d1m96zdhhs5cb2.cloudfront.net Open in urlscan Pro
2600:9000:201e:c800:1:f6a7:6380:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://d1m96zdhhs5cb2.cloudfront.net/
Submission: On December 11 via api (December 11th 2023, 2:53:41 pm UTC) from US — Scanned from US

Summary HTTP 137 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 36 IPs in 2 countries across 27 domains to perform 137 HTTP transactions. The main IP is 2600:9000:201e:c800:1:f6a7:6380:93a1, located in United States and belongs to AMAZON-02, US. The main domain is d1m96zdhhs5cb2.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 10th 2023. Valid for: a year.

This is the only time d1m96zdhhs5cb2.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2600:9000:201... 2600:9000:201e:c800:1:f6a7:6380:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:141b:1c0... 2600:141b:1c00:8::1728:b330	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2600:9000:24f... 2600:9000:24f0:ac00:1:5424:4140:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:141b:1c0... 2600:141b:1c00:8::1728:b323	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
16	2607:f8b0:400... 2607:f8b0:4006:80c::200e	15169 (GOOGLE) (GOOGLE)
7 10	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
1	146.75.28.157 146.75.28.157	54113 (FASTLY) (FASTLY)
2	54.76.42.188 54.76.42.188	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
9	2607:f8b0:400... 2607:f8b0:4006:80b::200e	15169 (GOOGLE) (GOOGLE)
7	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
6	23.44.203.140 23.44.203.140	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.162.129.245 3.162.129.245	16509 (AMAZON-02) (AMAZON-02)
2 4	142.251.40.134 142.251.40.134	15169 (GOOGLE) (GOOGLE)
2	99.86.229.99 99.86.229.99	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::645	54113 (FASTLY) (FASTLY)
2	108.139.33.128 108.139.33.128	16509 (AMAZON-02) (AMAZON-02)
11	2607:f8b0:400... 2607:f8b0:4006:80f::2004	15169 (GOOGLE) (GOOGLE)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c0b::9d	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:600... 2a04:4e42:600::645	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:821::2006	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81f::2016	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:807::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:c::9	15169 (GOOGLE) (GOOGLE)
2 6	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
2 2	68.67.160.137 68.67.160.137	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
1	23.223.209.209 23.223.209.209	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.210.78.157 18.210.78.157	14618 (AMAZON-AES) (AMAZON-AES)
1	3.222.250.56 3.222.250.56	14618 (AMAZON-AES) (AMAZON-AES)
137	36

12 2600:9000:201e:c800:1:f6a7:6380:93a1 (United States)

ASN16509 (AMAZON-02, US)

d1m96zdhhs5cb2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:141b:1c00:8::1728:b330 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:24f0:ac00:1:5424:4140:21 (United States)

ASN16509 (AMAZON-02, US)

dx35vtwkllhj9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:8::1728:b323 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4006:80c::200e (United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:81d::2002 (United States) 7 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.42.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-42-188.eu-west-1.compute.amazonaws.com

stdata.powster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:80b::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.40.130 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.44.203.140 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-203-140.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.129.245 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-129-245.iad61.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.134 (Newark, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f6.1e100.net

undefined.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.229.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-229-99.iad79.r.cloudfront.net

showtimes-v2.s-prod.pow.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)

jssdkcdns.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.139.33.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-33-128.jfk50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:80f::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c0b::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)

identity.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2006 (United States)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81f::2016 (United States)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:807::2001 (United States)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:c::9 (United States)

ASN15169 (GOOGLE, US)

rr4---sn-ab5sznzs.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.194 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.137 (Jersey City, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.225.218.10 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.223.209.209 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-223-209-209.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.78.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-78-157.compute-1.amazonaws.com

nbcu.track.securedvisit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.250.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-250-56.compute-1.amazonaws.com

track.securedvisit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	cloudfront.net d1m96zdhhs5cb2.cloudfront.net dx35vtwkllhj9.cloudfront.net	3 MB
18	doubleclick.net 10 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 undefined.fls.doubleclick.net — Cisco Umbrella Rank: 42677 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 static.doubleclick.net — Cisco Umbrella Rank: 248 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	6 KB
17	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 93 analytics.google.com — Cisco Umbrella Rank: 152	21 KB
16	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	1 MB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
8	adsrvr.org 2 redirects js.adsrvr.org — Cisco Umbrella Rank: 1355 insight.adsrvr.org — Cisco Umbrella Rank: 557 match.adsrvr.org — Cisco Umbrella Rank: 331	7 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	656 KB
7	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138	12 KB
6	googlevideo.com rr4---sn-ab5sznzs.googlevideo.com — Cisco Umbrella Rank: 21191	1 MB
6	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 617	147 KB
4	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 89	394 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 203	40 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	48 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 446 p.typekit.net — Cisco Umbrella Rank: 559	152 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 307	1 KB
3	mparticle.com jssdkcdns.mparticle.com — Cisco Umbrella Rank: 6243 identity.mparticle.com — Cisco Umbrella Rank: 2987	44 KB
2	securedvisit.com nbcu.track.securedvisit.com — Cisco Umbrella Rank: 11622 track.securedvisit.com — Cisco Umbrella Rank: 4905	26 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	2 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 226	8 KB
2	pow.io showtimes-v2.s-prod.pow.io — Cisco Umbrella Rank: 40897	945 B
2	powster.com stdata.powster.com — Cisco Umbrella Rank: 40839	823 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 866	659 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 339	915 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1387	637 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 945	18 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1266	8 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 678	15 KB
137	27

	Domain	Requested by
16	www.youtube.com	www.googletagmanager.com d1m96zdhhs5cb2.cloudfront.net www.youtube.com
12	d1m96zdhhs5cb2.cloudfront.net	d1m96zdhhs5cb2.cloudfront.net
11	www.google.com	d1m96zdhhs5cb2.cloudfront.net www.youtube.com
10	googleads.g.doubleclick.net	7 redirects www.googletagmanager.com www.youtube.com
10	dx35vtwkllhj9.cloudfront.net	d1m96zdhhs5cb2.cloudfront.net
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
8	www.googletagmanager.com	d1m96zdhhs5cb2.cloudfront.net www.googletagmanager.com
7	www.googleadservices.com	www.googletagmanager.com
6	rr4---sn-ab5sznzs.googlevideo.com	www.youtube.com
6	analytics.tiktok.com	www.googletagmanager.com d1m96zdhhs5cb2.cloudfront.net analytics.tiktok.com
4	match.adsrvr.org	js.adsrvr.org
4	i.ytimg.com	www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
4	analytics.google.com	www.googletagmanager.com
4	undefined.fls.doubleclick.net	2 redirects www.googletagmanager.com
3	ups.analytics.yahoo.com	3 redirects
3	use.typekit.net	d1m96zdhhs5cb2.cloudfront.net use.typekit.net
2	ib.adnxs.com	2 redirects
2	insight.adsrvr.org	2 redirects
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	yt3.ggpht.com	www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	identity.mparticle.com	jssdkcdns.mparticle.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	adservice.google.com	undefined.fls.doubleclick.net
2	js.adsrvr.org	www.googletagmanager.com match.adsrvr.org
2	showtimes-v2.s-prod.pow.io	d1m96zdhhs5cb2.cloudfront.net
2	stdata.powster.com	d1m96zdhhs5cb2.cloudfront.net
1	track.securedvisit.com
1	nbcu.track.securedvisit.com	d1m96zdhhs5cb2.cloudfront.net
1	hb.yahoo.net
1	pixel.rubiconproject.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	static.doubleclick.net	www.youtube.com
1	alb.reddit.com	d1m96zdhhs5cb2.cloudfront.net
1	jssdkcdns.mparticle.com	d1m96zdhhs5cb2.cloudfront.net
1	sc-static.net	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	p.typekit.net	use.typekit.net
137	40

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.pinterest.co.uk
www.tumblr.com
telegram.me
www.instagram.com
www.youtube.com
www.powster.com
www.nbcuniversal.com
www.filmratings.com
www.motionpictures.org
www.universalstudios.com

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
movies.powster.com Amazon RSA 2048 M02	`2023-08-03` - `2024-08-31`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
showtimes-v2.s-prod.pow.io Amazon RSA 2048 M03	`2023-11-21` - `2024-12-20`	a year	crt.sh
jssdkcdns.mparticle.com Go Daddy Secure Certificate Authority - G2	`2023-05-02` - `2024-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-02-28`	6 months	crt.sh
identity.mparticle.com Go Daddy Secure Certificate Authority - G2	`2023-05-08` - `2024-06-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-11-14` - `2024-01-23`	2 months	crt.sh
securedvisit.com Amazon RSA 2048 M03	`2023-08-16` - `2024-09-13`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://d1m96zdhhs5cb2.cloudfront.net/
Frame ID: 0E66ABE8BD7BA6E8434A5B0BC520FE4D
Requests: 89 HTTP requests in this frame

Frame: https://undefined.fls.doubleclick.net/activityi;dc_pre=CNy0oMjRh4MDFaUGTwgdrgIP8w;src=undefined;type=fallg0;cat=landingp;ord=9988159863276;auiddc=333263714.1702306412;gtm=45He3bt0v831986021;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F
Frame ID: CE25950994A635D6D65CA6CC454AFCD6
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1
Frame ID: A7D099083F1C7025E44EF3F641C614B8
Requests: 37 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=hztlnt1&ref=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&upid=cp4n85h&upv=1.1.0&td1=The%20Fall%20Guy&td2=action
Frame ID: 79D12F804E6791348818E46906CE43EC
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f&google_gid=CAESELCPj1HJPs9KZFwge7rG470&google_cver=1
Frame ID: 8411FBEE289C6EAA1AEBABC1D09264E9
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=3309842143433809727&ttd_tdid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f
Frame ID: EECE62056B3D1D1324AB4876EC94C00E
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: F8E06C6767612AC98B5B3FF9837BD951
Requests: 1 HTTP requests in this frame

Frame: https://undefined.fls.doubleclick.net/activityi;dc_pre=COv408nRh4MDFbAdTwgdzlEC7g;src=undefined;type=fallg0;cat=3sdwell;ord=8264843594928;auiddc=333263714.1702306412;gtm=45He3bt0v831986021;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F
Frame ID: 39F4AE7072C067E07F4D089C7DCEE0AA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Le Casca Deur | Site web officiel | 1 Mars 2024

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

137
Requests

94 %
HTTPS

56 %
IPv6

27
Domains

40
Subdomains

36
IPs

2
Countries

7184 kB
Transfer

12315 kB
Size

25
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/intent/tweet?text=Voyez%20Le%20Casca%20Deur%20with%20me&url=https%3A%2F%2Fwww.lecascadeurlefilm.ca

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.lecascadeurlefilm.ca%2F

Search URL Search Domain Scan URL

URL: https://www.pinterest.co.uk/pin/create/button/?url=https%3A%2F%2Fwww.lecascadeurlefilm.ca&media=https://dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/images/regions/ca_fr/share.png&description=Voyez%20Le%20Casca%20Deur%20with%20me

Search URL Search Domain Scan URL

URL: http://www.tumblr.com/share/link?url=https%3A%2F%2Fwww.lecascadeurlefilm.ca/&description=Voyez%20Le%20Casca%20Deur%20with%20me

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https%3A%2F%2Fwww.lecascadeurlefilm.ca&text=Voyez%20Le%20Casca%20Deur%20with%20me

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UniversalPicturesCanada

Search URL Search Domain Scan URL

URL: https://www.instagram.com/universalpicturescanada/

Search URL Search Domain Scan URL

URL: https://twitter.com/UniPicturesCAN

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/unipicturescanada

Search URL Search Domain Scan URL

URL: https://www.powster.com/
Title: MOVIE PLATFORM © 2023 POWSTER

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/
Title: © 2023 Universal Pictures. TOUS DROITS RÉSERVÉS.

Search URL Search Domain Scan URL

URL: http://www.nbcuniversal.com/privacy/
Title: Politique de Confidentialité

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/terms
Title: Conditions D’utilisation

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/notrtoo?intake=Universal_Pictures
Title: Your Privacy Choices

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/california-consumer-privacy-act?intake=Universal_Pictures
Title: CA Notice

Search URL Search Domain Scan URL

URL: https://www.filmratings.com/
Title: Filmratings.com

Search URL Search Domain Scan URL

URL: https://www.motionpictures.org/
Title: MPA.ORG

Search URL Search Domain Scan URL

URL: http://www.universalstudios.com/contact_form.php
Title: Feedback

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://undefined.fls.doubleclick.net/activityi;src=undefined;type=fallg0;cat=landingp;ord=9988159863276;auiddc=333263714.1702306412;gtm=45He3bt0v831986021;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F HTTP 302
https://undefined.fls.doubleclick.net/activityi;dc_pre=CNy0oMjRh4MDFaUGTwgdrgIP8w;src=undefined;type=fallg0;cat=landingp;ord=9988159863276;auiddc=333263714.1702306412;gtm=45He3bt0v831986021;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F

Request Chain 49

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965588907/?random=2041371249&cv=11&fst=1702306412554&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=l1u1CMWrmvIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=bCJ3ZYPOKJDT_gT4wpHwCQ&sscte=1&crd=&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271lrDEOP4B1hvTzEDHOLfPIF4WF5mdQIwMA&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRWtTNlY4YllLZUNGeUR2Sk5vTjZLQlFpSDdsOFhjNUttdkt4TnpLRUUtNG5DRWxScjlpdW43VSITCIO0msjRh4MDFZCpnwodeGEEng HTTP 302
https://www.google.com/pagead/1p-conversion/965588907/?random=2041371249&cv=11&fst=1702306412554&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=l1u1CMWrmvIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRWtTNlY4YllLZUNGeUR2Sk5vTjZLQlFpSDdsOFhjNUttdkt4TnpLRUUtNG5DRWxScjlpdW43VSITCIO0msjRh4MDFZCpnwodeGEEng&is_vtc=1&ocp_id=bCJ3ZYPOKJDT_gT4wpHwCQ&cid=CAQSKQDICaaNUGz6lvuZPnOaChGcO8QWEha-WGG4Hjh3Y2cEE93L6QiT0Bi-&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271qNcizFimJGiuYbKD3h1GwuePj2bZjkndg&random=1546775136

Request Chain 51

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1305823926&cv=11&fst=1702306412652&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=WN6iCMOK6voYEOCb5rsp&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=bCJ3ZZypKZiioPMPtZSi-A0&sscte=1&crd=&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271mZ9GiFwKNajKOCzUOZivhnQgrXKZLnITg&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRW01TV81NFZjWXFrVjZfRG9rbVFvdk5QSmRXRXE3WTlkYkZCTUNsUDNtRHhvMlp1WkxCTlA0ayITCJyPm8jRh4MDFRgRaAgdNYoI3w HTTP 302
https://www.google.com/pagead/1p-conversion/undefined/?random=1305823926&cv=11&fst=1702306412652&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=WN6iCMOK6voYEOCb5rsp&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRW01TV81NFZjWXFrVjZfRG9rbVFvdk5QSmRXRXE3WTlkYkZCTUNsUDNtRHhvMlp1WkxCTlA0ayITCJyPm8jRh4MDFRgRaAgdNYoI3w&is_vtc=1&ocp_id=bCJ3ZZypKZiioPMPtZSi-A0&cid=CAQSKQDICaaNZ2JqyjJ7HKy10n92NDY9gH6uOVbQX_J-rgAbZ9xUocoxLdBc&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271rP7tyERwbtDoNaVHmfSBTYpOd66PsoSyg&random=3346558063

Request Chain 53

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1097031030&cv=11&fst=1702306412656&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=undefined&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=bCJ3Zda6KYG6oPMPnpGAqAM&sscte=1&crd=&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271lVA-3mgQ_4SL9Lx1gpqbeMHs-g4Kd4UJQ&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRWxoOHJmZkNKeDRDdUJiLV9USkFOSUtONkxNYkU1MkFNcHhFN0t3dV9WcGNuMTQtQ1UtZU12WSITCNagm8jRh4MDFQEdaAgdnggANQ HTTP 302
https://www.google.com/pagead/1p-conversion/undefined/?random=1097031030&cv=11&fst=1702306412656&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=undefined&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRWxoOHJmZkNKeDRDdUJiLV9USkFOSUtONkxNYkU1MkFNcHhFN0t3dV9WcGNuMTQtQ1UtZU12WSITCNagm8jRh4MDFQEdaAgdnggANQ&is_vtc=1&ocp_id=bCJ3Zda6KYG6oPMPnpGAqAM&cid=CAQSKQDICaaNgQwaIq4q8wu41l12GTDFMxhkdp5QjieDix7W2GnliKe4A-6W&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271oX1AEp6bEP04bROdcvWDoxK1yH0XGJgUg&random=499920876

Request Chain 105

https://insight.adsrvr.org/track/up?adv=hztlnt1&ref=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&upid=cp4n85h&upv=1.1.0&td1=The%20Fall%20Guy&td2=action HTTP 302
https://match.adsrvr.org/track/upb/?adv=hztlnt1&ref=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&upid=cp4n85h&upv=1.1.0&td1=The%20Fall%20Guy&td2=action

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MGM5ZjhmMmEtOTIxZC00NmY1LWJkNTQtYmZlYjIzYzI1Nzlm&gdpr=0&gdpr_consent=&ttd_tdid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f&google_gid=CAESELCPj1HJPs9KZFwge7rG470&google_cver=1

Request Chain 110

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D0c9f8f2a-921d-46f5-bd54-bfeb23c2579f HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=3309842143433809727&ttd_tdid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f

Request Chain 111

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

Request Chain 118

https://undefined.fls.doubleclick.net/activityi;src=undefined;type=fallg0;cat=3sdwell;ord=8264843594928;auiddc=333263714.1702306412;gtm=45He3bt0v831986021;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F HTTP 302
https://undefined.fls.doubleclick.net/activityi;dc_pre=COv408nRh4MDFbAdTwgdzlEC7g;src=undefined;type=fallg0;cat=3sdwell;ord=8264843594928;auiddc=333263714.1702306412;gtm=45He3bt0v831986021;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F

Request Chain 125

https://insight.adsrvr.org/track/pxl/?adv=hztlnt1&ct=0:niat6li&fmt=3&td1=The%20Fall%20Guy&td2=action HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f&gdpr=0&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1zRUYwR0hCRTJ1RmNVMHhKNzE4VXFfaHdNaWp1eE41QX5B&gdpr=0&ovsid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f&dpid=55953

Request Chain 127

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965588907/?random=1424962629&cv=11&fst=1702306415669&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=GJaSCMirmvIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=byJ3ZamvKpLh_gTdoZXwCw&sscte=1&crd=&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271tfIUwAHMi2nZ00QR_B9tAWXWtrRGh7dGQ&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRXFXS0ZKdGNUWUl4RU5XamZ6elRZUDJJdUV4Q0psTjZHRnZwcXlzUUZ2VW1UQWxBQ18yYVozQSITCOmi08nRh4MDFZKwnwod3VAFvg HTTP 302
https://www.google.com/pagead/1p-conversion/965588907/?random=1424962629&cv=11&fst=1702306415669&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=GJaSCMirmvIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRXFXS0ZKdGNUWUl4RU5XamZ6elRZUDJJdUV4Q0psTjZHRnZwcXlzUUZ2VW1UQWxBQ18yYVozQSITCOmi08nRh4MDFZKwnwod3VAFvg&is_vtc=1&ocp_id=byJ3ZamvKpLh_gTdoZXwCw&cid=CAQSKQDICaaNywY2nNVyFWhGDW9K7RRugyDZdRxuhjBiLktc6KTZ5nUjDPZe&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271kIu8UioMitGR9duvOag4z5EjM8MwskA6Q&random=4214147421

Request Chain 128

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965588907/?random=1952636210&cv=11&fst=1702306415681&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=vJpnCMurmvIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=byJ3ZeyMK5OtoPMP0MqK2A0&sscte=1&crd=&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271qr-A8AM8ZL4W-SQu3hhUiuy4sNOGQLnog&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRWhyUnpybERZQVB5cTNzamJYN2I4bTVMLU5JTXZFM2lxMGhxdG9BbExuWnhhVGQwU21BN01OQSITCKyA1MnRh4MDFZMWaAgdUKUC2w HTTP 302
https://www.google.com/pagead/1p-conversion/965588907/?random=1952636210&cv=11&fst=1702306415681&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=vJpnCMurmvIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRWhyUnpybERZQVB5cTNzamJYN2I4bTVMLU5JTXZFM2lxMGhxdG9BbExuWnhhVGQwU21BN01OQSITCKyA1MnRh4MDFZMWaAgdUKUC2w&is_vtc=1&ocp_id=byJ3ZeyMK5OtoPMP0MqK2A0&cid=CAQSKQDICaaNXP7-fdFQ9oNVSbndT5-9YbYQZRa-W7mglhpOy0aAvCwBw8P5&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271swfxTzk6sje8PNe7JdwLkvAzy1grUXxbA&random=390415571

Request Chain 129

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=248158497&cv=11&fst=1702306415690&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=undefined&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=byJ3ZYPIK8WV_gSl2IXIBw&sscte=1&crd=&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271pwIvco7gWxrIcB07PRpVSGKRR3UtvGg3Q&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRW55ZlFHUnhMTmZpTUdRUWJWdDZfQV8wVWF3YWswandNWkU5cFdfcWdGX3M2OTlkRnBMUTdkVSITCMO71MnRh4MDFcWKnwodJWwBeQ HTTP 302
https://www.google.com/pagead/1p-conversion/undefined/?random=248158497&cv=11&fst=1702306415690&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=undefined&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRW55ZlFHUnhMTmZpTUdRUWJWdDZfQV8wVWF3YWswandNWkU5cFdfcWdGX3M2OTlkRnBMUTdkVSITCMO71MnRh4MDFcWKnwodJWwBeQ&is_vtc=1&ocp_id=byJ3ZYPIK8WV_gSl2IXIBw&cid=CAQSKQDICaaNTcz18uxV8XMq5nWszVrP6QBu7-xdUCwKzaIjeTpjpDIzxa3B&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271ikJaG8Yc3Hu-Zyx5ywP4mXoRgdfjgVTpQ&random=632983413

Request Chain 130

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1986470185&cv=11&fst=1702306415685&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=jGviCL3L6PoYEOCb5rsp&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=byJ3ZZC2K4iv_gTdvbPYDg&sscte=1&crd=&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271qxlPEGGmWY12KzdBZNRUvSRKIDjXRB8wg&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRXROR1puUFpiTDBjb3NyLV8tcDZUUTJMZWxzZ1haS1c5LWpvdW5oejRxcmVwdjJIc2RBQlJXNCITCNCp1MnRh4MDFYiXnwod3d4M6w HTTP 302
https://www.google.com/pagead/1p-conversion/undefined/?random=1986470185&cv=11&fst=1702306415685&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=jGviCL3L6PoYEOCb5rsp&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRXROR1puUFpiTDBjb3NyLV8tcDZUUTJMZWxzZ1haS1c5LWpvdW5oejRxcmVwdjJIc2RBQlJXNCITCNCp1MnRh4MDFYiXnwod3d4M6w&is_vtc=1&ocp_id=byJ3ZZC2K4iv_gTdvbPYDg&cid=CAQSKQDICaaNdTGKZstcL2a6NtPHWjmmQsXRJpfrAWPbj-EMTrIZmkXUmsc7&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271m5ZaKxc3J4c7NJMeApRApjf7-pUUI29ew&random=1976115609

137 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
d1m96zdhhs5cb2.cloudfront.net/ 118 KB
32 KB 297ms
197ms Document
text/html 2600:9000:201e:c800:1:f6a7:6380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1m96zdhhs5cb2.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:c800:1:f6a7:6380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 774560d2fea89bff06b2a1771c325dc7869ee0527b8fc74daced341dc5b599c5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 11 Dec 2023 14:53:32 GMT
etag: W/"267a7aa9052aabacc21b6662f3d64c42"
last-modified: Fri, 08 Dec 2023 21:35:00 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront)
x-amz-cf-id: UEHbqGTHsazcuon4jPVaJiGiHpDsc3Ltv6vpvEWx8_8843JJ-_rLLw==
x-amz-cf-pop: IAD89-C3
x-amz-version-id: AL.ezolcXviVSo3ZwtAXCRxVHGQeZTpk
x-cache: RefreshHit from cloudfront

GET
H2 200 bolt.css
d1m96zdhhs5cb2.cloudfront.net/css/ 54 KB
10 KB 191ms
190ms Stylesheet
text/css 2600:9000:201e:c800:1:f6a7:6380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1m96zdhhs5cb2.cloudfront.net/css/bolt.css?v=1702070925202
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:c800:1:f6a7:6380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea21b05fa9bae816909b7b8accd0bf9ba37106ad1b0f46f329fa8fc571a71c01

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: ayGbtyN0plEWTXjNhQaAYKYpL1xV2ZJ3
content-encoding: gzip
via: 1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront)
date: Mon, 11 Dec 2023 14:53:33 GMT
last-modified: Fri, 08 Dec 2023 21:35:31 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
etag: W/"13548eed6de07e8769d8fe68803b2a0c"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: Lppl0amyvSbLxhvtXZcSeerEubq6NhYL_ATGzk1Ncd58XuGPJlIdQw==

GET
H2 200 gsb3nxg.css
use.typekit.net/ 2 KB
864 B 117ms
29ms Stylesheet
text/css 2600:141b:1c00:8::1728:b330
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/gsb3nxg.css

Requested by

Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:8::1728:b330 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

9c64bc8f0616d9397bd837d61f3eb6241def2a326c18842e0e546eff61c2d44c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 11 Dec 2023 14:53:32 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 641

GET
H2 200 bolt.js Show response
d1m96zdhhs5cb2.cloudfront.net/js/ 282 KB
91 KB 191ms
190ms Script
application/javascript 2600:9000:201e:c800:1:f6a7:6380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1m96zdhhs5cb2.cloudfront.net/js/bolt.js?v=1702070925202
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:c800:1:f6a7:6380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b0ab3271deff5456442de664514ebe5b75a958c40152e17daa88c957cd8e54b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: bf40qGEkceegUoe1K.JxHzBAXfSvkw0f
content-encoding: gzip
via: 1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront)
date: Mon, 11 Dec 2023 14:53:33 GMT
last-modified: Fri, 08 Dec 2023 21:35:28 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
etag: W/"ca60a743f540a2106c835d617b38b6e9"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: sSm1JCbz82plILfMk1-N2AG-fibOGIh9bMSMcH4KIUjL_Ng7btz2Hw==

GET
H2 200 tt-nav.png
dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/images/regions/ca_fr/ 306 KB
307 KB 133ms
44ms Image
image/png 2600:9000:24f0:ac00:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/images/regions/ca_fr/tt-nav.png
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:ac00:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2e85d10bb210cca4f475b860603d360e5ce46ed9ac9b5c5842baa1ae792efb6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 02:41:36 GMT
via: 1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified: Fri, 08 Dec 2023 21:32:32 GMT
server: AmazonS3
age: 216717
x-amz-cf-pop: JFK50-P3
etag: "932117b691c6439b943da87b5676a483"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 313213
x-amz-cf-id: iOvIQJ5rwnOIKOfGjWgtRRo7SwVrK43zzmDiZAeRLtJ4COkgMvFbWg==

GET
H2 200 tt.png
dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/images/regions/ca_fr/ 354 KB
355 KB 217ms
128ms Image
image/png 2600:9000:24f0:ac00:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/images/regions/ca_fr/tt.png
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:ac00:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31961399bce0058c5d312687c52af0c58414b9e95481bd0cb4aed25dfb1c70ad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 02:41:36 GMT
via: 1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified: Fri, 08 Dec 2023 21:32:28 GMT
server: AmazonS3
age: 216717
x-amz-cf-pop: JFK50-P3
etag: "54498c80cce306af4ae85fcafe41e680"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 362363
x-amz-cf-id: EQFIkxsPAaS5BWJ04HY4lxBnO_biUp4ofhCZFti6eWRnpJGlZhm8xg==

GET
H2 200 legal-logos.png
dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/images/ 21 KB
21 KB 28ms
27ms Image
image/png 2600:9000:24f0:ac00:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/images/legal-logos.png
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:ac00:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae48d0bc3099800d336134faa2d5f2a865820b171b929a4fb164bed5cf368051

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 21:43:26 GMT
via: 1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified: Fri, 03 Nov 2023 18:54:51 GMT
server: AmazonS3
age: 839407
x-amz-cf-pop: JFK50-P3
etag: "c4a6fabc099f02fcda40ca7fdcf89f5d"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 21187
x-amz-cf-id: Zd71Dd5fGRqzZwUBZdf25b_4qal4RSiYhW5OZ3KGZbTmA3PfN8qcNg==

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 109ms
28ms Stylesheet
text/css 2600:141b:1c00:8::1728:b323
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=gsb3nxg&ht=tk&f=139.175&a=10433865&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gsb3nxg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:8::1728:b323 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:32 GMT
last-modified: Fri, 14 Jul 2023 12:54:09 GMT
server: nginx
etag: "64b14571-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 460 KB
120 KB 96ms
39ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Requested by

Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a57fc8dcba6c1cfa15040588fc7f7d382d80cd771ac2fea483df0d691567ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122610
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Dec 2023 14:53:32 GMT

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 74 KB
74 KB 92ms
28ms Font
application/font-woff2 2600:141b:1c00:8::1728:b330
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gsb3nxg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:8::1728:b330 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 324474ff12691ad8154450cb63a421b3a43877085c7163f541a02819aeca99f8

Request headers

Referer: https://use.typekit.net/gsb3nxg.css
Origin: https://d1m96zdhhs5cb2.cloudfront.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:32 GMT
server: nginx
etag: "df3243d3c759de78b3798be9b3d13ba4e81d0d86"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 75868

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 77 KB
77 KB 122ms
59ms Font
application/font-woff2 2600:141b:1c00:8::1728:b330
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gsb3nxg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:8::1728:b330 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 707540d0813c2e6c9abb51dcc5f7671a10780d572b30da20197961f80e7fb346

Request headers

Referer: https://use.typekit.net/gsb3nxg.css
Origin: https://d1m96zdhhs5cb2.cloudfront.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:32 GMT
server: nginx
etag: "11c083ab1a15272638ae385d966dba01aa76cbb4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 78476

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 115ms
57ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9b06bd00738f4a68b4399de586c337caa1a3b68b1fe1617fd406292c901c078

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 11 Dec 2023 14:53:32 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/ 2 KB
2 KB 100ms
43ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1702306412477&cv=11&fst=1702306412477&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&auid=333263714.1702306412&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f794fc2f243e56950a3ff4993152725b60b6b8e51e79f2eaf8ccb0f7819c37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1263
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 135ms
32ms Script
application/javascript 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:32 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:08:41 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kiad7000073-IAD

GET
H2 200 geo Show response
stdata.powster.com/ 131 B
412 B 372ms
105ms Fetch
application/json 54.76.42.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stdata.powster.com/geo
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/js/bolt.js?v=1702070925202
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.42.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-42-188.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e07cabc75ececd695d43b22dcf568bcf5954c0356b19ec4e4d44dcf4d2924747

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:32 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 124ms
29ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:32 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 81ms
25ms Script
text/javascript 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 11 Dec 2023 13:32:59 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4833
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 11 Dec 2023 15:32:59 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/965588907/ 3 KB
2 KB 112ms
44ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/965588907/?random=1702306412554&cv=11&fst=1702306412554&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=l1u1CMWrmvIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&bttype=purchase&auid=333263714.1702306412&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

fad4738c9a3a6412f87fee62a82b7eb03eef0a824a8c3b5afabbb24437fe382b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1664
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 217ms
50ms Script
application/javascript 23.44.203.140
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=undefined
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.140 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-140.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 41c49ea8909ebb4e7d6eb1d9dfe253ec309baa696146cbb8a17ef8993284047d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-akamai-request-id: 57a29b
date: Mon, 11 Dec 2023 14:53:32 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23121114533263442584AECBB5146606-6730BC889D2AC00B-00
x-cache: TCP_MISS from a23-44-202-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=13
content-length: 1676
pragma: no-cache
server: nginx
x-tt-logid: 2023121114533263442584AECBB5146606
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,23.44.202.12
x-tt-trace-host: 012157ed0b957c30d5c3d973b0a86cb54a3a5f803699977926fe8b1314e17358974ef024528ee7b1a5d26a03ff75fa8ba8c20b97acaff4458c386d3a772e3964e734e66f749b54304f04611ea3aad492dff09897d61a94e809613f4f63ee00588d
expires: Mon, 11 Dec 2023 14:53:32 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 41 KB
18 KB 154ms
60ms Script
application/javascript 3.162.129.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.129.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-129-245.iad61.r.cloudfront.net
Software: CloudFront /
Resource Hash: 167ee4702e76b96cfe396221bef5630f2182e4148a3406c303992ab2f44c357a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:32 GMT
content-encoding: gzip
via: 1.1 d0e0fdfe87d75193de6278b5eca393f8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD61-P3
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17610
x-amz-cf-id: VMOGYzQmrL_b7iPBZYU_MqBa-2F3PfVz2A_J35OhHaAxvLKD3wJEyA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
90 KB 40ms
39ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VP9M4F29MZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f87839da7c8ddeef9f88828e63e827f3b10fe7473d07bc2bb3455af381059d8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92401
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 14:53:32 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/924229467/ 2 KB
2 KB 49ms
46ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/924229467/?random=1702306412588&cv=11&fst=1702306412588&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&auid=333263714.1702306412&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4285f1cadfbf46ce6397aa71e90e37f349901edc781ed8913b7fb5b1e1f13d0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1287
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CNy0oMjRh4MDFaUGTwgdrgIP8w;src=undefined;type=fallg0;cat=landingp;ord=9988159863276;auiddc=333263714.1702306412;gtm=45He3bt0v831986021;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;... Show response
undefined.fls.doubleclick.net/ Frame CE25
Redirect Chain

https://undefined.fls.doubleclick.net/activityi;src=undefined;type=fallg0;cat=landingp;ord=9988159863276;auiddc=333263714.1702306412;gtm=45He3bt0v831986021;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uam...
https://undefined.fls.doubleclick.net/activityi;dc_pre=CNy0oMjRh4MDFaUGTwgdrgIP8w;src=undefined;type=fallg0;cat=landingp;ord=9988159863276;auiddc=333263714.1702306412;gtm=45He3bt0v831986021;gcd=11l...

496 B
400 B

54ms
51ms

Document
text/html

142.251.40.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://undefined.fls.doubleclick.net/activityi;dc_pre=CNy0oMjRh4MDFaUGTwgdrgIP8w;src=undefined;type=fallg0;cat=landingp;ord=9988159863276;auiddc=333263714.1702306412;gtm=45He3bt0v831986021;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.134 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f6.1e100.net

Software

cafe /

Resource Hash

97b5688bbaee63d3c3614c4cacb27a564b834b3636fb9aec6aa208c5f1317ac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1m96zdhhs5cb2.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 292
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 14:53:32 GMT
expires: Mon, 11 Dec 2023 14:53:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 14:53:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://undefined.fls.doubleclick.net/activityi;dc_pre=CNy0oMjRh4MDFaUGTwgdrgIP8w;src=undefined;type=fallg0;cat=landingp;ord=9988159863276;auiddc=333263714.1702306412;gtm=45He3bt0v831986021;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 regions
showtimes-v2.s-prod.pow.io/v2.0/app/ Frame 0
0 365ms
236ms Preflight
application/json 99.86.229.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://showtimes-v2.s-prod.pow.io/v2.0/app/regions?slug=the-fall-guy&rules_groups%5B0%5D=appId%3A%3A29010%3A%3A%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.229.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-229-99.iad79.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://d1m96zdhhs5cb2.cloudfront.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,x-requested-lat,x-requested-lon,x-requested-countries,x-requested-approxpos,pow-cache-include
access-control-allow-methods: GET,OPTIONS,POST,PUT,DELETE,HEAD,PATCH
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Mon, 11 Dec 2023 14:53:33 GMT
via: 1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
x-amz-apigw-id: PyJRFHCbjoEEOHw=
x-amz-cf-id: mlnTKVG5FO_OBpuJJT1_YA_27TXJIa2eei7VhPQwwc3idwB80Sx5jw==
x-amz-cf-pop: IAD79-C3
x-amzn-requestid: da778ce0-8aef-4cfc-8e3d-96e577036ad5
x-cache: Miss from cloudfront

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/undefined/ 3 KB
2 KB 48ms
48ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/undefined/?random=1702306412652&cv=11&fst=1702306412652&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=WN6iCMOK6voYEOCb5rsp&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&bttype=purchase&auid=333263714.1702306412&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

af5dccfc0ddda363f7cd488037d8adc836619335e0236c95a17c89d2f0f10600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1656
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/undefined/ 3 KB
2 KB 43ms
43ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/undefined/?random=1702306412656&cv=11&fst=1702306412656&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=undefined&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&bttype=purchase&auid=333263714.1702306412&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

260046df51e3a075d75e04e28003d5704880c16f025502d0bb80449999dca3ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1631
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mparticle.js Show response
jssdkcdns.mparticle.com/js/v2/us1-f3dc234cd4dd4c44a911b1ec55aec231/ 172 KB
43 KB 129ms
28ms Script
application/javascript 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdkcdns.mparticle.com/js/v2/us1-f3dc234cd4dd4c44a911b1ec55aec231/mparticle.js?env=0
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 89abdc946588449ab0dd261994ae7f5a0e5b2135d3db5763926de498c1afdff3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000177-IAD, cache-ewr18172-EWR
date: Mon, 11 Dec 2023 14:53:32 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
server: Kestrel
age: 248
x-timer: S1702306413.773722,VS0,VE1
x-origin-name: fastlyshield--shield_ssl_cache_iad_kiad7000177_IAD
x-cache: HIT, HIT
content-type: application/javascript
vary: Accept, Accept-Encoding
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 43972
x-cache-hits: 4, 1

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 109ms
31ms Script
application/x-javascript 108.139.33.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.33.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-33-128.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 00:11:28 GMT
Content-Encoding: gzip
Via: 1.1 f458ab1245bb4f257969c1da8e708f88.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Nov 2023 03:37:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P2
Age: 52925
ETag: W/"b7474eac210849250426a8f6a39d00f3"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: Al_r_h-nPnhNykkqOgjNLU7gUwB4pvvpq1Ck8Dl6E3HEDNMdgLqpMg==

GET
H2 200 273.bolt.css
d1m96zdhhs5cb2.cloudfront.net/css/ 20 KB
4 KB 199ms
196ms Stylesheet
text/css 2600:9000:201e:c800:1:f6a7:6380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1m96zdhhs5cb2.cloudfront.net/css/273.bolt.css?v=718cd17aa00a06da16f8
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/js/bolt.js?v=1702070925202
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:c800:1:f6a7:6380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a6aae66e19f503bcdd0adff840de161b9bad92c2f41702fd3d9bdc970a14509

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: oQnaSErnDgkjpG3rNNVSIF20L5kLKuT5
content-encoding: gzip
via: 1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront)
date: Mon, 11 Dec 2023 14:53:33 GMT
last-modified: Fri, 08 Dec 2023 21:35:36 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
etag: W/"6237a6e2a7833a56eccb8bec0e41d5a9"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: CUsuYgzo31uaUAP2V0JAm1r6xwjAAS9kfrvUl8f3PqNS4dB_K_Q9bw==

GET
H2 200 boltHome.bolt.js Show response
d1m96zdhhs5cb2.cloudfront.net/js/ 32 KB
11 KB 115ms
114ms Script
application/javascript 2600:9000:201e:c800:1:f6a7:6380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1m96zdhhs5cb2.cloudfront.net/js/boltHome.bolt.js?v=718cd17aa00a06da16f8
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/js/bolt.js?v=1702070925202
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:c800:1:f6a7:6380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: faa8735b5b9178d1a14015583041c5347671db69388feb899a1a6eac6769aaa2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: FHdoY.Hd2Lmm.Pxc8Kf6lOt.tTD1z9NS
content-encoding: gzip
via: 1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront)
date: Mon, 11 Dec 2023 14:53:33 GMT
last-modified: Fri, 08 Dec 2023 21:35:18 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
etag: W/"245fa7b1803d9db8da5c2ec6bc1d10cd"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: gS7eUQCIVT6wc9x621izXN0glhpGmpLceSyT69vNn02K3mNlukMNEw==

GET
H2 200 regions Show response
showtimes-v2.s-prod.pow.io/v2.0/app/ 296 B
945 B 312ms
311ms Fetch
application/json 99.86.229.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://showtimes-v2.s-prod.pow.io/v2.0/app/regions?slug=the-fall-guy&rules_groups%5B0%5D=appId%3A%3A29010%3A%3A%2F
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/js/bolt.js?v=1702070925202
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.229.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-229-99.iad79.r.cloudfront.net
Software: / Express
Resource Hash: 0e5fede0d08bc85908ee6e65933b5e012ae045f354d8db75bbc66f0a068edb56

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: application/json

Response headers

date: Mon, 11 Dec 2023 14:53:33 GMT
via: 1.1 1299a022d10cdc620f209ba0440a48e8.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 296
x-amz-cf-pop: IAD79-C3
x-amzn-requestid: a14d3796-5d28-46d2-b49e-3c31ff389ae6
etag: W/"128-4FUIjgi/Lab6sQeOZRbO7IHhomM"
x-powered-by: Express
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6577226d-680e12950595049e6fc1d4ef;Sampled=0;lineage=86c3ccff:0
x-cache: Miss from cloudfront
x-amz-apigw-id: PyJRHE_zDoEEHiQ=
content-length: 296
x-amz-cf-id: 3S7RHy6JVxsmBi2NOQWVxjAjbH1nJhFKHaNpExN4WJp5r0ckyViTCw==
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control, x-requested-lat, x-requested-lon, x-requested-countries, x-app-region, x-requested-approxpos, x-api-key, pow-cache-include, x-pow-cache-include

GET
H2 200 geo Show response
stdata.powster.com/ 131 B
411 B 215ms
106ms Fetch
application/json 54.76.42.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stdata.powster.com/geo
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/js/bolt.js?v=1702070925202
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.42.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-42-188.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e07cabc75ececd695d43b22dcf568bcf5954c0356b19ec4e4d44dcf4d2924747

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:32 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
73 KB 45ms
44ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W6FD9FK0F1&l=dataLayer

Requested by

Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba284524fc142849a1a88b0e0a107792e805516ed1898d0b88f8f5b2f528fe07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74452
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 14:53:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
73 KB 50ms
48ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8TPKJ4V9TC&l=dataLayer

Requested by

Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d4654c828cc9abcc8cc440211b603ce29b339d723e807e745f8b3f88a881222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74454
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 14:53:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
77 KB 114ms
105ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3SMPLLC284&l=dataLayer

Requested by

Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f7f8fa97f62ceb0a4b75766e4821b24c075df6eebced5d79c8ad7f7a36d16226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79190
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 14:53:32 GMT

GET
H2 200 715.bolt.js Show response
d1m96zdhhs5cb2.cloudfront.net/js/ 14 KB
5 KB 204ms
195ms Script
application/javascript 2600:9000:201e:c800:1:f6a7:6380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1m96zdhhs5cb2.cloudfront.net/js/715.bolt.js?v=770b5d0f24aa9b829b49
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/js/bolt.js?v=1702070925202
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:c800:1:f6a7:6380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b186c12bbbb2b7e47d4cde903a82bec38cc0c20849e146a7d193c68f56debec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: 0EfOdCWFZho6GBMEPD7.MFrwAUpiESid
content-encoding: gzip
via: 1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront)
date: Mon, 11 Dec 2023 14:53:33 GMT
last-modified: Fri, 08 Dec 2023 21:35:29 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
etag: W/"b01f018d36f67fef945ed438473930b1"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: imZl-eQGFQ4mAFWHoZLD_dCXOnbAqIh1P9MhhKTd25LvAuPVbwKAwg==

GET
H2 200 350.bolt.css
d1m96zdhhs5cb2.cloudfront.net/css/ 3 KB
1 KB 192ms
184ms Stylesheet
text/css 2600:9000:201e:c800:1:f6a7:6380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1m96zdhhs5cb2.cloudfront.net/css/350.bolt.css?v=bd1f37cbd0d08388badd
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/js/bolt.js?v=1702070925202
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:c800:1:f6a7:6380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa98bd33f44cb9a1dbdcc379ddd0f2fc8446c94bc55e6df6f05198405da3de13

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: x8HALE.MZ7DZBQ5pxd2PQlVgCTCgGZc4
content-encoding: gzip
via: 1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront)
date: Mon, 11 Dec 2023 14:53:33 GMT
last-modified: Fri, 08 Dec 2023 21:35:34 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
etag: W/"db0b1f9d3ecdf8f9aa32ffe6c653739b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: PGnt8lii783JQz81y4sPl8pcHcXjXLM25rZICLzMCK8ATFC_PtF2zA==

GET
H2 200 trailerOverlay.bolt.js Show response
d1m96zdhhs5cb2.cloudfront.net/js/ 3 KB
2 KB 127ms
119ms Script
application/javascript 2600:9000:201e:c800:1:f6a7:6380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1m96zdhhs5cb2.cloudfront.net/js/trailerOverlay.bolt.js?v=bd1f37cbd0d08388badd
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/js/bolt.js?v=1702070925202
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:c800:1:f6a7:6380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 518dbf8bc7c8c3d0f4cfab50205de3e66610a386bceb417145f1e24674f4b26d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: jvNpR5.EdvsRzUhQGlzrkFCwFSZnaEJh
content-encoding: gzip
via: 1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront)
date: Mon, 11 Dec 2023 14:53:33 GMT
last-modified: Fri, 08 Dec 2023 21:35:05 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
etag: W/"e5e4165e9b78eaf3e3483b8ae8d55c3f"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: yaLEzD9Kfn4HoX_KoljVy0aOKY0GpfACyl8V8BuPob_h0F0bpLLngg==

GET
H2 200 792.bolt.css
d1m96zdhhs5cb2.cloudfront.net/css/ 3 KB
1 KB 207ms
203ms Stylesheet
text/css 2600:9000:201e:c800:1:f6a7:6380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1m96zdhhs5cb2.cloudfront.net/css/792.bolt.css?v=3ac3e6f646b645d01df2
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/js/bolt.js?v=1702070925202
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:c800:1:f6a7:6380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 383422bebd105d2a26b2ac1c62fc6a1ba30abb8834635d8c0330acf1f9b98d97

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: AEyg8PppQNejrmJY_bJLlwWRo37FNIwf
content-encoding: gzip
via: 1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront)
date: Mon, 11 Dec 2023 14:53:33 GMT
last-modified: Fri, 08 Dec 2023 21:35:32 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
etag: W/"494c8c04f71239d74048646b182bbff1"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: XguRxXwT0zCJLj3mqED6pDDDYUjJf6Hm1xj36Hm6K2XhZKFXag2WCA==

GET
H2 200 calendarRemind.bolt.js Show response
d1m96zdhhs5cb2.cloudfront.net/js/ 6 KB
3 KB 223ms
220ms Script
application/javascript 2600:9000:201e:c800:1:f6a7:6380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1m96zdhhs5cb2.cloudfront.net/js/calendarRemind.bolt.js?v=3ac3e6f646b645d01df2
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/js/bolt.js?v=1702070925202
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:c800:1:f6a7:6380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9eccf7cb41988b6cd72ab9765f3b8622311c91b17afba4408189bdde18d36248

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: agIkq6GgBVLTwZCvI75TJIv9uaGDFkBC
content-encoding: gzip
via: 1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront)
date: Mon, 11 Dec 2023 14:53:33 GMT
last-modified: Fri, 08 Dec 2023 21:35:13 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
etag: W/"6fe8ac00426fdc0872ecf5c347dfd3fe"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: zb0ahBegBEJYjJT-g1YcS5WWOtFYxVvsSoW0q2WMlrYX7lbLWrM-LA==

GET
H2 200 tt-nav.png
dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/images/regions/ca_fr/ 306 KB
307 KB 31ms
28ms Image
image/png 2600:9000:24f0:ac00:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/images/regions/ca_fr/tt-nav.png
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:ac00:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2e85d10bb210cca4f475b860603d360e5ce46ed9ac9b5c5842baa1ae792efb6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 02:41:36 GMT
via: 1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified: Fri, 08 Dec 2023 21:32:32 GMT
server: AmazonS3
age: 216717
x-amz-cf-pop: JFK50-P3
etag: "932117b691c6439b943da87b5676a483"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 313213
x-amz-cf-id: VZ1AbIzfux0dItaG0PnPdbe3T1gy9vY-5TYeROJnQO528k6AHLK2NQ==

GET
H2 200 legal-logos.png
dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/images/ 21 KB
21 KB 30ms
27ms Image
image/png 2600:9000:24f0:ac00:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/images/legal-logos.png
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:ac00:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae48d0bc3099800d336134faa2d5f2a865820b171b929a4fb164bed5cf368051

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 21:43:26 GMT
via: 1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified: Fri, 03 Nov 2023 18:54:51 GMT
server: AmazonS3
age: 839407
x-amz-cf-pop: JFK50-P3
etag: "c4a6fabc099f02fcda40ca7fdcf89f5d"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 21187
x-amz-cf-id: cAhtt0iRh0akgHmRKpRCHi-HUS8HL88V4VXD2Jg1mH_RbJPVp-8ssg==

GET
H2 200 bg.jpg
dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/images/ 1 MB
1 MB 35ms
32ms Image
image/jpeg 2600:9000:24f0:ac00:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/images/bg.jpg
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:ac00:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00414806bb080803ff9482a52850ff3297920b926ac05424ce97f8603bc24dce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:24:44 GMT
via: 1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified: Fri, 03 Nov 2023 18:54:12 GMT
server: AmazonS3
age: 984529
x-amz-cf-pop: JFK50-P3
etag: "e8e4f423053463fa477bab90cda660c2"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1323490
x-amz-cf-id: nqb6W4gUwD_Rh81yO2deuuwUzoIciDK6qY3_Yj63LEUjByooYQ5d5Q==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
73 KB 81ms
79ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W6FD9FK0F1&l=dataLayer&cx=c

Requested by

Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/js/bolt.js?v=1702070925202

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

39d0b6833ec6752f1a049ab5c8629db6763e3f64f1ef7763ff2f6c5c1f476aa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74514
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 14:53:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
73 KB 69ms
68ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8TPKJ4V9TC&l=dataLayer&cx=c

Requested by

Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/js/bolt.js?v=1702070925202

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca4b56fb8f66ed6aa472283d5b3579dbf4c9ccf58b2d66c86e31ad1ad63ac3f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74517
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 14:53:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
77 KB 91ms
90ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3SMPLLC284&l=dataLayer&cx=c

Requested by

Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/js/bolt.js?v=1702070925202

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2163b3b23b5d79dc556ec7e49ca883421d82234764d7a689863124248c65e623

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79163
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 14:53:32 GMT

GET
H2 403 bg.webm
dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/video/ 0
0 336ms
332ms Media
application/xml 2600:9000:24f0:ac00:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/video/bg.webm
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:ac00:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d1m96zdhhs5cb2.cloudfront.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range: bytes=0-

Response headers

GET
H2 200 /
www.google.com/pagead/1p-user-list/undefined/ 42 B
455 B 109ms
44ms Image
image/gif 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/undefined/?random=1702306412477&cv=11&fst=1702303200000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&fmt=3&is_vtc=1&cid=CAQSGwDICaaNbm6n-aHIp2CrAcu0NuJDAF-0ffDQbQ&random=4083880810&rmt_tld=0&ipr=y

Requested by

Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/dee96cfa/www-widgetapi.vflset/ 216 KB
67 KB 26ms
24ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/js/bolt.js?v=1702070925202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc2f89a221891fdcdf1224b55af497ef691f10afb666751af411e3260a8b7244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 13:18:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68322
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Dec 2024 13:18:31 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 77ms
24ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1702306412794&id=undefined&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=d85baa84-1637-4207-8e7e-7f696ae2364b&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:32 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2

200

/
www.google.com/pagead/1p-conversion/965588907/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965588907/?random=2041371249&cv=11&fst=1702306412554&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&...
https://www.google.com/pagead/1p-conversion/965588907/?random=2041371249&cv=11&fst=1702306412554&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A...

42 B
108 B

58ms
57ms

Image
image/gif

2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/965588907/?random=2041371249&cv=11&fst=1702306412554&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=l1u1CMWrmvIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRWtTNlY4YllLZUNGeUR2Sk5vTjZLQlFpSDdsOFhjNUttdkt4TnpLRUUtNG5DRWxScjlpdW43VSITCIO0msjRh4MDFZCpnwodeGEEng&is_vtc=1&ocp_id=bCJ3ZYPOKJDT_gT4wpHwCQ&cid=CAQSKQDICaaNUGz6lvuZPnOaChGcO8QWEha-WGG4Hjh3Y2cEE93L6QiT0Bi-&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271qNcizFimJGiuYbKD3h1GwuePj2bZjkndg&random=1546775136

Requested by

Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/

Protocol

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:32 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/965588907/?random=2041371249&cv=11&fst=1702306412554&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=l1u1CMWrmvIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRWtTNlY4YllLZUNGeUR2Sk5vTjZLQlFpSDdsOFhjNUttdkt4TnpLRUUtNG5DRWxScjlpdW43VSITCIO0msjRh4MDFZCpnwodeGEEng&is_vtc=1&ocp_id=bCJ3ZYPOKJDT_gT4wpHwCQ&cid=CAQSKQDICaaNUGz6lvuZPnOaChGcO8QWEha-WGG4Hjh3Y2cEE93L6QiT0Bi-&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271qNcizFimJGiuYbKD3h1GwuePj2bZjkndg&random=1546775136
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/924229467/ 42 B
108 B 87ms
45ms Image
image/gif 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/924229467/?random=1702306412588&cv=11&fst=1702303200000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&fmt=3&is_vtc=1&cid=CAQSKQDICaaNulvhmn3Ov4W6-2jk-ZQ67vElqWsJtCfWww2SF_WJ76OLIGyc&random=149065247&rmt_tld=0&ipr=y

Requested by

Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.com/pagead/1p-conversion/undefined/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1305823926&cv=11&fst=1702306412652&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&...
https://www.google.com/pagead/1p-conversion/undefined/?random=1305823926&cv=11&fst=1702306412652&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A...

42 B
108 B

46ms
46ms

Image
image/gif

2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/undefined/?random=1305823926&cv=11&fst=1702306412652&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=WN6iCMOK6voYEOCb5rsp&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRW01TV81NFZjWXFrVjZfRG9rbVFvdk5QSmRXRXE3WTlkYkZCTUNsUDNtRHhvMlp1WkxCTlA0ayITCJyPm8jRh4MDFRgRaAgdNYoI3w&is_vtc=1&ocp_id=bCJ3ZZypKZiioPMPtZSi-A0&cid=CAQSKQDICaaNZ2JqyjJ7HKy10n92NDY9gH6uOVbQX_J-rgAbZ9xUocoxLdBc&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271rP7tyERwbtDoNaVHmfSBTYpOd66PsoSyg&random=3346558063

Requested by

Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/

Protocol

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:32 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/undefined/?random=1305823926&cv=11&fst=1702306412652&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=WN6iCMOK6voYEOCb5rsp&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRW01TV81NFZjWXFrVjZfRG9rbVFvdk5QSmRXRXE3WTlkYkZCTUNsUDNtRHhvMlp1WkxCTlA0ayITCJyPm8jRh4MDFRgRaAgdNYoI3w&is_vtc=1&ocp_id=bCJ3ZZypKZiioPMPtZSi-A0&cid=CAQSKQDICaaNZ2JqyjJ7HKy10n92NDY9gH6uOVbQX_J-rgAbZ9xUocoxLdBc&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271rP7tyERwbtDoNaVHmfSBTYpOd66PsoSyg&random=3346558063
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
219 B 38ms
35ms XHR
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=288377124&t=pageview&_s=1&dl=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&ul=en-us&de=UTF-8&dt=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAEK~&jid=1592952819&gjid=950335214&cid=956491188.1702306413&tid=UA-111182121-82&_gid=976521118.1702306413&_r=1&_slc=1&gtm=45He3bt0n81MC55JLCv831986021&cd1=the%20fall%20guy%20movie%20-%20showtimes%20site&cd2=ca_fr&cd3=powster&cd4=home&cd5=showtimes&cd6=The%20Fall%20Guy&cd7=action&cd8=n%2Fa&cd10=action&cd11=2024-03-01&cd12=tt1684562&gcd=11l1l1l1l1&dma=0&cd13=956491188.1702306413&z=825250505

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://d1m96zdhhs5cb2.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d1m96zdhhs5cb2.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.com/pagead/1p-conversion/undefined/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1097031030&cv=11&fst=1702306412656&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&...
https://www.google.com/pagead/1p-conversion/undefined/?random=1097031030&cv=11&fst=1702306412656&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A...

42 B
108 B

46ms
46ms

Image
image/gif

2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/undefined/?random=1097031030&cv=11&fst=1702306412656&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=undefined&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRWxoOHJmZkNKeDRDdUJiLV9USkFOSUtONkxNYkU1MkFNcHhFN0t3dV9WcGNuMTQtQ1UtZU12WSITCNagm8jRh4MDFQEdaAgdnggANQ&is_vtc=1&ocp_id=bCJ3Zda6KYG6oPMPnpGAqAM&cid=CAQSKQDICaaNgQwaIq4q8wu41l12GTDFMxhkdp5QjieDix7W2GnliKe4A-6W&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271oX1AEp6bEP04bROdcvWDoxK1yH0XGJgUg&random=499920876

Requested by

Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/

Protocol

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:32 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/undefined/?random=1097031030&cv=11&fst=1702306412656&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=undefined&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRWxoOHJmZkNKeDRDdUJiLV9USkFOSUtONkxNYkU1MkFNcHhFN0t3dV9WcGNuMTQtQ1UtZU12WSITCNagm8jRh4MDFQEdaAgdnggANQ&is_vtc=1&ocp_id=bCJ3Zda6KYG6oPMPnpGAqAM&cid=CAQSKQDICaaNgQwaIq4q8wu41l12GTDFMxhkdp5QjieDix7W2GnliKe4A-6W&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271oX1AEp6bEP04bROdcvWDoxK1yH0XGJgUg&random=499920876
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CNy0oMjRh4MDFaUGTwgdrgIP8w;src=undefined;type=fallg0;cat=landingp;ord=9988159863276;auiddc=*;gtm=45He3bt0v831986021;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2...
adservice.google.com/ddm/fls/z/ Frame CE25 42 B
401 B 114ms
54ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNy0oMjRh4MDFaUGTwgdrgIP8w;src=undefined;type=fallg0;cat=landingp;ord=9988159863276;auiddc=*;gtm=45He3bt0v831986021;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F

Requested by

Host: undefined.fls.doubleclick.net
URL: https://undefined.fls.doubleclick.net/activityi;dc_pre=CNy0oMjRh4MDFaUGTwgdrgIP8w;src=undefined;type=fallg0;cat=landingp;ord=9988159863276;auiddc=333263714.1702306412;gtm=45He3bt0v831986021;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://undefined.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
149 B 110ms
37ms XHR
text/plain 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-111182121-82&cid=956491188.1702306413&jid=1592952819&gjid=950335214&_gid=976521118.1702306413&_u=YEBAAEAAAAAAACAEK~&z=130949315

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://d1m96zdhhs5cb2.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 11 Dec 2023 14:53:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d1m96zdhhs5cb2.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
264 B 113ms
40ms Ping
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-VP9M4F29MZ&gtm=45je3bt0v888314821z8831986021&_p=1702306412257&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=956491188.1702306413&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Ag&_s=1&sid=1702306413&sct=1&seg=0&dl=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&dt=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&en=page_view&_fv=1&_ss=1&ep.movie_name=The%20Fall%20Guy&ep.market=ca_fr&ep.genre_1=action&ep.imdb_id=tt1684562&ep.content_genome_id=n%2Fa&ep.essence_genre=action&ep.template=powster&ep.page_type=showtimes&ep.page_name=home&ep.movie_release_date=2024-03-01&ep.site_name=the%20fall%20guy%20movie%20-%20showtimes%20site&tfd=1368
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VP9M4F29MZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d1m96zdhhs5cb2.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
264 B 73ms
36ms Ping
text/plain 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VP9M4F29MZ&cid=956491188.1702306413&gtm=45je3bt0v888314821z8831986021&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VP9M4F29MZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d1m96zdhhs5cb2.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 38ms
37ms Ping
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-VP9M4F29MZ&gtm=45je3bt0v888314821&_p=1702306412257&gcd=11l1l1l1l1&dma=0&cid=956491188.1702306413&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=2&sid=1702306413&sct=1&seg=1&dl=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&dt=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&en=page_view&ep.movie_name=The%20Fall%20Guy&ep.market=ca_fr&ep.genre_1=action&ep.imdb_id=tt1684562&ep.content_genome_id=n%2Fa&ep.essence_genre=action&ep.template=powster&ep.page_type=showtimes&ep.page_name=home&ep.movie_release_date=2024-03-01&ep.site_name=the%20fall%20guy%20movie%20-%20showtimes%20site&_et=3&tfd=1597
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VP9M4F29MZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d1m96zdhhs5cb2.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 38ms
37ms Ping
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W6FD9FK0F1&gtm=45je3bt0v881931567&_p=1702306412257&gcd=11l1l1l1l1&dma=0&cid=956491188.1702306413&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=boltHome&dp=boltHome&sid=1702306413&sct=1&seg=0&dl=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&en=page_view&_fv=1&_ss=1&_ee=1&ep.anonymize_ip=true&ep.event_stream=Le%20Casca%20Deur%20-%20CA_FR&ep.event_region=ca_fr&ep.event_studio=Universal%20Pictures&ep.region=ca_fr&ep.debug_mode=false&tfd=1615
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W6FD9FK0F1&l=dataLayer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d1m96zdhhs5cb2.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 38ms
38ms Ping
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8TPKJ4V9TC&gtm=45je3bt0v881923396&_p=1702306412257&gcd=11l1l1l1l1&dma=0&cid=956491188.1702306413&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=boltHome&dp=boltHome&sid=1702306413&sct=1&seg=0&dl=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&en=page_view&_fv=1&_ss=1&_ee=1&ep.anonymize_ip=true&ep.event_stream=Le%20Casca%20Deur%20-%20CA_FR&ep.event_region=ca_fr&ep.event_studio=Universal%20Pictures&ep.region=ca_fr&ep.debug_mode=false&tfd=1634
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8TPKJ4V9TC&l=dataLayer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d1m96zdhhs5cb2.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTdjYzNiZDU2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 397 KB
106 KB 33ms
32ms Script
application/javascript 23.44.203.140
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/js/bolt.js?v=1702070925202
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.140 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-140.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-akamai-request-id: 57a7ef
date: Mon, 11 Dec 2023 14:53:33 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202311090731585020F55302FAB5AF0204
vary: Accept-Encoding
x-cache: TCP_HIT from a23-44-202-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01d39b215b1da0983c38a0e75e6d7d67f953d23996a27b2cc3bc35baf2508deec1257b29f99b459c97682251677f27070e596648c895d75f3f54627aa5d69f9117555a0ea845bced3fd6a078618738cae68b2d1ce28f5bdaba9c405c09448f710b
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 108295

GET
H2 200 942.bolt.css
d1m96zdhhs5cb2.cloudfront.net/css/ 10 KB
3 KB 196ms
195ms Stylesheet
text/css 2600:9000:201e:c800:1:f6a7:6380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1m96zdhhs5cb2.cloudfront.net/css/942.bolt.css?v=ce03fba024f4395cad55
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/js/bolt.js?v=1702070925202
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:c800:1:f6a7:6380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5b5b881ef759e5375dddaa3c4c425fb0abbde71903ea26a52c243c970d568c0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: Kf1nr0ROh..kOCruGO1kuvY6SS4wjrTX
content-encoding: gzip
via: 1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront)
date: Mon, 11 Dec 2023 14:53:34 GMT
last-modified: Fri, 08 Dec 2023 21:35:31 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
etag: W/"1339bb2024f07b3a37559628217e6968"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: ACnN4aMEquHm-_k60neWeV0pwqAmrgQ_eDtrP4SNVk7pz6CveQSqzQ==

GET
H2 200 boltSynopsis.bolt.js Show response
d1m96zdhhs5cb2.cloudfront.net/js/ 20 KB
7 KB 212ms
211ms Script
application/javascript 2600:9000:201e:c800:1:f6a7:6380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1m96zdhhs5cb2.cloudfront.net/js/boltSynopsis.bolt.js?v=ce03fba024f4395cad55
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/js/bolt.js?v=1702070925202
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:c800:1:f6a7:6380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f001a7fff2cb9534c6a7f695caac5bb5f8afb221e0b7e4508ffbe37c2680b32e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: VDMy3fPTbYdmjTUQHINe83mG5rWhRNWs
content-encoding: gzip
via: 1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront)
date: Mon, 11 Dec 2023 14:53:34 GMT
last-modified: Fri, 08 Dec 2023 21:35:17 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
etag: W/"14efaaf6ce3a2af391ab1284844cd9b3"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: OqqKDgUeto5WJFwefmNXrPI00cEhexSTZYXZXuz0aq9pdxgPbIpmPA==

GET
H2 200 tt.png
dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/images/regions/ca_fr/ 354 KB
355 KB 28ms
28ms Image
image/png 2600:9000:24f0:ac00:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/images/regions/ca_fr/tt.png
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:ac00:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31961399bce0058c5d312687c52af0c58414b9e95481bd0cb4aed25dfb1c70ad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 02:41:36 GMT
via: 1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified: Fri, 08 Dec 2023 21:32:28 GMT
server: AmazonS3
age: 216718
x-amz-cf-pop: JFK50-P3
etag: "54498c80cce306af4ae85fcafe41e680"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 362363
x-amz-cf-id: IoVbilj3Yp_8GRT-NszO4flOUItaO1Q4CPcdtfiqmrWO1zDFGYSmFQ==

OPTIONS
H2 204 identify
identity.mparticle.com/v1/ Frame 0
0 111ms
35ms Preflight 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-mp-key
Access-Control-Request-Method: POST
Origin: https://d1m96zdhhs5cb2.cloudfront.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,x-mp-key
access-control-allow-methods: POST
access-control-allow-origin: *
age: 2032
date: Mon, 11 Dec 2023 14:53:33 GMT
server: Kestrel
strict-transport-security: max-age=900
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1245
x-fastly-trace-id: 462915597
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-ewr18123-EWR
x-timer: S1702306413.477069,VS0,VE0

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 177 B
320 B 54ms
54ms XHR
application/json 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-f3dc234cd4dd4c44a911b1ec55aec231/mparticle.js?env=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b02bab568c9adba159b475a7393bec386587e7edaf08dff6c96b795010814b3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: us1-f3dc234cd4dd4c44a911b1ec55aec231
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 11 Dec 2023 14:53:33 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=900
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache: MISS
x-served-by: cache-ewr18123-EWR
server: Kestrel
x-timer: S1702306414.513195,VS0,VE26
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-mp-rate-limit-percentage-used: 8.4
x-fastly-trace-id: 462915833
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 44ms
43ms Image
image/gif 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111182121-82&cid=956491188.1702306413&jid=1592952819&_u=YEBAAEAAAAAAACAEK~&z=1223005935

Requested by

Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 38ms
37ms Ping
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-3SMPLLC284&gtm=45je3bt0v9170029779&_p=1702306412257&gcd=11l1l1l1l1&dma=0&cid=956491188.1702306413&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=boltHome&dp=boltHome&sid=1702306413&sct=1&seg=0&dl=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&en=page_view&_fv=1&_ss=1&_ee=1&ep.anonymize_ip=true&ep.event_stream=Le%20Casca%20Deur%20-%20CA_FR&ep.event_region=ca_fr&ep.event_studio=Universal%20Pictures&ep.region=ca_fr&ep.debug_mode=false&tfd=1752
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3SMPLLC284&l=dataLayer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d1m96zdhhs5cb2.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 xr5daqhgAGA Show response
www.youtube.com/embed/ Frame A7D0 94 KB
40 KB 114ms
113ms Document
text/html 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

090ccadf685494278d3ded142f2eaed39816cb8c8bd0757d52325b0afabb4df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1m96zdhhs5cb2.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 14:53:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 403 bg.mp4
dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/video/ 0
0 334ms
331ms Media
application/xml 2600:9000:24f0:ac00:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/video/bg.mp4
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:ac00:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d1m96zdhhs5cb2.cloudfront.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range: bytes=0-

Response headers

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 42ms
41ms Script
application/javascript 23.44.203.140
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.140 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-140.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-akamai-request-id: 57a94a
date: Mon, 11 Dec 2023 14:53:33 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073148226F199B4BB8DBE91E1A
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-44-202-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0152271cfd3534b125d6c82cad76e01862dbea486dd01d374db8359fb24b8234f8ffec683ce2da1e97aaa526cf3311b0ba2299c3a8276499d823ba32900702535e7adbee2fcf1bc30d8e61629b2660eddb954abec5c20f290cab97eecd9e238f29
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 35972

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
838 B 91ms
91ms Ping
text/plain 23.44.203.140
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.140 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-140.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d1m96zdhhs5cb2.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: b48c2cd6.57a993
date: Mon, 11 Dec 2023 14:53:33 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312111453335F320DCE82EC38274D5A-45D3CDC56431F8A8-00
x-cache: TCP_MISS from a23-44-202-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 54,23.44.202.12
server-timing: cdn-cache; desc=MISS, edge; dur=14, origin; dur=46, inner; dur=39
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202312111453335F320DCE82EC38274D5A
x-cache-remote: TCP_MISS from a23-48-100-43.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 46,23.48.100.43
x-tt-trace-host: 012157ed0b957c30d5c3d973b0a86cb54ac3cd0d7a3c546d2403f46c2c9b1d4717a041c50176987d442d0603b9265a4d8c09cf6fe9afb5fcd63bf4c4e7d938eb431ed481b1b08125c2eeee3723fd8264b56f506217b75bf924a4103a23a42f380e81f46af4a78e45c5058d4544e3228123
access-control-allow-headers: Authorization,*
expires: Mon, 11 Dec 2023 14:53:33 GMT

GET
H2 200 onesheet.jpg
dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/images/regions/ca_fr/ 476 KB
477 KB 36ms
36ms Image
image/jpeg 2600:9000:24f0:ac00:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/images/regions/ca_fr/onesheet.jpg
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:ac00:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f3a0e1c38ba713b7f01fcd3926393f3d5f069899d9581e38faa89c56861515d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 02:41:38 GMT
via: 1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified: Fri, 08 Dec 2023 21:32:35 GMT
server: AmazonS3
age: 216716
x-amz-cf-pop: JFK50-P3
etag: "67e92fa26d1273787e97bbba3fe31537"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 487689
x-amz-cf-id: EHakIu-_OQUFEP3TdbwNzhKlcX47Pz47iokn_FeLfyjNCjjYnoF57w==

GET
H3 200 www-player.css
www.youtube.com/s/player/dee96cfa/ Frame A7D0 365 KB
47 KB 32ms
31ms Stylesheet
text/css 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8cf595211c3780ca984d79461caff6908401386ebb9894598ecadc396e22e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:44:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151723
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48216
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 08 Dec 2024 20:44:50 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A7D0 15 KB
16 KB 89ms
25ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:07:19 GMT
x-content-type-options: nosniff
age: 330374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 19:07:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A7D0 15 KB
15 KB 94ms
30ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:46:11 GMT
x-content-type-options: nosniff
age: 151642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 20:46:11 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/ Frame A7D0 54 KB
17 KB 39ms
38ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

611d7644cd2a2c305f04d2cd594aeb6e4ae81d2776ef4955f923e913f99bc615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44509
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16903
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Dec 2024 02:31:44 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/ Frame A7D0 322 KB
96 KB 43ms
42ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b479a8548e5751006d04e185368e48db0d7ceac3ba359d25db43fd6c24089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:01:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46313
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98658
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Dec 2024 02:01:40 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/ Frame A7D0 2 MB
767 KB 47ms
46ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ff5693fee0b60651698141bd74761199a493fb834c1ceba6ceeb21d510de528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 03:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41644
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 785445
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Dec 2024 03:19:29 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
700 B 122ms
120ms Ping
text/plain 23.44.203.140
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.140 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-140.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d1m96zdhhs5cb2.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 57aba8
date: Mon, 11 Dec 2023 14:53:33 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23121114533363442584AECBB514666E-586F77943CE9CC2A-00
x-cache: TCP_MISS from a23-44-202-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=30, cdn-cache; desc=MISS, edge; dur=17, origin; dur=41
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023121114533363442584AECBB514666E
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 41,23.44.202.12
x-tt-trace-host: 012157ed0b957c30d5c3d973b0a86cb54a3a5f803699977926fe8b1314e17358974ef024528ee7b1a5d26a03ff75fa8ba87f6a5ea89ac50cbd3787b84f744619894c3bcd374d2b62ba077b5c330dc1557ea81a7c07f03db4e0b39bb48c71855248
access-control-allow-headers: Authorization,*
expires: Mon, 11 Dec 2023 14:53:33 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame A7D0 113 B
159 B 42ms
41ms XHR
application/json 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0296951038a4aa370bcc0d6f353d9a8e77e9a5af88e2684f0a80e0cc015c11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame A7D0 29 B
495 B 81ms
24ms Script
text/javascript 2607:f8b0:4006:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:49:20 GMT
x-content-type-options: nosniff
age: 253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Dec 2023 15:04:20 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 101ms
32ms Preflight
text/html 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 11 Dec 2023 14:53:34 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A7D0 86 KB
40 KB 40ms
38ms XHR
application/json+protobuf 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4a59675e2d0e975b79ba833ce4cb5b23d606acabcd29a6f282f148e7ff97d75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 11 Dec 2023 14:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40420
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/ Frame A7D0 116 KB
33 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24fa2128f8460380865cf76881c0f6569aa2d9af6eea4aff5f6f01ad37702d34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:44:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151720
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33462
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 08 Dec 2024 20:44:53 GMT

GET
H3 200 UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js Show response
www.google.com/js/th/ Frame A7D0 50 KB
19 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:06:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19757
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 12:06:08 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/xr5daqhgAGA/ Frame A7D0 98 KB
99 KB 221ms
161ms Image
image/webp 2607:f8b0:4006:81f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/xr5daqhgAGA/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1428ca7142007d6a1f788ecc24bcf2317be826cd1c726328901a24b4c43d4515

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:34 GMT
x-content-type-options: nosniff
server: sffe
etag: "1700669992"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100662
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 11 Dec 2023 16:53:34 GMT

GET
DATA 200
OK truncated
/ Frame A7D0 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dLM7v-jwjoUMv937eVUBsJqxdLvdCHy_XzywZKANzr8kmP4f-5ywKetmNqTlv72W4sbdLFOUpQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame A7D0 3 KB
3 KB 87ms
24ms Image
image/jpeg 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/dLM7v-jwjoUMv937eVUBsJqxdLvdCHy_XzywZKANzr8kmP4f-5ywKetmNqTlv72W4sbdLFOUpQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7971ef2621082b26c26285633a1381f07f8fb53e00d3e2ed0f9f94da3d89ab5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:20:22 GMT
x-content-type-options: nosniff
age: 1992
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 12 Dec 2023 14:20:22 GMT

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame A7D0 75 KB
30 KB 139ms
135ms XHR
application/json 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

735ac6df8685305b9ad726e3c288b6729b38db93856cbe9affca5b32837594f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20231205.01.00
X-Goog-Visitor-Id: CgtwWmFnSW1WVXBCbyjtxNyrBjIICgJVUxICGgA%3D

Response headers

date: Mon, 11 Dec 2023 14:53:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30854
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame A7D0 4 KB
2 KB 96ms
37ms Script
text/javascript 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 14:53:34 GMT

GET
DATA 200
OK truncated
/ Frame A7D0 364 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5efa4755198974d4624c5cdc7bf45d009be8acfd1d7b2b6c534489682c9fe4d7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 43ms
41ms Preflight
text/html 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 11 Dec 2023 14:53:34 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A7D0 90 B
134 B 35ms
35ms XHR
application/json+protobuf 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a35dbdd42b1284f8569b2317953bca8f427adae30ced1a98543fa0e84e8242e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 11 Dec 2023 14:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame A7D0 0
10 B 27ms
25ms Image
text/plain 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?YWkl5A
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame A7D0 0
19 B 46ms
46ms XHR
text/html 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=244&cpn=5bf49Iee25JajXB7&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C153850%2C23113%2C53633%2C84737%2C25688%2C9541%2C1089%2C5877%2C394%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C5877%2C2251%2C859%2C1094%2C2316%2C5810%2C1387%2C4683%2C2228%2C7726%2C2008%2C3943%2C609%2C6947%2C1316&cl=588227172&seq=1&docid=xr5daqhgAGA&ei=biJ3ZcOtCKWG_9EP162DoAE&event=streamingstats&plid=AAYMPRkdsrJRPaE_&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fxr5daqhgAGA%3Frel%3D0%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fd1m96zdhhs5cb2.cloudfront.net%26widgetid%3D1&qclc=ChA1YmY0OUllZTI1SmFqWEI3EAE&embargoed=0&cbr=Chrome&cbrver=120.0.6099.71&c=WEB_EMBEDDED_PLAYER&cver=1.20231205.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.027:B,0.306:B,0.306:B&cat=streaming&cmt=0.027:0.000,0.306:0.000&vfs=0.306:244:244::r&view=0.306:1024:576&bwe=0.306:130000&bat=0.306:1:1&vis=0.306:0&bh=0.306:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: -600
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1
X-YouTube-Client-Version: 1.20231205.01.00
X-YouTube-Time-Zone: Pacific/Honolulu
X-Goog-Visitor-Id: CgtwWmFnSW1WVXBCbyjtxNyrBjIICgJVUxICGgA%3D
X-YouTube-Ad-Signals: dt=1702306413854&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1024%2C576&vis=1&wgl=true&ca_type=image&bid=ANyPxKpIZz7ayy_Gypnhj1bnacLKh0exH4ZfWPBr87ujJlkrADzJ1b_szO1rmwSityGCaelebNSSPuYfDxL7Q50sD0ncTLYzBw

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:34 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr4---sn-ab5sznzs.googlevideo.com/ Frame A7D0 171 KB
172 KB 122ms
53ms Fetch
application/vnd.yt-ump 2607:f8b0:4006:c::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-ab5sznzs.googlevideo.com/videoplayback?expire=1702328014&ei=biJ3ZcOtCKWG_9EP162DoAE&ip=2602%3Affc8%3A2%3A104%3A%3A8&id=o-AII6Khna1hXZKCWM4Vw6mb5etIgNqixjrOa8lTrXqBTE&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=-6&mm=31%2C26&mn=sn-ab5sznzs%2Csn-tt1e7nls&ms=au%2Conr&mv=m&mvi=4&pl=48&initcwndbps=1720000&spc=UWF9f6UkD1dGGvLiAhKoMuPhErsYc1DC1inykA9Yfw&vprv=1&svpuc=1&mime=video%2Fwebm&ns=inzW8yqONRx2iqQivdEydvgP&gir=yes&clen=9341086&dur=144.541&lmt=1700669847142170&mt=1702305941&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=630F224&n=Pb1BHLDopyTFNQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRgIhAKaZzF9VeKO6G_YW8lIu_XdU8ugXMBMd2sEfYZ_idy9BAiEAoEfAqH4oHhWZGeAIx0ZqxiXE7UA_NoJw1vEKOCRUxhY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgU_tiNXP5OlByJvSoLuUOnoj8pJ38snDUX0Ewo3LloukCIFeMgcEmwuMrbLslxWjLSiSO968LjQiRoYuAZBkyzEcB&alr=yes&cpn=5bf49Iee25JajXB7&cver=1.20231205.01.00&range=0-175247&rn=1&rbuf=0&pot=IjJ2fnZ4EwlUEDUZAgkhEzAQJSlHKSAmND0UBxwKDjAPDDQUPzc1GTwoIwY_PTEZN1tFOg==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:c::9 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

21d4d32e78451c93984ac12182c4b3acdf73aabbde43c7d98a6f9fe51e8588b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 14:53:34 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Wed, 22 Nov 2023 16:17:27 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Mon, 11 Dec 2023 14:53:34 GMT

POST
H/1.1 200
OK videoplayback Show response
rr4---sn-ab5sznzs.googlevideo.com/ Frame A7D0 65 KB
66 KB 110ms
43ms Fetch
application/vnd.yt-ump 2607:f8b0:4006:c::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-ab5sznzs.googlevideo.com/videoplayback?expire=1702328014&ei=biJ3ZcOtCKWG_9EP162DoAE&ip=2602%3Affc8%3A2%3A104%3A%3A8&id=o-AII6Khna1hXZKCWM4Vw6mb5etIgNqixjrOa8lTrXqBTE&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=-6&mm=31%2C26&mn=sn-ab5sznzs%2Csn-tt1e7nls&ms=au%2Conr&mv=m&mvi=4&pl=48&initcwndbps=1720000&spc=UWF9f6UkD1dGGvLiAhKoMuPhErsYc1DC1inykA9Yfw&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=inzW8yqONRx2iqQivdEydvgP&gir=yes&clen=2321988&dur=144.581&lmt=1700669846383294&mt=1702305941&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6308224&n=Pb1BHLDopyTFNQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgUUHZwsrtkTYO11IGxu60-kxgvcHBThSSzdNF3Zw0tWoCIQDyLkFDJ-f00QlsYB3cZbROPNSv8liw5qtbg5Qvxenheg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgU_tiNXP5OlByJvSoLuUOnoj8pJ38snDUX0Ewo3LloukCIFeMgcEmwuMrbLslxWjLSiSO968LjQiRoYuAZBkyzEcB&alr=yes&cpn=5bf49Iee25JajXB7&cver=1.20231205.01.00&range=0-66053&rn=2&rbuf=0&pot=IjIRWBFedC8zNlI_ZS9GNVc2Qg8gD0cAUxtzIXssaRZoKlMyWBFSP1sORCBYG1Y_UH0iHA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:c::9 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

39327f4adb7a781a95a49a36b7344e45691f84f04cc2a5e31018a30dba994db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 14:53:34 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Wed, 22 Nov 2023 16:17:26 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Mon, 11 Dec 2023 14:53:34 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/ Frame A7D0 71 KB
24 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffec118849680762bc8ca9a9c378216c425719e78ee7afc6acf50ba0121a41dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:32:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 415243
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24363
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Dec 2024 19:32:51 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/ Frame A7D0 33 KB
8 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

510d1a918c0dc51734373015cfe83940fbe24f694eaa3098c92a1e5e5c5593c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 454419
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Dec 2024 08:39:55 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame A7D0 34 KB
6 KB 306ms
305ms XHR
application/json 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

c851e15cf1e3853527e741af7ade885cf886ccf0adbad1f035170bd077e4b9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20231205.01.00
X-Goog-Visitor-Id: CgtwWmFnSW1WVXBCbyjtxNyrBjIICgJVUxICGgA%3D

Response headers

date: Mon, 11 Dec 2023 14:53:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5662
x-xss-protection: 0

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/xr5daqhgAGA/ Frame A7D0 98 KB
98 KB 27ms
26ms Image
image/webp 2607:f8b0:4006:81f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/xr5daqhgAGA/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1428ca7142007d6a1f788ecc24bcf2317be826cd1c726328901a24b4c43d4515

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:34 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100662
x-xss-protection: 0
server: sffe
etag: "1700669992"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 11 Dec 2023 16:53:34 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame A7D0 28 B
50 B 48ms
42ms XHR
application/json 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-Goog-Request-Time: 1702306414455
Content-Type: application/json
X-YouTube-Utc-Offset: -600
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1
X-YouTube-Client-Version: 1.20231205.01.00
X-YouTube-Time-Zone: Pacific/Honolulu
X-Goog-Visitor-Id: CgtwWmFnSW1WVXBCbyjtxNyrBjIICgJVUxICGgA%3D
X-YouTube-Ad-Signals: dt=1702306413854&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1024%2C576&vis=1&wgl=true&ca_type=image&bid=ANyPxKpIZz7ayy_Gypnhj1bnacLKh0exH4ZfWPBr87ujJlkrADzJ1b_szO1rmwSityGCaelebNSSPuYfDxL7Q50sD0ncTLYzBw

Response headers

date: Mon, 11 Dec 2023 14:53:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame A7D0 50 KB
15 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 11 Dec 2023 20:46:11 GMT

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame 79D1
Redirect Chain

https://insight.adsrvr.org/track/up?adv=hztlnt1&ref=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&upid=cp4n85h&upv=1.1.0&td1=The%20Fall%20Guy&td2=action
https://match.adsrvr.org/track/upb/?adv=hztlnt1&ref=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&upid=cp4n85h&upv=1.1.0&td1=The%20Fall%20Guy&td2=action

938 B
966 B

36ms
31ms

Document
text/html

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=hztlnt1&ref=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&upid=cp4n85h&upv=1.1.0&td1=The%20Fall%20Guy&td2=action
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: d7fd95593fb74390bfb8e3baf35d33f400f962c90a886118bd0939d2bc8f6446

Request headers

Referer: https://d1m96zdhhs5cb2.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 11 Dec 2023 14:53:34 GMT
server: Kestrel
vary: Accept-Encoding

Redirect headers

content-length: 357
date: Mon, 11 Dec 2023 14:53:34 GMT
location: https://match.adsrvr.org/track/upb/?adv=hztlnt1&ref=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&upid=cp4n85h&upv=1.1.0&td1=The%20Fall%20Guy&td2=action
server: Kestrel

GET
H3 200 maxresdefault.webp
i.ytimg.com/vi_webp/xr5daqhgAGA/ Frame A7D0 98 KB
98 KB 26ms
25ms Image
image/webp 2607:f8b0:4006:81f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/xr5daqhgAGA/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1428ca7142007d6a1f788ecc24bcf2317be826cd1c726328901a24b4c43d4515

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:34 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100662
x-xss-protection: 0
server: sffe
etag: "1700669992"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 11 Dec 2023 16:53:34 GMT

POST
H3 200 videoplayback Show response
rr4---sn-ab5sznzs.googlevideo.com/ Frame A7D0 171 KB
171 KB 57ms
27ms Fetch
application/vnd.yt-ump 2607:f8b0:4006:c::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-ab5sznzs.googlevideo.com/videoplayback?expire=1702328014&ei=biJ3ZcOtCKWG_9EP162DoAE&ip=2602%3Affc8%3A2%3A104%3A%3A8&id=o-AII6Khna1hXZKCWM4Vw6mb5etIgNqixjrOa8lTrXqBTE&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=-6&mm=31%2C26&mn=sn-ab5sznzs%2Csn-tt1e7nls&ms=au%2Conr&mv=m&mvi=4&pl=48&initcwndbps=1720000&spc=UWF9f6UkD1dGGvLiAhKoMuPhErsYc1DC1inykA9Yfw&vprv=1&svpuc=1&mime=video%2Fwebm&ns=inzW8yqONRx2iqQivdEydvgP&gir=yes&clen=9341086&dur=144.541&lmt=1700669847142170&mt=1702305941&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=630F224&n=Pb1BHLDopyTFNQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRgIhAKaZzF9VeKO6G_YW8lIu_XdU8ugXMBMd2sEfYZ_idy9BAiEAoEfAqH4oHhWZGeAIx0ZqxiXE7UA_NoJw1vEKOCRUxhY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgU_tiNXP5OlByJvSoLuUOnoj8pJ38snDUX0Ewo3LloukCIFeMgcEmwuMrbLslxWjLSiSO968LjQiRoYuAZBkyzEcB&alr=yes&cpn=5bf49Iee25JajXB7&cver=1.20231205.01.00&range=175248-349792&rn=3&rbuf=3205&pot=Mm4zRtezMomnADN-sKdgHaI06KyM_k7Q7sVZZM87-ujoV4vn6bC8hviBiyx0Riq4CIwE3OpF8iMhNniUAhWmijE6ha0gfX5b0Yy5L0oVCg2OlP5LbRqNu_FuqFsRlBU6nCLDIG7zLObZJKGjBUe-Pw==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:c::9 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6e31cf0e26cb3c72d8113f17fb7c126227be315c0c161ee0a5b435ad319297ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Mon, 11 Dec 2023 14:53:34 GMT
date: Mon, 11 Dec 2023 14:53:34 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Wed, 22 Nov 2023 16:17:27 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 79D1 488 B
1 KB 29ms
28ms Script
application/x-javascript 108.139.33.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=hztlnt1&ref=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&upid=cp4n85h&upv=1.1.0&td1=The%20Fall%20Guy&td2=action
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.33.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-33-128.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://match.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 14:26:23 GMT
Via: 1.1 f458ab1245bb4f257969c1da8e708f88.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Nov 2023 03:37:22 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P2
Age: 1631
x-amz-server-side-encryption: AES256
ETag: "2775054c068b37509e0798448f7fd32c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 488
X-Amz-Cf-Id: u8Xlpefq4lkT8Ba3J8WRwvEMQa89X9To8x3-5sl3O2Dy6NsOFcAGIA==

GET
H2

200

google Show response
match.adsrvr.org/track/cmf/ Frame 8411
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MGM5ZjhmMmEtOTIxZC00NmY1LWJkNTQtYmZlYjIzYzI1Nzlm&gdpr=0&gdpr_consent=&ttd_tdid=0c9f8f2a-921d-46f5-bd54-bfeb2...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f&google_gid=CAESELCPj1HJPs9KZFwge7rG470&google_cver=1

70 B
469 B

36ms
35ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f&google_gid=CAESELCPj1HJPs9KZFwge7rG470&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Mon, 11 Dec 2023 14:53:34 GMT
server: Kestrel

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 14:53:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f&google_gid=CAESELCPj1HJPs9KZFwge7rG470&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2

200

appnexus Show response
match.adsrvr.org/track/cmf/ Frame EECE
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D0c9f8f2a-921d-46f5-bd54-bfeb23c2579f
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=3309842143433809727&ttd_tdid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f

70 B
469 B

37ms
30ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=3309842143433809727&ttd_tdid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Mon, 11 Dec 2023 14:53:34 GMT
server: Kestrel

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 8a4d1c5e-4dc9-4ab6-9e62-031fd93abf39
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 11 Dec 2023 14:53:34 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=3309842143433809727&ttd_tdid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 96.9.249.43; 96.9.249.43; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

rubicon Show response
match.adsrvr.org/track/cmf/ Frame F8E0
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

70 B
469 B

31ms
30ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Mon, 11 Dec 2023 14:53:34 GMT
server: Kestrel

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
Expires: 0
Location: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 19c1ac3b9706c83a73951eba4d239689
content-length: 0

POST
H3 200 videoplayback Show response
rr4---sn-ab5sznzs.googlevideo.com/ Frame A7D0 64 KB
64 KB 24ms
24ms Fetch
application/vnd.yt-ump 2607:f8b0:4006:c::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-ab5sznzs.googlevideo.com/videoplayback?expire=1702328014&ei=biJ3ZcOtCKWG_9EP162DoAE&ip=2602%3Affc8%3A2%3A104%3A%3A8&id=o-AII6Khna1hXZKCWM4Vw6mb5etIgNqixjrOa8lTrXqBTE&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=-6&mm=31%2C26&mn=sn-ab5sznzs%2Csn-tt1e7nls&ms=au%2Conr&mv=m&mvi=4&pl=48&initcwndbps=1720000&spc=UWF9f6UkD1dGGvLiAhKoMuPhErsYc1DC1inykA9Yfw&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=inzW8yqONRx2iqQivdEydvgP&gir=yes&clen=2321988&dur=144.581&lmt=1700669846383294&mt=1702305941&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6308224&n=Pb1BHLDopyTFNQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgUUHZwsrtkTYO11IGxu60-kxgvcHBThSSzdNF3Zw0tWoCIQDyLkFDJ-f00QlsYB3cZbROPNSv8liw5qtbg5Qvxenheg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgU_tiNXP5OlByJvSoLuUOnoj8pJ38snDUX0Ewo3LloukCIFeMgcEmwuMrbLslxWjLSiSO968LjQiRoYuAZBkyzEcB&alr=yes&cpn=5bf49Iee25JajXB7&cver=1.20231205.01.00&range=66054-131589&rn=4&rbuf=3392&pot=Mm4zRtezMomnADN-sKdgHaI06KyM_k7Q7sVZZM87-ujoV4vn6bC8hviBiyx0Riq4CIwE3OpF8iMhNniUAhWmijE6ha0gfX5b0Yy5L0oVCg2OlP5LbRqNu_FuqFsRlBU6nCLDIG7zLObZJKGjBUe-Pw==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:c::9 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0e4fa7cd2e0c4a71af1643e6deb1041507a03ca0b81a3422a45f7384cfbdfcb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 11 Dec 2023 14:53:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Nov 2023 16:17:26 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Mon, 11 Dec 2023 14:53:34 GMT

GET
H3 200 maxresdefault.webp
i.ytimg.com/vi_webp/xr5daqhgAGA/ Frame A7D0 98 KB
98 KB 24ms
24ms Image
image/webp 2607:f8b0:4006:81f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/xr5daqhgAGA/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1428ca7142007d6a1f788ecc24bcf2317be826cd1c726328901a24b4c43d4515

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:53:34 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100662
x-xss-protection: 0
server: sffe
etag: "1700669992"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 11 Dec 2023 16:53:34 GMT

POST
H3 200 videoplayback Show response
rr4---sn-ab5sznzs.googlevideo.com/ Frame A7D0 514 KB
514 KB 25ms
24ms Fetch
application/vnd.yt-ump 2607:f8b0:4006:c::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-ab5sznzs.googlevideo.com/videoplayback?expire=1702328014&ei=biJ3ZcOtCKWG_9EP162DoAE&ip=2602%3Affc8%3A2%3A104%3A%3A8&id=o-AII6Khna1hXZKCWM4Vw6mb5etIgNqixjrOa8lTrXqBTE&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=-6&mm=31%2C26&mn=sn-ab5sznzs%2Csn-tt1e7nls&ms=au%2Conr&mv=m&mvi=4&pl=48&initcwndbps=1720000&spc=UWF9f6UkD1dGGvLiAhKoMuPhErsYc1DC1inykA9Yfw&vprv=1&svpuc=1&mime=video%2Fwebm&ns=inzW8yqONRx2iqQivdEydvgP&gir=yes&clen=9341086&dur=144.541&lmt=1700669847142170&mt=1702305941&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=630F224&n=Pb1BHLDopyTFNQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRgIhAKaZzF9VeKO6G_YW8lIu_XdU8ugXMBMd2sEfYZ_idy9BAiEAoEfAqH4oHhWZGeAIx0ZqxiXE7UA_NoJw1vEKOCRUxhY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgU_tiNXP5OlByJvSoLuUOnoj8pJ38snDUX0Ewo3LloukCIFeMgcEmwuMrbLslxWjLSiSO968LjQiRoYuAZBkyzEcB&alr=yes&cpn=5bf49Iee25JajXB7&cver=1.20231205.01.00&range=349793-876337&rn=5&rbuf=6033&pot=Mm4zRtezMomnADN-sKdgHaI06KyM_k7Q7sVZZM87-ujoV4vn6bC8hviBiyx0Riq4CIwE3OpF8iMhNniUAhWmijE6ha0gfX5b0Yy5L0oVCg2OlP5LbRqNu_FuqFsRlBU6nCLDIG7zLObZJKGjBUe-Pw==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:c::9 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9e69eeb7c9ef01e492433d43cc325ae49bd365b4e78d5f8affcdd2f421029c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Mon, 11 Dec 2023 14:53:34 GMT
date: Mon, 11 Dec 2023 14:53:34 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Wed, 22 Nov 2023 16:17:27 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

GET
H2 200 dLM7v-jwjoUMv937eVUBsJqxdLvdCHy_XzywZKANzr8kmP4f-5ywKetmNqTlv72W4sbdLFOUpQ=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame A7D0 4 KB
4 KB 25ms
24ms Image
image/jpeg 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/dLM7v-jwjoUMv937eVUBsJqxdLvdCHy_XzywZKANzr8kmP4f-5ywKetmNqTlv72W4sbdLFOUpQ=s88-c-k-c0x00ffffff-no-rj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9d842f8078782743b783afdd5bf1593aac5f13128f0c738199abe4da3653665f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:58:45 GMT
x-content-type-options: nosniff
age: 6889
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4279
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 12 Dec 2023 12:58:45 GMT

POST
H3 200 videoplayback Show response
rr4---sn-ab5sznzs.googlevideo.com/ Frame A7D0 128 KB
128 KB 27ms
26ms Fetch
application/vnd.yt-ump 2607:f8b0:4006:c::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-ab5sznzs.googlevideo.com/videoplayback?expire=1702328014&ei=biJ3ZcOtCKWG_9EP162DoAE&ip=2602%3Affc8%3A2%3A104%3A%3A8&id=o-AII6Khna1hXZKCWM4Vw6mb5etIgNqixjrOa8lTrXqBTE&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=-6&mm=31%2C26&mn=sn-ab5sznzs%2Csn-tt1e7nls&ms=au%2Conr&mv=m&mvi=4&pl=48&initcwndbps=1720000&spc=UWF9f6UkD1dGGvLiAhKoMuPhErsYc1DC1inykA9Yfw&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=inzW8yqONRx2iqQivdEydvgP&gir=yes&clen=2321988&dur=144.581&lmt=1700669846383294&mt=1702305941&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6308224&n=Pb1BHLDopyTFNQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgUUHZwsrtkTYO11IGxu60-kxgvcHBThSSzdNF3Zw0tWoCIQDyLkFDJ-f00QlsYB3cZbROPNSv8liw5qtbg5Qvxenheg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgU_tiNXP5OlByJvSoLuUOnoj8pJ38snDUX0Ewo3LloukCIFeMgcEmwuMrbLslxWjLSiSO968LjQiRoYuAZBkyzEcB&alr=yes&cpn=5bf49Iee25JajXB7&cver=1.20231205.01.00&range=131590-263013&rn=6&rbuf=6783&pot=Mm4zRtezMomnADN-sKdgHaI06KyM_k7Q7sVZZM87-ujoV4vn6bC8hviBiyx0Riq4CIwE3OpF8iMhNniUAhWmijE6ha0gfX5b0Yy5L0oVCg2OlP5LbRqNu_FuqFsRlBU6nCLDIG7zLObZJKGjBUe-Pw==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:c::9 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5af4b602a2f1b0df17d572b4739ca83b177a97e3f5a12646fa18607bc340bfdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 11 Dec 2023 14:53:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Nov 2023 16:17:26 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Mon, 11 Dec 2023 14:53:34 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/965588907/ 3 KB
2 KB 47ms
46ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/965588907/?random=1702306415669&cv=11&fst=1702306415669&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=GJaSCMirmvIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&bttype=purchase&auid=333263714.1702306412&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

1dfd053b638c74d5652aba1cc31500d34915ffdaec27f8a0f4f7c3c0958ab9c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1656
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=COv408nRh4MDFbAdTwgdzlEC7g;src=undefined;type=fallg0;cat=3sdwell;ord=8264843594928;auiddc=333263714.1702306412;gtm=45He3bt0v831986021;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;u... Show response
undefined.fls.doubleclick.net/ Frame 39F4
Redirect Chain

https://undefined.fls.doubleclick.net/activityi;src=undefined;type=fallg0;cat=3sdwell;ord=8264843594928;auiddc=333263714.1702306412;gtm=45He3bt0v831986021;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb...
https://undefined.fls.doubleclick.net/activityi;dc_pre=COv408nRh4MDFbAdTwgdzlEC7g;src=undefined;type=fallg0;cat=3sdwell;ord=8264843594928;auiddc=333263714.1702306412;gtm=45He3bt0v831986021;gcd=11l1...

495 B
313 B

49ms
49ms

Document
text/html

142.251.40.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://undefined.fls.doubleclick.net/activityi;dc_pre=COv408nRh4MDFbAdTwgdzlEC7g;src=undefined;type=fallg0;cat=3sdwell;ord=8264843594928;auiddc=333263714.1702306412;gtm=45He3bt0v831986021;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.134 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f6.1e100.net

Software

cafe /

Resource Hash

9307b654f71dfde3e7dba2f9ff217c112b3b6e9f3fadb7fdaf1a35ebf64f9066

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1m96zdhhs5cb2.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 291
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 14:53:35 GMT
expires: Mon, 11 Dec 2023 14:53:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 14:53:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://undefined.fls.doubleclick.net/activityi;dc_pre=COv408nRh4MDFbAdTwgdzlEC7g;src=undefined;type=fallg0;cat=3sdwell;ord=8264843594928;auiddc=333263714.1702306412;gtm=45He3bt0v831986021;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/965588907/ 3 KB
2 KB 44ms
43ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/965588907/?random=1702306415681&cv=11&fst=1702306415681&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=vJpnCMurmvIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&bttype=purchase&auid=333263714.1702306412&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

24886e1db2f628053f3288a59bfc0abca9b86902c406d0756e6e6389e51edc63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1664
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/undefined/ 3 KB
2 KB 48ms
48ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/undefined/?random=1702306415685&cv=11&fst=1702306415685&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=jGviCL3L6PoYEOCb5rsp&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&bttype=purchase&auid=333263714.1702306412&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

8ff6df53820e84bac1be8307f595e60732ffdcb27549d7056a3d70bbf835574c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1656
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/undefined/ 3 KB
2 KB 44ms
43ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/undefined/?random=1702306415690&cv=11&fst=1702306415690&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=undefined&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&bttype=purchase&auid=333263714.1702306412&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

0ae1bb4e01c4762672f2bcf1d25027a03a26e37548d6ac8bf2dcb068d4c27c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1629
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 42ms
41ms Ping
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-VP9M4F29MZ&gtm=45je3bt0v888314821&_p=1702306412257&gcd=11l1l1l1l1&dma=0&cid=956491188.1702306413&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1702306413&sct=1&seg=1&dl=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&dt=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&en=scroll&epn.percent_scrolled=90&_et=219&tfd=3983
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VP9M4F29MZ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d1m96zdhhs5cb2.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 40ms
40ms Ping
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-VP9M4F29MZ&gtm=45je3bt0v888314821z8831986021&_p=1702306412257&gcd=11l1l1l1l1&dma=0&cid=956491188.1702306413&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=4&sid=1702306413&sct=1&seg=1&dl=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&dt=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&en=3sec_dwell&_c=1&ep.movie_name=The%20Fall%20Guy&ep.market=ca_fr&ep.genre_1=action&ep.imdb_id=tt1684562&ep.content_genome_id=n%2Fa&ep.essence_genre=action&ep.template=powster&ep.page_type=showtimes&ep.page_name=home&ep.movie_release_date=2024-03-01&ep.site_name=the%20fall%20guy%20movie%20-%20showtimes%20site&_et=2379&tfd=3984
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VP9M4F29MZ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d1m96zdhhs5cb2.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
24ms Image
image/gif 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=288377124&t=event&ni=0&_s=1&dl=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&ul=en-us&de=UTF-8&dt=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=3sec%20Dwell&ea=undefined&_u=aEDAAEABAAAAACAEK~&jid=&gjid=&cid=956491188.1702306413&tid=UA-111182121-82&_gid=976521118.1702306413&gtm=45He3bt0n81MC55JLCv831986021&cd1=the%20fall%20guy%20movie%20-%20showtimes%20site&cd2=ca_fr&cd3=powster&cd4=home&cd5=showtimes&cd6=The%20Fall%20Guy&cd7=action&cd8=n%2Fa&cd10=action&cd11=2024-03-01&cd12=tt1684562&gcd=11l1l1l1l1&dma=0&cd13=956491188.1702306413&z=863980984

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 22:45:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58089
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync
hb.yahoo.net/
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=hztlnt1&ct=0:niat6li&fmt=3&td1=The%20Fall%20Guy&td2=action
https://ups.analytics.yahoo.com/ups/55953/sync?uid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/55953/sync?uid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f&gdpr=0&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1zRUYwR0hCRTJ1RmNVMHhKNzE4VXFfaHdNaWp1eE41QX5B&gdpr=0&ovsid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f&dpid=55953

53 B
659 B

166ms
64ms

Image
image/gif

23.223.209.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS1zRUYwR0hCRTJ1RmNVMHhKNzE4VXFfaHdNaWp1eE41QX5B&gdpr=0&ovsid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f&dpid=55953

Protocol

Server

23.223.209.209 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-223-209-209.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Mon, 11 Dec 2023 14:53:36 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Mon, 11 Dec 2023 14:53:36 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1zRUYwR0hCRTJ1RmNVMHhKNzE4VXFfaHdNaWp1eE41QX5B&gdpr=0&ovsid=0c9f8f2a-921d-46f5-bd54-bfeb23c2579f&dpid=55953
date: Mon, 11 Dec 2023 14:53:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
840 B 288ms
288ms Ping
text/plain 23.44.203.140
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.140 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-140.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d1m96zdhhs5cb2.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: b48c86f4.57bbe4
date: Mon, 11 Dec 2023 14:53:35 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23121114533539A2AC9D455E8CB7C911-5338F9AAA65E1420-00
x-cache: TCP_MISS from a23-44-202-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 223,23.44.202.12
server-timing: cdn-cache; desc=MISS, edge; dur=202, origin; dur=36, inner; dur=34
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023121114533539A2AC9D455E8CB7C911
x-cache-remote: TCP_MISS from a23-48-100-43.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 36,23.48.100.43
x-tt-trace-host: 012157ed0b957c30d5c3d973b0a86cb54ac3cd0d7a3c546d2403f46c2c9b1d4717a041c50176987d442d0603b9265a4d8c28ccf972c577ba4824ae59028bb0e88ba7334d76973dd28f4bf9bbd57090c82496e4ed5219a3cb987d6fe835e463ffdbb59832e950720e82fc8966861db12d15
access-control-allow-headers: Authorization,*
expires: Mon, 11 Dec 2023 14:53:35 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/965588907/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965588907/?random=1424962629&cv=11&fst=1702306415669&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&...
https://www.google.com/pagead/1p-conversion/965588907/?random=1424962629&cv=11&fst=1702306415669&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A...

42 B
64 B

45ms
45ms

Image
image/gif

2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/965588907/?random=1424962629&cv=11&fst=1702306415669&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=GJaSCMirmvIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRXFXS0ZKdGNUWUl4RU5XamZ6elRZUDJJdUV4Q0psTjZHRnZwcXlzUUZ2VW1UQWxBQ18yYVozQSITCOmi08nRh4MDFZKwnwod3VAFvg&is_vtc=1&ocp_id=byJ3ZamvKpLh_gTdoZXwCw&cid=CAQSKQDICaaNywY2nNVyFWhGDW9K7RRugyDZdRxuhjBiLktc6KTZ5nUjDPZe&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271kIu8UioMitGR9duvOag4z5EjM8MwskA6Q&random=4214147421

Protocol

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/965588907/?random=1424962629&cv=11&fst=1702306415669&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=GJaSCMirmvIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRXFXS0ZKdGNUWUl4RU5XamZ6elRZUDJJdUV4Q0psTjZHRnZwcXlzUUZ2VW1UQWxBQ18yYVozQSITCOmi08nRh4MDFZKwnwod3VAFvg&is_vtc=1&ocp_id=byJ3ZamvKpLh_gTdoZXwCw&cid=CAQSKQDICaaNywY2nNVyFWhGDW9K7RRugyDZdRxuhjBiLktc6KTZ5nUjDPZe&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271kIu8UioMitGR9duvOag4z5EjM8MwskA6Q&random=4214147421
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/965588907/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965588907/?random=1952636210&cv=11&fst=1702306415681&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&...
https://www.google.com/pagead/1p-conversion/965588907/?random=1952636210&cv=11&fst=1702306415681&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A...

42 B
64 B

48ms
48ms

Image
image/gif

2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/965588907/?random=1952636210&cv=11&fst=1702306415681&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=vJpnCMurmvIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRWhyUnpybERZQVB5cTNzamJYN2I4bTVMLU5JTXZFM2lxMGhxdG9BbExuWnhhVGQwU21BN01OQSITCKyA1MnRh4MDFZMWaAgdUKUC2w&is_vtc=1&ocp_id=byJ3ZeyMK5OtoPMP0MqK2A0&cid=CAQSKQDICaaNXP7-fdFQ9oNVSbndT5-9YbYQZRa-W7mglhpOy0aAvCwBw8P5&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271swfxTzk6sje8PNe7JdwLkvAzy1grUXxbA&random=390415571

Protocol

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/965588907/?random=1952636210&cv=11&fst=1702306415681&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=vJpnCMurmvIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRWhyUnpybERZQVB5cTNzamJYN2I4bTVMLU5JTXZFM2lxMGhxdG9BbExuWnhhVGQwU21BN01OQSITCKyA1MnRh4MDFZMWaAgdUKUC2w&is_vtc=1&ocp_id=byJ3ZeyMK5OtoPMP0MqK2A0&cid=CAQSKQDICaaNXP7-fdFQ9oNVSbndT5-9YbYQZRa-W7mglhpOy0aAvCwBw8P5&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271swfxTzk6sje8PNe7JdwLkvAzy1grUXxbA&random=390415571
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/undefined/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=248158497&cv=11&fst=1702306415690&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u...
https://www.google.com/pagead/1p-conversion/undefined/?random=248158497&cv=11&fst=1702306415690&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%...

42 B
64 B

55ms
55ms

Image
image/gif

2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/undefined/?random=248158497&cv=11&fst=1702306415690&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=undefined&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRW55ZlFHUnhMTmZpTUdRUWJWdDZfQV8wVWF3YWswandNWkU5cFdfcWdGX3M2OTlkRnBMUTdkVSITCMO71MnRh4MDFcWKnwodJWwBeQ&is_vtc=1&ocp_id=byJ3ZYPIK8WV_gSl2IXIBw&cid=CAQSKQDICaaNTcz18uxV8XMq5nWszVrP6QBu7-xdUCwKzaIjeTpjpDIzxa3B&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271ikJaG8Yc3Hu-Zyx5ywP4mXoRgdfjgVTpQ&random=632983413

Protocol

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/undefined/?random=248158497&cv=11&fst=1702306415690&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=undefined&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRW55ZlFHUnhMTmZpTUdRUWJWdDZfQV8wVWF3YWswandNWkU5cFdfcWdGX3M2OTlkRnBMUTdkVSITCMO71MnRh4MDFcWKnwodJWwBeQ&is_vtc=1&ocp_id=byJ3ZYPIK8WV_gSl2IXIBw&cid=CAQSKQDICaaNTcz18uxV8XMq5nWszVrP6QBu7-xdUCwKzaIjeTpjpDIzxa3B&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271ikJaG8Yc3Hu-Zyx5ywP4mXoRgdfjgVTpQ&random=632983413
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/undefined/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1986470185&cv=11&fst=1702306415685&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&...
https://www.google.com/pagead/1p-conversion/undefined/?random=1986470185&cv=11&fst=1702306415685&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A...

42 B
64 B

47ms
47ms

Image
image/gif

2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/undefined/?random=1986470185&cv=11&fst=1702306415685&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=jGviCL3L6PoYEOCb5rsp&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRXROR1puUFpiTDBjb3NyLV8tcDZUUTJMZWxzZ1haS1c5LWpvdW5oejRxcmVwdjJIc2RBQlJXNCITCNCp1MnRh4MDFYiXnwod3d4M6w&is_vtc=1&ocp_id=byJ3ZZC2K4iv_gTdvbPYDg&cid=CAQSKQDICaaNdTGKZstcL2a6NtPHWjmmQsXRJpfrAWPbj-EMTrIZmkXUmsc7&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271m5ZaKxc3J4c7NJMeApRApjf7-pUUI29ew&random=1976115609

Protocol

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/undefined/?random=1986470185&cv=11&fst=1702306415685&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831986021&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&label=jGviCL3L6PoYEOCb5rsp&hn=www.googleadservices.com&frm=0&tiba=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&value=0&auid=333263714.1702306412&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0lQYnF3WVFqNjdRaGJIVXc5MzRBUklsQUQyRGpybjRpR3J4cExDRDZ6WlB1cG9GX0JCcFZsVnlhLVdXMjRRd0FDa29ObTZ6UEEaV0NoQUlnSVBicXdZUXJidmZvOWpBMlA0RUVpMEEyOV8xRXROR1puUFpiTDBjb3NyLV8tcDZUUTJMZWxzZ1haS1c5LWpvdW5oejRxcmVwdjJIc2RBQlJXNCITCNCp1MnRh4MDFYiXnwod3d4M6w&is_vtc=1&ocp_id=byJ3ZZC2K4iv_gTdvbPYDg&cid=CAQSKQDICaaNdTGKZstcL2a6NtPHWjmmQsXRJpfrAWPbj-EMTrIZmkXUmsc7&eitems=ChAIgIPbqwYQnuq9gorRqPYoEh0AhL271m5ZaKxc3J4c7NJMeApRApjf7-pUUI29ew&random=1976115609
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=COv408nRh4MDFbAdTwgdzlEC7g;src=undefined;type=fallg0;cat=3sdwell;ord=8264843594928;auiddc=*;gtm=45He3bt0v831986021;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;...
adservice.google.com/ddm/fls/z/ Frame 39F4 42 B
107 B 56ms
55ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COv408nRh4MDFbAdTwgdzlEC7g;src=undefined;type=fallg0;cat=3sdwell;ord=8264843594928;auiddc=*;gtm=45He3bt0v831986021;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F

Requested by

Host: undefined.fls.doubleclick.net
URL: https://undefined.fls.doubleclick.net/activityi;dc_pre=COv408nRh4MDFbAdTwgdzlEC7g;src=undefined;type=fallg0;cat=3sdwell;ord=8264843594928;auiddc=333263714.1702306412;gtm=45He3bt0v831986021;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://undefined.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sv.js Show response
nbcu.track.securedvisit.com/js/ 62 KB
26 KB 164ms
41ms Script
application/javascript 18.210.78.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://nbcu.track.securedvisit.com/js/sv.js?sv_cid=undefined&sv_origin=undefined
Requested by: Host: d1m96zdhhs5cb2.cloudfront.net
URL: https://d1m96zdhhs5cb2.cloudfront.net/js/bolt.js?v=1702070925202
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.78.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-78-157.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 28b9b5288e5afbaaaf04d72f9a83f8553f8df9bce7dc3e6231e7c9bc62f809dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:36 GMT
content-encoding: gzip
last-modified: Mon, 11 Dec 2023 14:53:36 GMT
server: nginx/1.24.0
etag: W/"313493e63437933668e89c6cfb2690ed"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, private
expires: Mon, 11 Dec 2023 14:53:36 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame A7D0 28 B
50 B 44ms
43ms XHR
application/json 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-Goog-Request-Time: 1702306416559
Content-Type: application/json
X-YouTube-Utc-Offset: -600
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/xr5daqhgAGA?rel=0&enablejsapi=1&origin=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net&widgetid=1
X-YouTube-Client-Version: 1.20231205.01.00
X-YouTube-Time-Zone: Pacific/Honolulu
X-Goog-Visitor-Id: CgtwWmFnSW1WVXBCbyjtxNyrBjIICgJVUxICGgA%3D
X-YouTube-Ad-Signals: dt=1702306413720&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1024%2C576&vis=1&wgl=true&ca_type=image&bid=ANyPxKpIZz7ayy_Gypnhj1bnacLKh0exH4ZfWPBr87ujJlkrADzJ1b_szO1rmwSityGCaelebNSSPuYfDxL7Q50sD0ncTLYzBw

Response headers

date: Mon, 11 Dec 2023 14:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

GET
H2 200 /
track.securedvisit.com/ 43 B
178 B 195ms
67ms Image
image/gif 3.222.250.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.securedvisit.com/?sv_dt=2023-12-11T14%3A53%3A36.601Z&sv_cid=undefined&sv_uid=-6219445726447192762&sv_title=Le%20Casca%20Deur%20%7C%20Site%20web%20officiel%20%7C%201%20Mars%202024&sv_referrer=&sv_url=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&sv_keywords=&sv_tzOffset=-1000&sv_inframe=false&sv_ver=2.0.2&sv_session=3612475679991348d993e7f5a8b52fd0&sv_first=true&sv_px_domain_data=%22iHjobdQ1L1QHmw5yAfQvQWn3bhslbd01L1jIKqsID8t1mfjID89ebksJ2kt1LkbY2CnqmfjID89eKkhvQwz1T8Yv8ujOt8ZDK0RWA0QpLZ0SZwYpiUKkgHQvQWn3bhsGgC9GKdt1LkbY2Cnqet%22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.250.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-250-56.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d1m96zdhhs5cb2.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:36 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 38ms
37ms Ping
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W6FD9FK0F1&gtm=45je3bt0v881931567&_p=1702306412257&gcd=11l1l1l1l1&dma=0&cid=956491188.1702306413&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dt=boltHome&dp=boltHome&sid=1702306413&sct=1&seg=0&dl=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&_s=2&tfd=6620
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W6FD9FK0F1&l=dataLayer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d1m96zdhhs5cb2.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d1m96zdhhs5cb2.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 38ms
38ms Ping
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8TPKJ4V9TC&gtm=45je3bt0v881923396&_p=1702306412257&gcd=11l1l1l1l1&dma=0&cid=956491188.1702306413&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dt=boltHome&dp=boltHome&sid=1702306413&sct=1&seg=0&dl=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&_s=2&tfd=6641
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8TPKJ4V9TC&l=dataLayer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d1m96zdhhs5cb2.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d1m96zdhhs5cb2.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 38ms
38ms Ping
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-3SMPLLC284&gtm=45je3bt0v9170029779&_p=1702306412257&gcd=11l1l1l1l1&dma=0&cid=956491188.1702306413&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dt=boltHome&dp=boltHome&sid=1702306413&sct=1&seg=0&dl=https%3A%2F%2Fd1m96zdhhs5cb2.cloudfront.net%2F&_s=2&tfd=6762
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3SMPLLC284&l=dataLayer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d1m96zdhhs5cb2.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 14:53:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d1m96zdhhs5cb2.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 16:53:12	Name: X-AB Value: undefined
.d1m96zdhhs5cb2.cloudfront.net/	1970-01-20 19:01:22	Name: _gcl_au Value: 1.1.333263714.1702306412
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: -9Lx5PB2kU4
.youtube.com/	1970-01-20 21:10:58	Name: VISITOR_INFO1_LIVE Value: pZagImVUpBo
.doubleclick.net/	1970-01-21 02:27:46	Name: IDE Value: AHWqTUkDwgZX6u4LVYSIWd1ElTux30ag2hbqqDrvIh5IZ6ZZvt38Bgr7zfrV4-cD
.d1m96zdhhs5cb2.cloudfront.net/	1970-01-20 19:01:22	Name: _rdt_uuid Value: 1702306412792.d85baa84-1637-4207-8e7e-7f696ae2364b
.tiktok.com/	1970-01-21 02:13:22	Name: _ttp Value: 2ZOwPwPIQTYHmGDX93isQqz39Hx
.d1m96zdhhs5cb2.cloudfront.net/	1970-01-20 16:53:12	Name: _gid Value: GA1.3.976521118.1702306413
.d1m96zdhhs5cb2.cloudfront.net/	1970-01-20 16:51:46	Name: _gat_UA-111182121-82 Value: 1
.d1m96zdhhs5cb2.cloudfront.net/	1970-01-21 02:21:33	Name: _scid Value: 05364af0-b4c6-4bd6-8175-8ac0dda30c27
.d1m96zdhhs5cb2.cloudfront.net/	1970-01-21 02:21:33	Name: _scid_r Value: 05364af0-b4c6-4bd6-8175-8ac0dda30c27
.d1m96zdhhs5cb2.cloudfront.net/	1970-01-21 02:27:46	Name: _ga_W6FD9FK0F1 Value: GS1.1.1702306413.1.0.1702306414.0.0.0
.d1m96zdhhs5cb2.cloudfront.net/	1970-01-21 02:27:46	Name: _ga_8TPKJ4V9TC Value: GS1.1.1702306413.1.0.1702306414.0.0.0
.d1m96zdhhs5cb2.cloudfront.net/	1970-01-21 02:27:46	Name: _ga_3SMPLLC284 Value: GS1.1.1702306413.1.0.1702306414.0.0.0
.adsrvr.org/	1970-01-21 01:38:48	Name: TDID Value: 0c9f8f2a-921d-46f5-bd54-bfeb23c2579f
.adnxs.com/	1970-01-20 19:01:22	Name: uuid2 Value: 3309842143433809727
.rubiconproject.com/	1970-01-21 01:37:22	Name: khaos Value: LQ11AC7H-M-DCT6
.rubiconproject.com/	1970-01-21 01:37:22	Name: audit Value: 1\|m4upBk/jhngMtxDnQU2b2ZI9eDDUDfzAeEAe3hlKg9h+xL8LlrcUaLfSUo+ZJ1KhY3aKJsfyXG+M1KxoLazIt9i2Wk5FrGos0XY24Ec+XLvG7wc1LBro8zYDOvS9jrvp4PFo0EucXaFykBQXVp3yf0NXJJErvk+lvOPiZcgRZFNbOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
.d1m96zdhhs5cb2.cloudfront.net/	1970-01-21 02:27:46	Name: _ga Value: GA1.3.956491188.1702306413
.d1m96zdhhs5cb2.cloudfront.net/	1970-01-21 02:27:46	Name: _ga_VP9M4F29MZ Value: GS1.1.1702306413.1.1.1702306415.58.0.0
.adsrvr.org/	1970-01-21 01:38:48	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIpOiIt9-YvTwQBRIXCghhcHBuZXh1cxILCJqApLrfmL08EAUSFgoHcnViaWNvbhILCNisibffmL08EAUSGQoKcmlnaHRtZWRpYRILCKSwpcHfmL08EAUYBSgBMgsIpvKn7vWYvTwQBUIPIg0IARIJCgV0aWVyMRABWgdoenRsbnQxYAFyCnJpZ2h0bWVkaWE.
.yahoo.com/	1970-01-21 01:37:44	Name: A3 Value: d=AQABBG8id2UCEJqcwAwEaMkeYXNAclEGZCYFEgEBAQFzeGWBZdxH0iMA_eMAAA&S=AQAAAoSOPMyJiuPovnVzcSt-hEI
.analytics.yahoo.com/	1970-01-21 01:37:22	Name: IDSYNC Value: "1769~2fjq:19e0~2fjq"
.hb.yahoo.net/	1970-01-20 21:10:58	Name: visitor-id Value: 3453080166634761000V10
.hb.yahoo.net/	1970-01-20 17:11:56	Name: data-ttd Value: 0c9f8f2a-921d-46f5-bd54-bfeb23c2579f~~63

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/video/bg.webm Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://www.youtube.com/s/player/dee96cfa/www-widgetapi.vflset/www-widgetapi.js(Line 1248) Message: Unrecognized feature: 'web-share'.
network	error	URL: https://dx35vtwkllhj9.cloudfront.net/universalstudios/the-fall-guy/video/bg.mp4 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
alb.reddit.com
analytics.google.com
analytics.tiktok.com
cm.g.doubleclick.net
d1m96zdhhs5cb2.cloudfront.net
dx35vtwkllhj9.cloudfront.net
fonts.gstatic.com
googleads.g.doubleclick.net
hb.yahoo.net
i.ytimg.com
ib.adnxs.com
identity.mparticle.com
insight.adsrvr.org
jnn-pa.googleapis.com
js.adsrvr.org
jssdkcdns.mparticle.com
match.adsrvr.org
nbcu.track.securedvisit.com
p.typekit.net
pixel.rubiconproject.com
rr4---sn-ab5sznzs.googlevideo.com
sc-static.net
showtimes-v2.s-prod.pow.io
static.ads-twitter.com
static.doubleclick.net
stats.g.doubleclick.net
stdata.powster.com
track.securedvisit.com
undefined.fls.doubleclick.net
ups.analytics.yahoo.com
use.typekit.net
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.redditstatic.com
www.youtube.com
yt3.ggpht.com
108.139.33.128
142.250.65.194
142.251.40.130
142.251.40.134
146.75.28.157
15.197.193.217
151.101.129.140
18.210.78.157
23.223.209.209
23.44.203.140
2600:141b:1c00:8::1728:b323
2600:141b:1c00:8::1728:b330
2600:9000:201e:c800:1:f6a7:6380:93a1
2600:9000:24f0:ac00:1:5424:4140:21
2607:f8b0:4004:c0b::9d
2607:f8b0:4006:807::2001
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80f::2004
2607:f8b0:4006:817::200a
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81f::200e
2607:f8b0:4006:81f::2016
2607:f8b0:4006:821::2006
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::2003
2607:f8b0:4006:824::2002
2607:f8b0:4006:c::9
2a04:4e42:200::645
2a04:4e42:600::396
2a04:4e42:600::645
3.162.129.245
3.222.250.56
3.225.218.10
54.76.42.188
68.67.160.137
69.173.151.100
99.86.229.99
00414806bb080803ff9482a52850ff3297920b926ac05424ce97f8603bc24dce
090ccadf685494278d3ded142f2eaed39816cb8c8bd0757d52325b0afabb4df5
0ae1bb4e01c4762672f2bcf1d25027a03a26e37548d6ac8bf2dcb068d4c27c0f
0e4fa7cd2e0c4a71af1643e6deb1041507a03ca0b81a3422a45f7384cfbdfcb6
0e5fede0d08bc85908ee6e65933b5e012ae045f354d8db75bbc66f0a068edb56
1428ca7142007d6a1f788ecc24bcf2317be826cd1c726328901a24b4c43d4515
167ee4702e76b96cfe396221bef5630f2182e4148a3406c303992ab2f44c357a
1a57fc8dcba6c1cfa15040588fc7f7d382d80cd771ac2fea483df0d691567ff7
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1dfd053b638c74d5652aba1cc31500d34915ffdaec27f8a0f4f7c3c0958ab9c4
2163b3b23b5d79dc556ec7e49ca883421d82234764d7a689863124248c65e623
21d4d32e78451c93984ac12182c4b3acdf73aabbde43c7d98a6f9fe51e8588b9
24886e1db2f628053f3288a59bfc0abca9b86902c406d0756e6e6389e51edc63
24fa2128f8460380865cf76881c0f6569aa2d9af6eea4aff5f6f01ad37702d34
260046df51e3a075d75e04e28003d5704880c16f025502d0bb80449999dca3ea
28b9b5288e5afbaaaf04d72f9a83f8553f8df9bce7dc3e6231e7c9bc62f809dd
2a35dbdd42b1284f8569b2317953bca8f427adae30ced1a98543fa0e84e8242e
31961399bce0058c5d312687c52af0c58414b9e95481bd0cb4aed25dfb1c70ad
324474ff12691ad8154450cb63a421b3a43877085c7163f541a02819aeca99f8
383422bebd105d2a26b2ac1c62fc6a1ba30abb8834635d8c0330acf1f9b98d97
39327f4adb7a781a95a49a36b7344e45691f84f04cc2a5e31018a30dba994db9
39d0b6833ec6752f1a049ab5c8629db6763e3f64f1ef7763ff2f6c5c1f476aa3
3a6aae66e19f503bcdd0adff840de161b9bad92c2f41702fd3d9bdc970a14509
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ff5693fee0b60651698141bd74761199a493fb834c1ceba6ceeb21d510de528
41c49ea8909ebb4e7d6eb1d9dfe253ec309baa696146cbb8a17ef8993284047d
4285f1cadfbf46ce6397aa71e90e37f349901edc781ed8913b7fb5b1e1f13d0c
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2
4b186c12bbbb2b7e47d4cde903a82bec38cc0c20849e146a7d193c68f56debec
4f3a0e1c38ba713b7f01fcd3926393f3d5f069899d9581e38faa89c56861515d
510d1a918c0dc51734373015cfe83940fbe24f694eaa3098c92a1e5e5c5593c8
518dbf8bc7c8c3d0f4cfab50205de3e66610a386bceb417145f1e24674f4b26d
52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5af4b602a2f1b0df17d572b4739ca83b177a97e3f5a12646fa18607bc340bfdc
5efa4755198974d4624c5cdc7bf45d009be8acfd1d7b2b6c534489682c9fe4d7
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
611d7644cd2a2c305f04d2cd594aeb6e4ae81d2776ef4955f923e913f99bc615
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b0ab3271deff5456442de664514ebe5b75a958c40152e17daa88c957cd8e54b
6e31cf0e26cb3c72d8113f17fb7c126227be315c0c161ee0a5b435ad319297ab
6f794fc2f243e56950a3ff4993152725b60b6b8e51e79f2eaf8ccb0f7819c37b
707540d0813c2e6c9abb51dcc5f7671a10780d572b30da20197961f80e7fb346
735ac6df8685305b9ad726e3c288b6729b38db93856cbe9affca5b32837594f7
749b479a8548e5751006d04e185368e48db0d7ceac3ba359d25db43fd6c24089
774560d2fea89bff06b2a1771c325dc7869ee0527b8fc74daced341dc5b599c5
7971ef2621082b26c26285633a1381f07f8fb53e00d3e2ed0f9f94da3d89ab5d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
89abdc946588449ab0dd261994ae7f5a0e5b2135d3db5763926de498c1afdff3
8d4654c828cc9abcc8cc440211b603ce29b339d723e807e745f8b3f88a881222
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ff6df53820e84bac1be8307f595e60732ffdcb27549d7056a3d70bbf835574c
9307b654f71dfde3e7dba2f9ff217c112b3b6e9f3fadb7fdaf1a35ebf64f9066
97b5688bbaee63d3c3614c4cacb27a564b834b3636fb9aec6aa208c5f1317ac3
9c64bc8f0616d9397bd837d61f3eb6241def2a326c18842e0e546eff61c2d44c
9d842f8078782743b783afdd5bf1593aac5f13128f0c738199abe4da3653665f
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e69eeb7c9ef01e492433d43cc325ae49bd365b4e78d5f8affcdd2f421029c14
9eccf7cb41988b6cd72ab9765f3b8622311c91b17afba4408189bdde18d36248
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
ae48d0bc3099800d336134faa2d5f2a865820b171b929a4fb164bed5cf368051
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af5dccfc0ddda363f7cd488037d8adc836619335e0236c95a17c89d2f0f10600
b02bab568c9adba159b475a7393bec386587e7edaf08dff6c96b795010814b3e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9b06bd00738f4a68b4399de586c337caa1a3b68b1fe1617fd406292c901c078
ba284524fc142849a1a88b0e0a107792e805516ed1898d0b88f8f5b2f528fe07
c0296951038a4aa370bcc0d6f353d9a8e77e9a5af88e2684f0a80e0cc015c11f
c2e85d10bb210cca4f475b860603d360e5ce46ed9ac9b5c5842baa1ae792efb6
c851e15cf1e3853527e741af7ade885cf886ccf0adbad1f035170bd077e4b9da
c8cf595211c3780ca984d79461caff6908401386ebb9894598ecadc396e22e1f
ca4b56fb8f66ed6aa472283d5b3579dbf4c9ccf58b2d66c86e31ad1ad63ac3f3
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d4a59675e2d0e975b79ba833ce4cb5b23d606acabcd29a6f282f148e7ff97d75
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7fd95593fb74390bfb8e3baf35d33f400f962c90a886118bd0939d2bc8f6446
dc2f89a221891fdcdf1224b55af497ef691f10afb666751af411e3260a8b7244
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e07cabc75ececd695d43b22dcf568bcf5954c0356b19ec4e4d44dcf4d2924747
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
ea21b05fa9bae816909b7b8accd0bf9ba37106ad1b0f46f329fa8fc571a71c01
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f001a7fff2cb9534c6a7f695caac5bb5f8afb221e0b7e4508ffbe37c2680b32e
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5b5b881ef759e5375dddaa3c4c425fb0abbde71903ea26a52c243c970d568c0
f7f8fa97f62ceb0a4b75766e4821b24c075df6eebced5d79c8ad7f7a36d16226
f87839da7c8ddeef9f88828e63e827f3b10fe7473d07bc2bb3455af381059d8f
fa98bd33f44cb9a1dbdcc379ddd0f2fc8446c94bc55e6df6f05198405da3de13
faa8735b5b9178d1a14015583041c5347671db69388feb899a1a6eac6769aaa2
fad4738c9a3a6412f87fee62a82b7eb03eef0a824a8c3b5afabbb24437fe382b
ffec118849680762bc8ca9a9c378216c425719e78ee7afc6acf50ba0121a41dd

d1m96zdhhs5cb2.cloudfront.net Open in urlscan Pro 2600:9000:201e:c800:1:f6a7:6380:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

137 Requests

94 %HTTPS

56 %IPv6

27 Domains

40 Subdomains

36 IPs

2 Countries

7184 kBTransfer

12315 kBSize

25 Cookies

18 Outgoing links

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

d1m96zdhhs5cb2.cloudfront.net Open in urlscan Pro
2600:9000:201e:c800:1:f6a7:6380:93a1 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

94 %
HTTPS

56 %
IPv6

27
Domains

40
Subdomains

36
IPs

2
Countries

7184 kB
Transfer

12315 kB
Size

25
Cookies

137 HTTP transactions
2 data transactions