_push=AXcoOmRmJOn55_8cVFiEo_wE-hTbwi_EO2yJCP8u5J0BWBaPMYJ93RqYip7mZ2rbEXSkKkh5hN6OLDm5Y-f8QpcjjbWzvUKjP1Imlg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 326
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7676
Redirect Chain

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEIpp68Oa50k4ClZIK8L73E4&google_cver=1&google_push=AXcoOmSu6lYqo-zSXPXnYyZ40U_T0x4XYapJnTI0VGP1WIvqQzdqDbIYMMtfpyiQP6sd5fAmCQtUy...
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEIpp68Oa50k4ClZIK8L73E4&google_push=AXcoOmSu6lYqo-zSXPXnYyZ40U_T0x4XYapJnTI0VGP1WIvqQzdqDbIYMMtfpyiQP6sd5fAmCQtUy...
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmSu6lYqo-zSXPXnYyZ40U_T0x4XYapJnTI0VGP1WIvqQzdqDbIYMMtfpyiQP6sd5fAmCQtUy8c1HLeItKmLmtqdzSYCCm_41Q&google_hm=T3hJU0hrd3FxSm...

170 B
188 B

41ms
41ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmSu6lYqo-zSXPXnYyZ40U_T0x4XYapJnTI0VGP1WIvqQzdqDbIYMMtfpyiQP6sd5fAmCQtUy8c1HLeItKmLmtqdzSYCCm_41Q&google_hm=T3hJU0hrd3FxSmNqcV9QMjR1NHY=

Protocol

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 02 Feb 2024 16:55:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmSu6lYqo-zSXPXnYyZ40U_T0x4XYapJnTI0VGP1WIvqQzdqDbIYMMtfpyiQP6sd5fAmCQtUy8c1HLeItKmLmtqdzSYCCm_41Q&google_hm=T3hJU0hrd3FxSmNqcV9QMjR1NHY=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 242
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 7676
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJ149fqtN1fZ...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MzQyNDIwMWQtYjk5Ni00ZTRlLWE2ZGYtNzZhNGUzNjJmYWYw&google_push=AXcoOmRlySbZYnY1D6XpTtNmuY319uFhIHhvkC5RM8fhtxOv6CPrnm3jlhY5rEodKO3Kj...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

40ms
39ms

Image
image/gif

23.51.57.155

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.51.57.155 -, , ASN (),
Reverse DNS
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 02 Feb 2024 16:55:59 GMT
pragma: no-cache
date: Fri, 02 Feb 2024 16:55:59 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7676
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEACOOpq4yr-MB4ZLcjCldoA&google_cver=1&google_push=AXcoOmTiRCev5vIL7Ee33zDFe7G0ra8ggq0V05OU-4HbsoU-1DpBYABJA3Qzs7jJK2G...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTiRCev5vIL7Ee33zDFe7G0ra8ggq0V05OU-4HbsoU-1DpBYABJA3Qzs7jJK2GirMKRoxO_8zhWUgv_yVKTEkFxgjZyL3NZ

170 B
188 B

42ms
42ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTiRCev5vIL7Ee33zDFe7G0ra8ggq0V05OU-4HbsoU-1DpBYABJA3Qzs7jJK2GirMKRoxO_8zhWUgv_yVKTEkFxgjZyL3NZ

Protocol

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id: 430f617e.4966bd63
date: Fri, 02 Feb 2024 16:55:59 GMT
x-bytefaas-request-id: 20240202165559A8E390C0E78BF76C7B3C
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240202165559A8E390C0E78BF76C7B3C-132CC1C4071BB913-00
x-cache: TCP_MISS from a104-126-118-229.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-)
x-parent-response-time: 17,104.126.118.229
server-timing: cdn-cache; desc=MISS, edge; dur=8, origin; dur=9, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240202165559A8E390C0E78BF76C7B3C
x-cache-remote: TCP_MISS from a23-55-171-91.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-)
access-control-max-age: 86400
access-control-allow-methods: *
location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTiRCev5vIL7Ee33zDFe7G0ra8ggq0V05OU-4HbsoU-1DpBYABJA3Qzs7jJK2GirMKRoxO_8zhWUgv_yVKTEkFxgjZyL3NZ
x-bytefaas-execution-duration: 3.79
access-control-allow-origin: *
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01bc5986c7db812d20e0f94ae445bc113359119a87f41edced3a8af0d0fce97aac937e3bc1f951b47c1c2a2f46887926fffd7b108c29e63790c9072f00dca875b9c5e4eb7137d7e07899acc280ae4022c24d6f32f9c867a82eba1df2f9c381c5fd8fff222d2f2835916f1d0048067a0982
x-origin-response-time: 9,23.55.171.91
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: *
expires: Fri, 02 Feb 2024 16:55:59 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7676 0
12 B 39ms
39ms Image
text/html 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jt2M9XTNXZqDhOLaS3NFfKBRM5EtCF9gROA-7RLU1Q77RyOHRR5uFvmdJhPt2nEguAooi-3xrbFw

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 649E 2 KB
1 KB 62ms
62ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0engAE_goIg6HuAA9ybpy_kMkzSplrQjZnMw&u=%7C8rVyD6kZIAmiMbw8HGPQxUjB9I2Nvlsgrp168V0FjE8%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxblGjs0kjYw2JAKF78E12ZFKl5XFEkyNV6GTyYUW37hwr-GL1SXvVNMGK9DDJ7tOr-PeLjf_hhBMOxvotSR0xpB11B_pUEJu9V49W6Mb_El3T_SHotfmwWnARLw1ea2oYqxkFX_tghdbSD0Lv4LeaV9QY5FgjJ387DZkhz5-ch_-FPoYIGiz5uzIb4MFXgHwNcqRJlxlo9pvqn-70llZRPftAYSS5lbDV6QUoCxlw_PbvgcMLhmZmS441SyigG5la1KTSLCoUetgBg7XUTAgx7yptCHJ4aOkXh4iSdmWYSN4glp4fz7i2vWBz639lY85H7Z6XtlG9k2_IHe6RqBWpu1l1wwRxILr4B7HGJRGu3MiHmb3-7DMHzgL5P_XlnnZEv7r6BtewHEEaXrSt2K_tA4uBUYnheF62lSc7E1JL-29c_nIOy8ZLEyT0ZaIANupLgpcuJ0dxNiC15MB-fEs9jNJbVKJiLL_NpymKZv0xRvjiVFTUfBqYqI5FVxJHn2grZSJ_tNcz6OwfSKnW_xt5U6SZVBXp7foPdqHtRg_xb-4KMDp4R_xF6Hw3daN-nGtp6aubeZAY3IMpyPHiCCO4_U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgDITnh69ZYr8E-7DjvQP7uS9wAGcge-wXJrwqKp0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNjkyODgyNjk1NDY0MzgwNcgBCeACAKgDAcgDAqoEiQJP0C20q1MBc0Ca1UJcLbgXRdHw-0Fce03ynmRUlhw2AR-mH1cxjf7oz_UE938xzrf7aISrfqTDatKctBLlI4dhGIlUKZkKUA6Bslx8jiqUuLA8NEdJ691LhWkeESEpzX4q6R-IYQ8qLmsx5qKgg12qkrWEIlfedII8yY59QybL8akyFkrhX3eJ4VZd6gehu-in-qVyazf-B-Nf9HpDgyh0tmBMI06rhZPraLrbSoJfkNG5G1DzhfHu-dL0F3EOnHMgQ_YUrgRQIzSPHDRiFXr3KESU4xvpwKzLNN1EJeLSUh6uKKPA8sYP4zrNXptaOqB6zpJwKAq0oNHTsLRzoar9m4Gzp8EWq4OA4AQBgAahjtKampam8-EBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPKczOOPjYQD-gsCCAGADAHiDRMI88fM44-NhAMV7qGDCB1ucg8Y0BUBgBcB%26num%3D1%26sig%3DAOD64_0WkMWYKqwaGY9Rp3VEd1wKQDp90g%26client%3Dca-pub-6928826954643805%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:58 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 649E 2 KB
1 KB 50ms
50ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:58 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 649E 308 B
636 B 50ms
49ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 27 Jan 2025 16:55:58 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 649E 293 B
621 B 50ms
50ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 27 Jan 2025 16:55:58 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 649E 43 B
347 B 32ms
31ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=VQrvXYmTLGLkdn8VJhjhwTT_eNDtT4Ssau2Xsl6tioQMFi6ZmkZJQvxYO0agtv3vvnUXZDjjD35hflGCvKXaluyafU55lXRuLentRqF16DRHQm_w0NKPh6vNsrgPJgryYcc2KeGCNPiCJoK36dGLihxGcPA-4159jSnllzK85DqihamdeO_8hEkCBSV_JKrDF92JDMp_8wUAdgCVkhF8XW73lSHxNQ4yRCcuuhtjwSB8LMPcR-pVDAjxvTV18YEy-BKqKLx8P1jnJxvPCS21gYarYbWBQY9Oc6FQ5xZPsbpeOQFZkeJbpHSLW9e4Z2l7ecfChGRdDGPqaEM2jLYNSRcUxVG-CU5Rq8NnG1fKB6T73eVmV75ftIYlzPzK0pksAfVB5RKa1GNecA0-ZpRGelpsGqJGJDbvw10iu41AVb8TvECfBXPdMzhKTLTv3AnwC15j8A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2414872
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 649E 16 KB
16 KB 30ms
29ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=96396&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F96396%2F4830710%2F8b2a5f00d191496b9c766731f27bb89d_ev_2023_jack_hardy_the_pool__001_vertical.png&v=3&w=400&rid=4&s=PJs5TgwTikFu2-tYQKYFEJXI&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

13571247c6a2f715e1678d349f05188be702e9feebe4c42435c69ac1a80ee91f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 16144
expires: Tue, 24 Dec 2024 16:42:04 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 649E 0
127 B 29ms
29ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=6wGEdp3FUcIwQf9f2P99q14k2OhedNSMSaGs_s2e-yYaKGabRy06IDOmjoS-UFbvdN1gtvUcasTj-tlf3s9jcU-bKs4AF_DqZWvca8z39a_l6FxrtTlHXd6LBEk-7SK7RTMT6XyTSI4L_rK9Xt29Ebmwxh6CKy_PcGS0Z3t-DpbSBAr0p-_KMo6eK_6WaF6wVUKnDALQPln1CtEpCMtkBOE2IwUhPF2sa29zmyIurETs1LQ3314gNU-9qQAzvdjJIN_YLw&sds=2&rev=90469&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 16:55:58 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 649E 2 KB
1 KB 51ms
50ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:58 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 649E 2 KB
1 KB 61ms
61ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 16:55:58 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C2D5 0
0 103ms
102ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CzWGJnh69ZYr8E-7DjvQP7uS9wAGcge-wXJrwqKp0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNjkyODgyNjk1NDY0MzgwNcgBCeACAKgDAcgDAqoEhgJP0C20q1MBc0Ca1UJcLbgXRdHw-0Fce03ynmRUlhw2AR-mH1cxjf7oz_UE938xzrf7aISrfqTDatKctBLlI4dhGIlUKZkKUA6Bslx8jiqUuLA8NEdJ691LhWkeESEpzX4q6R-IYQ8qLmsx5qKgg12qkrWEIlfedII8yY59QybL8akyFkrhX3eJ4VZd6gehu-in-qVyazf-B-Nf9HpDgyh0tmBMI06rhZPraLrbSoJfkNG5G1DzhfHu-dL0F3EOnHMgQ_YUrgRQIzSPHDRiFXr3KESU4xvpwKzLNN1EJeLSUh7sKoNSNHvkmbMmYU_WA0fef51YISSsZEogyj26H7TRgwB3M_jx4AQBgAahjtKampam8-EBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPKczOOPjYQDgAoD-gsCCAGADAHiDRMI88fM44-NhAMV7qGDCB1ucg8Y0BUBgBcBshcdChsSFHB1Yi02OTI4ODI2OTU0NjQzODA1GMaEigE&sigh=2aWhksu-6u0&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_Nii2xnh2I_2imcnVZugO97lujaRptWC9_DC7xwAsbprTkHlmTUHOfTcSx5qJjNndkNGaiGAMGAE&cbvp=2&vis=1
Requested by: Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame C2D5 0
125 B 61ms
61ms Image
text/plain 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kJCfFJWhCKwCMuIinRcCAAAAXI8M_F4v8FIQnR69ZcPN_2rWFJXaYswAABIAAAoKQVFVQkNnRVBDZw&wp=Zb0engAE_goIg6HuAA9ybpy_kMkzSplrQjZnMw&cbvp=2

Requested by

Host: 60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:58 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 160241
server: Kestrel
content-length: 0

GET
H3 200 boxl.jpg
img.btolat.com/2023/11/26/photogallery/683/ 20 KB
20 KB 49ms
48ms Image
image/jpeg 2606:4700:3038::6815:eb96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.btolat.com/2023/11/26/photogallery/683/boxl.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fd8bf21d2362f47ddb5cde9854f247b47d8c1b3f6115ebaf1f59867d3e6805a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.btolat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:55:59 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 20507
last-modified: Sun, 26 Nov 2023 16:31:04 GMT
server: cloudflare
etag: "511e80f38520da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHuEt5PHoc6Iz9IiesCA3%2B7Fzwr4sFnrYlwXL%2BGEkXId6g2I6USacj4%2Fd0CaLiYS%2Fhqu1NGnUJq3eWmGM2DzcjwlvBvHNnpGT3Z1PJU3%2BaR1NkBbg5LUX6%2Ba7bYSt%2F4BwyhrAHh%2Bm4YNfbaX8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 84f3f7048d724bd3-BUF

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C2D5 42 B
64 B 92ms
92ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHPfJNkWK-zu9ZLxpRE4-YICA2TkAFMu4dqABzE2uUn-ioNhow3rkVhFw2H7VAUJHTZ8ax0pbkDVMKQOWy-5MIg_7DJTQqkE1zoIqRtQVTl0J-Hx6wmnPuT7QoE_TrlN0&sig=Cg0ArKJSzGZbShEYaXZOEAE&id=lidar2&mcvt=1000&p=0,0,50,300&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&vu=1&app=0&itpl=20&adk=545762932&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=282575800&rst=1706892958623&rpt=119&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 16:55:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 649E 0
127 B 29ms
29ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 16:55:59 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: btolat-com.cognativex.com
URL: https://btolat-com.cognativex.com/cognativex/cn.js?v=2024-2-2

Verdicts & Comments Add Verdict or Comment

242 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

104 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 20:17:48	Name: sync Value: CgoIoQEQ2YX-1dYxCgoIkQIQ2YX-1dYxCgoItAIQ2YX-1dYxCgoI5gEQ2YX-1dYxCgoIhwIQ2YX-1dYxCgoItwIQ2YX-1dYxCgkIOhDZhf7V1jEKCgiMAhDZhf7V1jEKCQhfENmF_tXWMQoJCB8Q2YX-1dYx
www.btolat.com/	1970-01-20 18:22:36	Name: btolatUTC Value: UTC=600
.izooto.com/	1970-01-21 03:44:12	Name: IZCID Value: 24a331e2-e71e-4a5f-81a9-9a0d92cb9723
.btolat.com/	1970-01-21 03:44:12	Name: _ga Value: GA1.1.191236476.1706892950
.btolat.com/	1970-01-20 18:08:12	Name: lotame_domain_check Value: btolat.com
.doubleclick.net/	1970-01-21 03:44:12	Name: IDE Value: AHWqTUm4V4jsqGFLcP9PYCAzq23fYd1bqfwi2Q26Lombk-acpRfPsUELLpYqRwkN0JE
.crwdcntrl.net/	1970-01-21 00:36:58	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 00:36:58	Name: _cc_id Value: 805a3c43041a8f7a864201379e4351e3
.btolat.com/	1970-01-21 00:37:00	Name: _cc_id Value: 805a3c43041a8f7a864201379e4351e3
.btolat.com/	1970-01-20 18:09:39	Name: panoramaId_expiry Value: 1706979350295
.doubleclick.net/	1970-01-20 18:08:13	Name: test_cookie Value: CheckForPermission
.udmserve.net/	1970-01-21 02:53:48	Name: dt Value: 3913BAD1-0648-3F54-ADDD-A38D0D38D469
.pubmatic.com/	1970-01-20 18:09:39	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-21 02:53:48	Name: CMID Value: Zb0elrEXL5Ubtgw-Tr.TXgAA
.casalemedia.com/	1970-01-20 20:17:48	Name: CMPS Value: 3708
.casalemedia.com/	1970-01-20 20:17:48	Name: CMPRO Value: 3708
.go.sonobi.com/	1970-01-20 18:51:24	Name: __uis Value: 6a07821f-247f-4aa0-965a-0b5f6c181c83
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86181\|Zb0em
.pubmatic.com/	1970-01-20 20:17:48	Name: SyncRTB3 Value: 1708041600%3A220
.pubmatic.com/	1970-01-21 02:53:48	Name: KADUSERCOOKIE Value: E6D1D4D4-0363-4401-9CC1-A9CB81E74D93
.technoratimedia.com/	1970-01-21 03:44:12	Name: tads_uidp_16 Value: 1547975003335
.technoratimedia.com/	1970-01-21 03:44:12	Name: tads_uidp_37 Value: c9ebc201-b3f1-3f79-b625-ea22bf5f41cd
.technoratimedia.com/	1970-01-21 03:44:12	Name: tads_uidp_44 Value: LK993YFP-12-KN2K
.technoratimedia.com/	1970-01-21 03:44:12	Name: tads_uidp_45 Value: A6016292-7C09-4AAF-B0D3-62E359EF2284
.technoratimedia.com/	1970-01-21 03:44:12	Name: tads_uidp_46 Value: 3714675735289733798
.technoratimedia.com/	1970-01-21 03:44:12	Name: tads_uidp_48 Value: d25fe073-ef08-44b5-936e-519782a87488
.technoratimedia.com/	1970-01-21 03:44:12	Name: tads_uidp_49 Value: AQELzpffUGPhSgF89Hk7AQEBAQE
.technoratimedia.com/	1970-01-21 03:44:12	Name: tads_uidp_50 Value: b9399840-030f-0e6c-098e-9b5fdc964725
.technoratimedia.com/	1970-01-21 03:44:12	Name: tads_uidp_61 Value: 212211626104821
.technoratimedia.com/	1970-01-21 03:44:12	Name: tads_uidp_62 Value: 3327441908094430000V10
.technoratimedia.com/	1970-01-21 03:44:12	Name: tads_uidp_64 Value: kzlzfZ0ea0ScZ2w2pGLX3VYw-PZPYrat
.technoratimedia.com/	1970-01-21 03:44:12	Name: tads_uidp_7 Value: ea926551-952f-4845-96ec-ec08a9393564
.technoratimedia.com/	1970-01-21 03:44:12	Name: tads_uidp_70 Value: 1674043991941-957306093047-001464-009-005972
.technoratimedia.com/	1970-01-21 03:44:12	Name: tads_uidp_73 Value: AAAJE07LejwAABNNt9bwLQ
.technoratimedia.com/	1970-01-21 03:44:12	Name: tads_uidp_76 Value: RX-7c3f386d-d811-46ac-a7ac-c2cadde0fd74-005
.technoratimedia.com/	1970-01-20 18:12:32	Name: tads_uidp_77 Value: qj_RdmOZWTy-QpWW3bff91yLLPWfGyWMPRTR958z41w
.technoratimedia.com/	1970-01-20 18:12:32	Name: tads_uidp_79 Value: 2a22dcc8-e173-4495-84d4-1b70c299e3a2
.technoratimedia.com/	1970-01-20 18:12:32	Name: tads_uidp_80 Value: y-7PHRNbtE2uHRdgkmGi8e186xAirRX4e5~A
.technoratimedia.com/	1970-01-20 18:12:32	Name: tads_uidp_82 Value: ZLds-Pkrw-mgXv8Ej1607AAA&2354
.technoratimedia.com/	1970-01-20 18:12:32	Name: tads_uidp_83 Value: ELWDeiSWkKiw
.technoratimedia.com/	1970-01-20 18:12:32	Name: tads_uidp_88 Value: 3618999737689635052636
.technoratimedia.com/	1970-01-21 03:44:12	Name: tads_uidp_90 Value: 62420b2c-93b6-4958-86ee-d0a539a95879
.technoratimedia.com/	1970-01-20 18:12:32	Name: tads_uidp_91 Value: 6493335838109300398brt76151639261561881074b6
.technoratimedia.com/	1970-01-21 03:44:12	Name: tads_uid Value: 5E15D2A62FC44EC58D52C87AC88A86C7
.technoratimedia.com/	1970-01-21 03:44:12	Name: tads_uid_cd Value: 20230719045631+0000
.technoratimedia.com/	1970-01-21 03:44:12	Name: tads_zora Value: 2
.technoratimedia.com/	1970-01-20 18:09:39	Name: envelope_liveramp.com Value: 1693142250488
.yahoo.com/	1970-01-21 02:54:10	Name: A3 Value: d=AQABBJYevWUCEJecndSLa-XC4wB4tW_rANsFEgEBAQFwvmXHZdxH0iMA_eMAAA&S=AQAAAubVuqRuyiwdvjtMBCp5v5A
.udmserve.net/	1970-01-20 20:17:48	Name: sonobi Value: 6a07821f-247f-4aa0-965a-0b5f6c181c83
.analytics.yahoo.com/	1970-01-21 02:53:48	Name: IDSYNC Value: 19di~2gj4
www.btolat.com/	1970-01-20 18:51:24	Name: udmsrc Value: %7B%7D
www.btolat.com/	1970-01-20 18:51:24	Name: _pbjs_userid_consent_data Value: 3524755945110770
.btolat.com/	1970-01-21 02:53:48	Name: _sharedid Value: dffeab18-8951-4a35-969e-9e60ee6233a8
.udmserve.net/	1970-01-20 20:17:48	Name: sncr Value: 5E15D2A62FC44EC58D52C87AC88A86C7
.rubiconproject.com/	1970-01-20 20:17:48	Name: receive-cookie-deprecation Value: 1
.mgid.com/	1970-01-20 18:28:22	Name: lmg_usr Value: 047cb5f1-d5a4-4def-90ca-2176ff2a581e
.mgid.com/	1970-01-20 18:28:22	Name: lmg_r Value: 24
.udmserve.net/	1970-01-20 20:17:48	Name: yahoo Value: y-dYNpxFRE2uIuzKhYx_1D4Nn.u8nAI_mO~A
.contextweb.com/	1970-01-20 18:08:38	Name: vf Value: 1
.contextweb.com/	1970-01-21 02:46:36	Name: V Value: VCwssS95cXIG
.contextweb.com/	1970-01-20 18:17:16	Name: wf Value: 0
.pubmatic.com/	1970-01-20 18:09:39	Name: pi Value: 156505:3
.pubmatic.com/	1970-01-20 20:17:48	Name: chkChromeAb67Sec Value: 2
.udmserve.net/	1970-01-21 02:53:48	Name: udmts Value: 1706892951.0
.udmserve.net/	1970-01-20 20:17:48	Name: magid Value: LS4VZQ1D-X-682G
.udmserve.net/	1970-01-20 20:17:48	Name: mgid Value: 047cb5f1-d5a4-4def-90ca-2176ff2a581e
.adnxs.com/	1970-01-20 20:17:48	Name: XANDR_PANID Value: el0gJtP6FxQVE9_688Wjb-meJg8cqmfSsYb38kGgZLfr7q6Z7uzohRtvK1vsog4PIQNtLhIdi1meoOJxjqcl2ZA_rXb5gCFkSHpFZF2cGmw.
.adnxs.com/	1970-01-21 03:44:12	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:17:48	Name: uuid2 Value: 6768969262973248592
.openx.net/	1970-01-21 02:53:48	Name: i Value: dffeab18-8951-4a35-969e-9e60ee6233a8\|1706892951
.btolat.com/	1970-01-21 02:53:48	Name: FCNEC Value: %5B%5B%22AKsRol9X2vu8b1pabN01Nli4H30uzU4lbgR_fbV52Fnn_IvAeHAXAPqRNV_4MoNxZa-GByAcsi1TfmBt6RXHthkP5sSUmtb-wKzow1eED_iILoGXhltgWbE8tJi597Z3yV1Fx3Mw_rdvtJElhqW44HlF5ze_GClvYA%3D%3D%22%5D%5D
.udmserve.net/	1970-01-20 20:17:48	Name: pmid Value: E6D1D4D4-0363-4401-9CC1-A9CB81E74D93
.quantserve.com/	1970-01-21 03:38:27	Name: mc Value: 65bd1e97-44b0c-cbd52-0897c
.btolat.com/	1970-01-21 03:32:41	Name: __qca Value: P0-1935350463-1706892951136
.udmserve.net/	1970-01-20 20:17:48	Name: apnid Value: 6768969262973248592
.rubiconproject.com/	1970-01-21 02:53:48	Name: khaos Value: LS4VZQC5-24-92BY
.rubiconproject.com/	1970-01-21 02:53:48	Name: audit Value: 1\|tcR/wBEzWcIg01aF3MqDYFYvo2XO8wv+z0QnGM0pmGR1n8s9Vhf95vTbRzTvJNiolRqHAOhxjMLUm04iDcEp5iL5hAXvaZVpXDCU7rEUkD2+xUA9sgf/4eNEKcfJxgEB
www.btolat.com/	1970-01-20 18:51:24	Name: udm_edge_floater_fcap Value: %5B1706892951907%5D
www.btolat.com/	1970-01-20 18:08:14	Name: udm_session Value: 1
.udmserve.net/	1970-01-21 02:53:48	Name: geode Value: "63831660951:96.9.249.40:840:C125:D538:S33:us:rochester:New York:14618:wifi:hosting:?"
.adrta.com/	1970-01-21 03:44:12	Name: __aavi Value: 106184943854201948
.adrta.com/	1970-01-21 03:44:12	Name: __aavt Value: 1706892952048
.adrta.com/	1969-12-31 23:59:59	Name: __aasi Value: 15499156055406744842
.adrta.com/	1969-12-31 23:59:59	Name: __aast Value: 1706892952048
.3lift.com/	1970-01-20 20:17:48	Name: tluid Value: 1182741559470402434070
.adnxs.com/	1970-01-20 20:17:48	Name: anj Value: dTM7k!M4/YDunaTF']wIg2GVHk<NFK!]tbP6j2F-.aDE7BAf@@glAdVfTAdajG?uglvcpHfQhePcyd4desnDfki'Hq*g0D(WETz=
.adnxs.com/	1970-01-20 20:17:48	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIxMTgyNzQxNTU5NDcwNDAyNDM0MDcwIiwiZXhwaXJlcyI6IjIwMjQtMDUtMDJUMTY6NTU6NTJaIn19LCJiaXJ0aGRheSI6IjIwMjQtMDItMDJUMTY6NTU6NTJaIn0=
www.btolat.com/	1970-01-20 18:08:14	Name: udm_session_rad Value: 1
.adsrvr.org/	1970-01-21 02:55:15	Name: TDID Value: 9f10ebaf-c646-4db0-8c16-f9857643db0f
.criteo.com/	1970-01-21 03:29:48	Name: uid Value: 74075c92-52f5-4a73-b144-97155deb59bb
.bidswitch.net/	1970-01-21 02:53:48	Name: tuuid Value: ff2036f8-d120-4770-9c22-ae1b86d2707e
.bidswitch.net/	1970-01-21 02:53:48	Name: c Value: 1706892952
.bidswitch.net/	1970-01-21 02:53:48	Name: tuuid_lu Value: 1706892952
.adsrvr.org/	1970-01-21 02:55:15	Name: TDCPM Value: CAESFgoHc3Z4OXQ1MBILCNjTnpC7htI8EAUYBSABKAIyCwj2tue80YbSPBAFOAE.
.linkedin.com/	1970-01-20 20:17:48	Name: li_sugr Value: 5c1b0039-35c5-4b0e-b8f0-9618d7d4deda
.linkedin.com/	1970-01-21 02:53:48	Name: bcookie Value: "v=2&bc9a3683-dc19-41e7-80fe-abcac705f0ae"
.linkedin.com/	1970-01-20 18:09:39	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3186:u=1:x=1:i=1706892952:t=1706979352:v=2:sig=AQF_Gk-aDwMEjuTEDRjTHMYpg-fU87fS"
.adform.net/	1970-01-20 18:49:58	Name: C Value: 1
.adform.net/	1970-01-20 19:34:36	Name: uid Value: 3117114042597968690
.btolat.com/	1970-01-21 03:29:48	Name: __gads Value: ID=371a9a7fba40be69:T=1706892950:RT=1706892950:S=ALNI_MZe0mCgchdp5It_3oWN5lHthtsEZg
.btolat.com/	1970-01-21 03:29:48	Name: __gpi Value: UID=00000a0aa474a615:T=1706892950:RT=1706892950:S=ALNI_MY18ZbnCqWLIfU-OV2-4koea1uLCg
www.btolat.com/	1970-01-20 18:51:24	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%229f10ebaf-c646-4db0-8c16-f9857643db0f%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222024-01-02T16%3A55%3A54%22%7D
.33across.com/	1970-01-21 02:53:48	Name: check Value: true
.btolat.com/	1970-01-21 03:44:12	Name: _ga_8D6S73ZBHH Value: GS1.1.1706892949.1.0.1706892958.0.0.0

356 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.btolat.com/assets/css/site.localhost.adsCss.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://btolat-com.cognativex.com/cognativex/cn.js?v=2024-2-2 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://bid.underdog.media/udm-r3_v2.23.3.js(Line 4) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://ups.analytics.yahoo.com/ups/58809/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://www.btolat.com/&pixelId=58809 Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.btolat.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

60dbaa7ba76930caaa0b753afd214be0.safeframe.googlesyndication.com
a.tribalfusion.com
adrta.com
ads.us.criteo.com
analytics.pangle-ads.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bid.contextweb.com
bid.underdog.media
bidder.criteo.com
btolat-com.cognativex.com
c1.adform.net
cat.va.us.criteo.com
cdn-ima.33across.com
cdn.exitbee.com
cdn.izooto.com
cdn.jsdelivr.net
cdn.taboola.com
cdnjs.cloudflare.com
cm-x.mgid.com
cm.g.doubleclick.net
connect.facebook.net
connectid.analytics.yahoo.com
csm.us.criteo.net
dis.criteo.com
eb2.3lift.com
edge.udmserve.net
fastlane.rubiconproject.com
fundingchoicesmessages.google.com
hbopenbid.pubmatic.com
ib.3lift.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
imageproxy.us.criteo.net
img.btolat.com
invstatic101.creativecdn.com
ipv6.adrta.com
lbs-event.gcp.lineate-33x.net
lexicon.33across.com
match.adsrvr.org
nh.iz.do
nhwimp.izooto.com
oa.openxcdn.net
pagead2.googlesyndication.com
pahtuo.tech
palibzh.tech
pix.adrta.com
pixel-us-west.rubiconproject.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
q.adrta.com
rtb-csync.smartadserver.com
rtb.va.us.criteo.com
rules.quantcount.com
s.ad.smaato.net
s.tribalfusion.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssc.33across.com
ssum-sec.casalemedia.com
static.btolat.com
static.criteo.net
sync.go.sonobi.com
sync.teads.tv
sync.technoratimedia.com
t.adx.opera.com
tags.crwdcntrl.net
tlx.3lift.com
tpc.googlesyndication.com
udmserve.net
underdogmedia-d.openx.net
ups.analytics.yahoo.com
widget.va.us.criteo.com
www.btolat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
btolat-com.cognativex.com
104.126.118.233
104.18.35.167
104.36.115.111
108.138.128.34
142.251.41.2
151.101.1.44
162.248.18.32
162.248.18.37
172.64.151.101
18.160.41.11
18.211.142.103
185.167.164.49
198.148.27.131
23.105.12.136
23.51.57.155
2600:1f14:b4f:4b01:7091:955:d445:d0bb
2600:1f18:4e9:5a02:6bb3:3cd1:d7e4:6108
2600:9000:210b:f400:d:c38f:29c0:93a1
2600:9000:21da:800:5:c4ab:c3c0:93a1
2600:9000:21dd:4800:6:44e3:f8c0:93a1
2600:9000:21ea:c600:10:dd8:5e40:93a1
2600:9000:2209:3a00:1b:5138:8a40:93a1
2602:803:c002:200::32
2603:c020:400d:3000:b5b3:7157:5b47:80e4
2606:4700:3030::ac43:9d6e
2606:4700:3032::ac43:b2aa
2606:4700:3033::6815:5ea5
2606:4700:3038::6815:eb96
2606:4700::6811:180e
2606:4700::6811:3663
2606:4700::6812:19ad
2606:4700::6812:d841
2607:f350:3:2569:0:10:0:200c
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80d::2002
2607:f8b0:4006:817::2001
2607:f8b0:4006:817::2002
2607:f8b0:4006:81e::200e
2607:f8b0:4006:821::2004
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::2001
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::9
2620:116:800b:21:4cb8:1820:80ca:50f7
2620:1ec:21::14
2a03:2880:f03f:1c:face:b00c:0:3
2a03:2880:f13f:83:face:b00c:0:25de
2a04:4e42::485
3.225.218.10
3.33.220.150
34.102.146.192
34.117.239.71
34.149.20.76
34.227.136.147
34.234.202.79
34.96.70.87
35.211.178.172
35.244.159.8
35.244.193.51
52.207.14.250
52.223.22.214
64.74.236.255
68.67.179.155
68.71.249.118
68.71.249.120
74.119.119.129
74.119.119.147
74.119.119.150
8.2.110.161
8.28.7.84
8.39.36.142
82.145.213.8
000fbd8aa1620ccdd4d34994f933fba3e8491960c14ec50173bc409fbe7dc32f
00760f0f99baca15aee36219035d322b28a51c435c1576984a4cbaeeb9484814
00f4303c90554ed1a870b9c282e09a7e5c9401bd35a47ebe43264c61299029ca
00fbc73f4e68d34a100f178839665e9925ca33e6838a3972eaba95c9b7c88352
026bddb7135c0bc7d98b5d491c955741ee7fd229de2d9182c5e46da802c9edab
06a5906acf4db557646d52372985803b866900b2827c64b16b0d072431165232
06d3d741cd31435bd2ae69303bd5c04bf62ed156e63b4ae35693e73f8abb104a
06ded308a6e2228c2617ae1b6fe66480541618280b649b97d3dd5402410c2aff
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b59c84236e1aa480f6e46307bc58e447153f649c3e78390495b1ae6ef08730b
0b8a1d9d8eed5af68ed7ce830f43968deefcaa01a3a2fa146b156cc01f6e4a98
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cca105a0c09196e6f90934724a2870903f11f52200da693f399155a5f6ada8a
0ec6f2a376e33e43dd0ac32946a6fed1e1b865f258886da1d1d8aa800ad4d694
1078d66bc3cd244ab4bc95bfa443adece79dd54de00d92c1bf5408b4536635c5
11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74
13571247c6a2f715e1678d349f05188be702e9feebe4c42435c69ac1a80ee91f
19cf03eebb95dc892017074b68f681873de20920c928081963b1e992e56651fe
1e91e06c06bbbb021a7a6b87c9b1e01d2fa18f16de16e30e1a8a5c8b9a2b93db
1f304b10c9ad6baa126ed376ae8341fa5340294dc801f4506efc09999fc27765
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2089257e7d30ddaf399c1898726857e31ef7f903286e107bfaa4d4e16afb12ad
22f84d5fa7738252545393a318cbce0d7402d558740038184a6c7f28c3fa55cd
267bcaa6d5c8b423764b143f8cc0d50986cc404efaa6b38deb9927d7a01460d8
26c083121d34d879a05b5919b41261ad43ade8e2ab52a941cdbdc9aab934ab62
28246fc455ed80a6d38f2779e518e2fb49031680c01ae393a7cae3d04462daf0
284e5a3018a69056c0a110ba83169175824f7b677a342d006b463ba29237a8ee
290ee15eacb8b58fc7928de2588910d1a5ed2f868b5a178bb0fbf22b2d17271a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c4ff85d4acb13ae166c4eca2d71cef262ef6a06c3aa75dce78d66f56a7040eb
2c765616d0bb062058d466d27b37704e0478b15d3e0f35d1b4e32a2cccde8d2e
2d2cdd6a3294a3ac5d4a4495822b01f60a793c9081759e2a79bdecacc4eec47a
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
2fe101c0179046604a21b2762c7e7e44d98646267727910c9fb30383eab3302e
30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb
3123c0416aac4344d7de8e6921ef7c094989473880893f50ae5cb9e74c63c612
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
317167a1450aef9fc1f9f55e04b3bec22c75ec28e512938f09149c290706b0eb
3207350ac2167aaed31db10ac9fc379890bcdd4bcbc1528e0e96ece7a03615e6
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32df58df31f0e75cd91d691a39efe5a3b62df7dec5fdcbc809822dca1531ddf6
32f7ed82f1e99150e45f823761172961f08ce3d3f8dfa8d29df6ed6b478fdce7
38b93a380a25062cc97b648adf99e681b5f5ac899d618e4e5138a8fff0d8e581
38dea2343096b54df738b3ed21ee159cac78d9ae9ac32226343f7628f1552301
3aba1085fe27cf78f0c318ed85f70354c5e387b40376ec90cbfb529040c4aa4f
3addac1f8a8aafd8db0c71e77ae8fe1e029c4a6c2ceda391b26236500d5507d5
3aeaec26604150644eb721e54cb1c089e1369b825e6d2dee9f1d84d58cdbe586
3c1195fdef981796930b67be17e052c2c7541131a55717fb1228cb029ce8ddfc
3facec91842124c9cd42006ec4c9bb3ee4a59b84bcb1ca77fa42232fb0209232
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
448d631ee06f79f0281913f71dcbd540551f7e274d9f6da67d6cb04942f371ca
45525d7344ce66396376e0d74934921bd1249227825c9997ed3753bef99997cd
4588606b9e1bc0f5fc5166c9c48a1ed9ef188c0fcbe16a7ef3e5c9dcd6e996e8
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46c82f5a01bae64f72f59003f7fbb4122724c7616016c44a7869457ff27b07ea
473d680317e2c25d831274e1da0f300f77d48155940d736ffe4eda56d8353dd7
474cea7f3f466424de9bae50f66c078ea836427bf55c23973bfdd194ed125891
4af04694d8e69474ce2f0170c4f17279b6d16abdb77f166b1a122133d8f13b77
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dfc1bab17adc509be26562eb2313772bef775cf21acda5956fa979d163f76a0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e10773eeeb77da0a67f4d5547afa647a416003e5b6fae1bfe6937f4e8e0f9d9
4ef546db08af45181e73c6a623bd2f6d4eca7958e8f4db46e887bfa2ba74f28f
51bf4c83e59f191accee907f1e076861e6529a64f3ec19232a2391e12c89ff7d
53bb09934363bf519fad500cb24f9acc2b45a1b5169d6478ceb64c740b2cecc1
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54ece55bf509d7ea07fb4a78c2d1273d5267fee86cefc14b78e495e8ce12f3eb
5579c895275de7a114a70a0a6c4774a7793cb52bbdba5f7e5d760bc1115f556c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57a8fe161358732fbd3ad2e7750d180df7b8f033f88621b93f9a250934e6c3b3
5871174e0b2816ab64e1819e8ba696cc4e3620cb439d82e3b69ef2352737b4cd
587c080125b135d29a931ed371e50ffc1a9641831c1087de2cd74532815f4560
59289e96a9b37e4668081ef40bd08bff0af822699ee8a23b8c8c1424f5717720
5942eefe94f05d709e07d3370bcc6f18e29d455239ebec6f820a4a308b6cbfba
5abd4d592ab3d6008cd901ad585957239465c51270c75d7ab782d3ff5e243165
5b38a128b788add8d752869a015b0af2811a42bd192c575b972fdca350db821d
5cb3d6eb9c192f0339126dc9290c8cdc286512f79318d9a6e5033b2ebb93e8cd
5d5adc616d52749a81bdb59144742b3daa4a29cc797bd756bb10cd4b8f2bf613
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64c574e4b4b9aec5ee359b4cec763a4ecb125b18e0d6cdc6c75e14239bbefa03
663a877bbee16a7a3d457d63b6ce5bb8c567942e558742c3a116687897460cec
66903d7fc339c501a29476768b01da8f7e3016190a5fa7a8138762aad6c6f9a7
671cc13dd0cce3ae25659c138f7e490429570422a59b5a811fd9f83db32e2c4e
67ac59eb8f1911ed3ea10baac36fbce1e6b5b73b33a83dc5289da11c22d2acca
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
68f33dec93b3fbcce8ef912d1e754b1d195e90120ab867132b9c43706151ef24
694862fded68c26a6d846df4aeaefab129f532681e387581707ba132837ffbb5
6ad70f36f63dc51313fbaa3178e3e347de8774f1096e2f41bafd5968d628823e
6ada9859bfe0473d4e974a7a20285312e9898cc6c0e1a5c3bd3f2d6c43f5e0fa
6b464a41c874c4dff3155624c93077e98324e88a27b30821dd80953a43638a93
6c940acb0bb5d4c0e39c1e6adb8ded26fceab274ae0708283ad3c5e7269bae7e
6cf3905f34060d87775e6010bfcda5aeed37becceb1d7229196ea8e8501a7c0a
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
6e6304cbc6414b8f0e4ac98cbed84e091de6b35be714ac116895d8a64eb66171
71b6dff9ec67e79aaffe745d29812a1e3699e8c303bd08e7e6259fe4ffcd0d67
7211d5c7ce5067ab5480323f5a75480ca4ab9b1784b95acfed3034a952f898c7
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72f00e2c1a1f64704c8bc17344a0ba2afb241ca9ff6ae46720c383e9ad4325da
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
73e79073e66c1b19307580216c5b86ee24adcae9d62785fd6fafd98a8a580762
758a849ace3f8da872dbe66c1f7fe9de5bbf161ce29e54686a0a5af46a2ac74b
77137bbce2301309e562a9c10b48b59b5068f14d0c79c0a7ee59d0e1990042c7
794198f384403178da7acd2628adad043742db45b3f8419fb7a0f9e2b209eb49
7a1da8457df27511da04c224a43b88bed9d535c943949a0b2935612f9081d90e
7aae1c8ba31001d9f86bb039d6651315f2556d36335f9548149ac4f40000f225
7b520dd3caf8992dae95a6909e9b27af88b88ce2de00bd96cf73611a54fb2c02
7ef57e3b68e991e7f960f5d5a82a179d01df0ca2dfcfc5919496610b1f112bd2
7f478e0982569b51b6cf2a2596a4509e9e473ab3fd0bc5b149dc69d73fd01326
808378206165dff58ba1ad25a74660deaddbf3d6d49338dd661378e6e543bf9c
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
83caf67b8921dbd831ff7fd069b7e6b210d4128a2b75385e0d0bfa5e843b64a3
84bb6777670ca188fb6a7d6298b367e96e356e00a34c9af3c8e66c1e949601b5
877cdfa04964a9e81e0b716c850a75dbdab5954f92e8b753e483f4093ca5ec17
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
88dbd445a9da748d92e5c6377c32a461cfb02bab123007b08241ce50af040889
89ac5c8a72482bddaa170e5dd1ac1fa2d1eff5ef048e509e77055dd4128f1e45
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a0a516a6cdd366b8cbe2f675ca27144241f2623643d01706c46cd63eaf188c3
8a5145e33eb729774e50ba83cdbbce0709a4839d2a68bdc1585144447f84092f
8b1d19cea7be46f8a2330c4e33f66b525f2f864c3f3d9e326ba0abfcc1bdcab1
8befb2da354d7f317a1d148773743125635d00d5488bae27835566fb4cb253f9
8c66f4aca2010db9ea45505b5f0ff0a67dfc576ceb36377901474e2aa8e5c34f
8d763512aa9db6d4ab91078318b5fecf6c8d8b4458a7439daba34d1ffef7b138
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f313cbb86583d27e264b5eefa0f1a2aa1cc5a70b77d6237d00161862ac404a7
8fd8bf21d2362f47ddb5cde9854f247b47d8c1b3f6115ebaf1f59867d3e6805a
8fe25e08fd7edd50bc59273ccf05a9909fc1124e942effeb467fb397339db22e
8fec884d02f6b4e88e58427e9d360203f891b4bd17d5f67c2b0bdd2d1857f388
904af3f64e47ba074ef1030a488f0a44eacf3b779d7a45a0c5c6c772463b8661
90cb4d46776c875a4c78e44018869a25b68d2b2aa567764a3bf19d91c59fc3a5
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
956985b694383ea62cd9be68c31def57c2edf1db137f66e12f3b41a39bb50166
976874c659c57019b3aea59421a6b09746551c14bb0348b695b3138f2dfd9e5d
987276ad08d30939966de1f4095ae854f1b897a4b81004aa6ca73f52db285e66
99d21169095c7dc6c8314f18e7e6b198fed51afd5b58684f68f8bd1645dcfaa8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b8fbe907b42a439b29348b6b808725467728ba8df78726254369df21cd276ea
9d8552f58c3962ffc54bed6f9a348c2b91b8d5fed219411a49cffa67baa5bbee
9f6bddf865d5b90bdeb56c1e4316f8be0d5c7fbe8f096554c910984e73a21efc
a00126aee181ced651688d9a051b8a67b64da864333bd8e3f04454a7455bc272
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a181bd575acac3e33ee0d4eb2f6e098d3e8c79ebcaa91e023c7a40db532982ec
a2093b08e230bcafef78c492eb1a9690b23b9c9d3a6a9ccdb21ec5d1c32e905f
a29e3a217c41e7f7c4dc7c1c7db1a8ef16295c610d943b82c422b1a735897fb8
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4c230434850badb7dc8448fa59c15cabcf0a9cd731ec725dbed7d054e02eab2
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5a5eec0a638c2e8cbc85741f40b515f6b554852d5f93c99d6627a0d08a1c376
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b
a88ebf574e066bd228e2d6c4efd1042c8dfddef60534f3ffc83832f57866ff2c
aa291e49a8cd495a946c87338cb91458d242ba62b1261c3ff05ba44416f1dbc1
ab89a73dfe6b53831724660baa5eca23390e6344a93eeff5836a82be7dd2ae1b
ad0704e19c68e2757adb852c8b39a71437926d56f42a81c81ac5cda79e0bc932
ad89880a8cd1f12e6bef9852757b2eba2701a4293f58fcda69f59ab188c5e837
aec396661c156428b535bc07b917cdc290218b7226ccafeb6c971c714cbfaec0
af6e31eb51393c67a65b952cc73449bfb19f60270cdba7c77a00f79243695405
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1595a98ae345c2e2d3074097b5a0dd1af92b5a7fb635f9af9e2985311af63c4
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b3878d13a99341ea76a01f302cafdeebc46c68a7f7aa19147082cbfb982bff9c
b578f923c6d2826feabac2442d3e73f201f56f8d3d22235e42c0ea8dbdb96a77
b6592044a6fe7196d2c94fd47b47174b82af18d8a4bd3d1c7e8326663d506a4e
b6d163f6ac847d2ae411128f4a3b9397034b109bff2bfd4db86182761eb1bbd6
b76fa13d5bffdebff131658e673801d68269535a10d7df5befd2bb624a2864cf
b81180d6821e8e0b339b3d679f77ea235b66a9d24d3dd2e845b66d9fd5e937c4
b8249e082115c5e858fdb8beac27ef3cd2df1bc2bda577b1afaa1f1a53b6c9fe
bab2d19256cb770c2334d1f0280f9a35563b2369389ce62e7945e7d0fa2100c5
bafaeefbb707009e6b0679fe20173e0c5ce936812f89254b79408a45a675dabe
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc4a57972a6fb41be74088626646b9c1c02b8be5cb2142f4fdda77a3693ca96f
bcfbccbfcfed5bea23fa803211528967b800cbdee9380da7f44aa71d5b3f6179
bd40c1c311037a6e5c8bf7e1b43b412a14f2a7806e5d340125ea46802852ff73
beb00a215efa07f175d2da5d59bea3578ae9c67b1699cea139ee9f4b44e53a6a
c053296a9992bdff00722df969399ef088f8cc97b3c61811d94fde5dcb039967
c07c689ee7cee412664dbdf0a74f744c97afdc56a7233719651f000d927bd96e
c09919f06ceb799754bfe3810c1955cb270dc433e8eebe6c55ffac70db4b732f
c18d5bc93845dc3a04c0262d9afa91dfe91212635381a94702c7ea30f412f9e5
c3197782721b8b7d31dc092b4c7536e568703fea6445dd489808ff42cb597421
c5894eb6659eaf9f6f5bee10820b1ba197e45cc3f33b7c83523c84be66488616
c5dc5eb5a1c1047fe35716d547f786b2e6dab88eb710055dd6e17fdd67905ba2
c6d6e1b5a8106e8624cd94dfb25383a222f722bb8fa8817780d91405bccd991b
c768a151beeba737f6bdcafecf755cacdcedc0addb237da840766f826567deb1
c7eb3e827edb98d53070f7e82665b5a13fd7b5293d4c8c22653571836c4a3867
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c804a48c27c95ece02166174d1ed784187384ae36ea58848fd362f30824d21f1
c91a30c0e50400550b487126118ebbcf5439b4410a997893f1a7c96f4e967356
ca2c097150f83129a3adfb93d7f6baefca3b415fba036960e7d34618edc3fac7
cbd7cad8837207f238d026b3845e11853660fa5b179a6c96b55d0821ab5fb741
ccc59ddc44606d3ba4bdbf95dc28826f0f266cbaf9d8f680548f4cc20f31c0c0
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ce462ca9cead618103382778ab4de741afec15d84d4a5bbc2f51276a2cafe5cf
ceff5b44cbe23bb8cbe4614106aae88cda8f205c6cbd7141cf0d32fccab07101
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
cf23098d0dceb8591e215a9ad2fa5a9c515b7c8e6877c1d0d3ec49b3d81231ae
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
d2496ca32281440c21a2f668fd6dc1fc44a88cedab44bc489fa023a07178c3c3
d26bebe969f16408013116298a3ac4f27d8e8dbff1aca4f1f74b66697e63d202
d4f6e17456a63a9af1a4d89608f9a415bc5922ad25e9793f59b4b7e5d2151d26
d52a64488263a8b7be682fd9f84caf1a4522adf543b7a421fc979b0addc31f4c
d7a62b14778a5e0ccf6040168302eb509cdf9d1a0e8f7f025f7f542efcbd2d48
d7c37708941ba6aa1d633badb37269ac5adaa76ed77a53986cecfb0c63b7145a
dc719b2398bf4180d048904f5c37006183bac05f2d152df0795aab4ced853b7d
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e0c9a9eb7454c1f1a9519e6eb7eb1fd331966ce401a869acfb6d29bea4b7b8fb
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2772ea954281d04b4e4572eaa56fcaeffdce140f854a8b635973e1fb36acffc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cc9cf6cd241ae0ceacc50e4fa48fecf0cafae7484317e474a9ea24ab1be86a
e4328d7fd75e056c121030d8c8784560c9e0c442e07485d6c29ef849fa675a1e
e52ec989a1ef0744bacaa597935b7c107d84669815441823f52aae026af38fdf
e54a626a26b060dc463c98d3d747faa7172b131cd69f01275edaab4763dad146
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5c38833863ce59fe58c2b7a919eda09412f51e310a514b30c38c9d6ef1c7cd4
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e9971329da8a078d119880b5107c02931267f6dda16085575125f9511f8f15ca
eab084a71b95a8dd83f7b754e69b9ba73dda54a3566693058345789666b25c5c
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
eb92a0b611a67f6017cbe3e9541b673c165939913a07b0801ae9362926b64e08
ec6385824ec153a716124fabd85994399f59dade9c12b06d33b74b13d988d0fc
eea13bd68eef41a976badd064101348264fbdb5d4268a896cfe93c6e848b1ac3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06f40eba9a86a026036462084bee29b78224fb6aeb84ffe1f47dd147c72352d
f1f0630d276906acb1f05d62ef73e563bb0eabbdbe54e453884c1673c9e4af45
f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60
f486ee13d5d1ebec9547910bfa85e06ec621e178c1ac69745dbf1a992d9cade3
f59ea4e1ad6bed241182bdf4ace7a1e70edcfdee9b20fc02528f1a0260b2360e
f65badbec7f23d1a92fa71089f249aeefbd86dcd3022d5fb126539a73622c806
f70b02502195fd4cbb1185d81332d67a969629c5f95d635bbae579b73c31603c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8c6159aa9c5e80febd88e8bf40da8d1b9764cfdb7bbe339984e69e8b21d5817
f9a5dcab9c4f4abd7b573c15c8e645ed53d3108e09c4e4253ddc1fba49d6c34d
ff086d4f685c26a98ce7977c05c2d6be61d6a976a1af24f21d8a81820af6d67f
ff66c7021cb249375c8249c2a22f7b78a907d179a42f510de3acd707b44b4d6b
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
ffa5ec13f0cce16c6d4375ae5a743b01b7ec2bab1c5c45bbb6d66e4d4570736c

www.btolat.com Open in urlscan Pro 2606:4700:3038::6815:eb96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

413 Requests

94 %HTTPS

49 %IPv6

52 Domains

84 Subdomains

63 IPs

4 Countries

5190 kBTransfer

12029 kBSize

104 Cookies

10 Outgoing links

Redirected requests

413 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.btolat.com Open in urlscan Pro
2606:4700:3038::6815:eb96 Public Scan

Screenshot
Live screenshot

Full Image

413
Requests

94 %
HTTPS

49 %
IPv6

52
Domains

84
Subdomains

63
IPs

4
Countries

5190 kB
Transfer

12029 kB
Size

104
Cookies

413 HTTP transactions
10 data transactions