b.travelmiso.com Open in urlscan Pro
203.76.174.123 Public Scan

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:49 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.137:80
AN-X-Request-Uuid: ca237652-becf-48c4-bf83-6cee595d58c6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://b.travelmiso.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame E149 0
188 B 84ms
22ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=3.27.0&cb=42183025347
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://b.travelmiso.com
date: Mon, 14 Jun 2021 08:07:48 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E149 19 B
715 B 44ms
16ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:49 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.79:80
AN-X-Request-Uuid: 8e16e6d5-769d-49e7-9842-9d4c866f863c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://b.travelmiso.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ Frame E149 5 B
448 B 212ms
152ms XHR
application/json 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&cHJpY2VUeXBlPW5ldCZtaWQ9ODQ4NjU5JnRyYW5zYWN0aW9uSWQ9YTM0MzBmMzctNGMzMy00NmJkLThkOTctNjIzZGYyNjYzNWM1&pt=net&stid=e81efb76-7e4b-46e3-b94d-2063777ee6f0&gdpr=0&gdpr_consent=undefined&fd=1&url=travelmiso.com

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:49 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H2 200 / Show response
adx.adform.net/adx/ Frame E149 5 B
448 B 116ms
56ms XHR
application/json 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:49 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E149 19 B
716 B 48ms
20ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:49 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.140:80
AN-X-Request-Uuid: 2e1a5231-f870-4961-8064-6de8da15f920
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://b.travelmiso.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 hb Show response
ice.360yield.com/ Frame E149 2 KB
2 KB 191ms
134ms XHR
application/json 18.197.249.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22193c1d7bab225fc%22%2C%22version%22%3A%227.1.0-JS-6.3.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22viralize.com%22%2C%22sid%22%3A%222633%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22145b70b6dab2fb%22%2C%22pid%22%3A%2222340124%22%2C%22tid%22%3A%22a3430f37-4c33-46bd-8d97-623df26635c5%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.249.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-249-149.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 62188b62e15ee2145987be408c662a2c378b3fd23b4e59844fd18dd84a539942

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://b.travelmiso.com
date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 1528
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 / Show response
adx.adform.net/adx/ Frame E149 5 B
449 B 110ms
53ms XHR
application/json 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:49 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame E149 24 B
756 B 80ms
24ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.27.0
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 2b1af4070b7ed3c0d572dacba101ebd7075cdfb61f5c036dfdd054472af62573

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 14 Jun 2021 08:07:49 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://b.travelmiso.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 4D73 62 KB
21 KB 59ms
23ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: nichools.com
URL: http://nichools.com/t.js?i=jvz1bqas4afbza0812345&cb=1418811623658068974

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

896fed6cf068a0d1e73a60868a06def4f229223ab2f78856a90f7f81ad9157e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 704 of 1000 / last-modified: 1623449396"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21413
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:49 GMT

GET
H/1.1 200
OK Cookie set usersync Show response
nichools.com/ Frame A76A 9 KB
9 KB 75ms
72ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/usersync?i=jvz1bqas4afbza0812345&a=596b8591b62c52eddce41f9071f339927&cb=1677771623658069147
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=jvz1bqas4afbza0812345&cb=1418811623658068974
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 4bbec97f2ab0a78ae34ae43e18c2d879ce6407bc6bdf75e82a256f69ea062aa9

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:49 GMT
Set-Cookie: SSID=c5298c13332875c7377f27194ce430ecb49bc338; Path=/; Expires=Wed, 16 Jun 2021 08:07:49 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 6c9f184c491eed5c51abd110e89bd97b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: SR4VBVSLWfkwFsPUmYolbCt_vvSwsCfuA-bjIAD8ZSUMj11hqpt7wA==

GET
H/1.1 200
OK Cookie set send Show response
nichools.com/ Frame 42F4 9 KB
9 KB 102ms
93ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/send?i=jvz1bqas4afbza0812345&a=ad0f2611a810207bc4fa9cdf665058213&cb=0985041623658069150
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=jvz1bqas4afbza0812345&cb=1418811623658068974
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 4bbec97f2ab0a78ae34ae43e18c2d879ce6407bc6bdf75e82a256f69ea062aa9

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:49 GMT
Set-Cookie: SSID=2684545cca28ef63c6ffa456019cae4bbc9fd39a; Path=/; Expires=Wed, 16 Jun 2021 08:07:49 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 c2756f406c0dc2bb176f6e2181d7607e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: 4HuN5CNTBphDx5wrNSknGnjTSnwYaRmRe9dZ20X4qJkOWI2FCjPM-g==

GET
H/1.1 200
OK Cookie set async_usersync Show response
nichools.com/ Frame A95F 2 KB
1 KB 108ms
90ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/async_usersync?i=jvz1bqas4afbza0812345&a=fdd68d248266fd4eefa4158297b65a017&cb=4841661623658069152
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=jvz1bqas4afbza0812345&cb=1418811623658068974
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 14e3be446af6289000e9ddc253ffc17a5b2b88b21b41c9f14cf81e96a3f53f0b

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Date: Mon, 14 Jun 2021 08:07:49 GMT
Set-Cookie: SSID=34b620cc24de55f15f904b0e24ff2c1810f02857; Path=/; Expires=Wed, 16 Jun 2021 08:07:49 GMT; HttpOnly; SameSite=None
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 08fee972d33a4bc475aad82a2fc199cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: SfwES-ODDdHv0pEBtt-EwC4O4cWEEY2PG8GQoOclHBREmFAG_B8VyA==

GET
H/1.1 200
OK Cookie set usersync Show response
nichools.com/ Frame E944 9 KB
9 KB 137ms
121ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/usersync?i=jvz1bqas4afbza0812345&a=bfae10c7e8ea157c27c8d4ae1f282c139&cb=8173961623658069154
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=jvz1bqas4afbza0812345&cb=1418811623658068974
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 4bbec97f2ab0a78ae34ae43e18c2d879ce6407bc6bdf75e82a256f69ea062aa9

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:49 GMT
Set-Cookie: SSID=8b46876fd6a70386e15ac3fbb272cafaeec04b40; Path=/; Expires=Wed, 16 Jun 2021 08:07:49 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 40e8cff7eb9a18d9e3d7f191f1493514.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: 10kknUjSaVnOS0lCntoSb7nQ_6KDRhQiCxzC1n9_FR3L4qlBAdrB4Q==

GET
H/1.1 200
OK Cookie set usync Show response
nichools.com/ Frame CF7E 9 KB
9 KB 103ms
87ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/usync?i=jvz1bqas4afbza0812345&a=8d2134f2a2402bac961e8ee1376d93fe5&cb=9589321623658069155
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=jvz1bqas4afbza0812345&cb=1418811623658068974
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 4bbec97f2ab0a78ae34ae43e18c2d879ce6407bc6bdf75e82a256f69ea062aa9

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:49 GMT
Set-Cookie: SSID=a84e9092e94c9dd6da6ec6e9bacaf126ef6bbfa4; Path=/; Expires=Wed, 16 Jun 2021 08:07:49 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 a776ddd883fba0ca203b52822fb50572.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: GXyqYfhmwZL2C9hEksbNOuuWHATFA36kEm9cXQJyoRlRU1YZXWnuBg==

GET
H/1.1 200
OK Cookie set syncro Show response
nichools.com/ Frame 5ADB 9 KB
9 KB 102ms
88ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/syncro?i=jvz1bqas4afbza0812345&a=8ccc4324aeaf4c4badcaf9dfe34affae7&cb=5345311623658069156
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=jvz1bqas4afbza0812345&cb=1418811623658068974
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 4bbec97f2ab0a78ae34ae43e18c2d879ce6407bc6bdf75e82a256f69ea062aa9

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:49 GMT
Set-Cookie: SSID=0f2443f49cbcb646430056dec8eed7bb02e66265; Path=/; Expires=Wed, 16 Jun 2021 08:07:49 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 c2756f406c0dc2bb176f6e2181d7607e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: 91IdizYMiNt6gzUdZZBV4YhoUxsWthc3G12RXHmdJ_RzDq545G6KNw==

GET
H/1.1 200
OK Cookie set stats Show response
nichools.com/ Frame BA38 9 KB
9 KB 128ms
69ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/stats?i=jvz1bqas4afbza0812345&a=8654fe66f7b66c89a1586bae710b09629&cb=6189501623658069157
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=jvz1bqas4afbza0812345&cb=1418811623658068974
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 4bbec97f2ab0a78ae34ae43e18c2d879ce6407bc6bdf75e82a256f69ea062aa9

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:49 GMT
Set-Cookie: SSID=80d066edec887f9e3da4389278c7e1d2ef2a4bd0; Path=/; Expires=Wed, 16 Jun 2021 08:07:49 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 6c9f184c491eed5c51abd110e89bd97b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: RDnwEevXvRPdQBMm7ukAhp46Ntc3CCF_LAWzs9CK7o9YDUGl2GVfnw==

GET
H/1.1 200
OK Cookie set stat Show response
nichools.com/ Frame A374 9 KB
9 KB 165ms
73ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/stat?i=jvz1bqas4afbza0812345&a=423f3e0439b6dbaaf9800062c361b91f3&cb=8217261623658069157
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=jvz1bqas4afbza0812345&cb=1418811623658068974
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 4bbec97f2ab0a78ae34ae43e18c2d879ce6407bc6bdf75e82a256f69ea062aa9

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:49 GMT
Set-Cookie: SSID=2f75141cade78dd088b3e1fdd1d35044a0b37256; Path=/; Expires=Wed, 16 Jun 2021 08:07:49 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 c2756f406c0dc2bb176f6e2181d7607e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: XE12Ny5LpCN0R7-qR_DiThXy2IvXPzTtzJ29o7pMSBvxupG-L9Ma9w==

GET
H/1.1 200
OK Cookie set count Show response
nichools.com/ Frame 8546 9 KB
9 KB 171ms
70ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/count?i=jvz1bqas4afbza0812345&a=a3b2f53d5eac3e79fcc75d15b2c749db3&cb=2048831623658069158
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=jvz1bqas4afbza0812345&cb=1418811623658068974
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 4bbec97f2ab0a78ae34ae43e18c2d879ce6407bc6bdf75e82a256f69ea062aa9

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:49 GMT
Set-Cookie: SSID=d84ca8b3a12461c407f752ea57468789dd326003; Path=/; Expires=Wed, 16 Jun 2021 08:07:49 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 a776ddd883fba0ca203b52822fb50572.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: VnlODkil71oICCaWZAR0q_PxzYRg5MZuaN-RIJo47_vCaAgVW54SYQ==

GET
H/1.1 200
OK Cookie set usersync Show response
nichools.com/ Frame B964 2 KB
1 KB 171ms
70ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/usersync?i=jvz1bqas4afbza0812345&a=f806503c39db99c77ecab4df904769a71&cb=8764801623658069159
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=jvz1bqas4afbza0812345&cb=1418811623658068974
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 93f5880025864af0d44be81b7bf4be49fe8e55e5a9dd48a6e29a0985f7648874

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Date: Mon, 14 Jun 2021 08:07:49 GMT
Set-Cookie: SSID=acfc56f4cecf44c9bb184f13b3af833d91b31d35; Path=/; Expires=Wed, 16 Jun 2021 08:07:49 GMT; HttpOnly; SameSite=None
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 c2756f406c0dc2bb176f6e2181d7607e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: HOt_xUotEdzFDoiGaQuNZdLekFdI0FOgZ9PtqDonalZscbQru3A3yA==

GET
H/1.1 200
OK Cookie set usync Show response
nichools.com/ Frame 6139 9 KB
9 KB 173ms
73ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/usync?i=jvz1bqas4afbza0812345&a=f19319e02c21f9e140ece01a13716d7d1&cb=3672601623658069161
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=jvz1bqas4afbza0812345&cb=1418811623658068974
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 4bbec97f2ab0a78ae34ae43e18c2d879ce6407bc6bdf75e82a256f69ea062aa9

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:49 GMT
Set-Cookie: SSID=2653f8cd25ee06eeeb539ed40ffb6837fcc5f763; Path=/; Expires=Wed, 16 Jun 2021 08:07:49 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 08fee972d33a4bc475aad82a2fc199cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: 7oqbZxhQt_-mP66wJb0W9mu1IMUPOZjWSyB509hM7jbVmA2qbhRtUA==

GET
H/1.1 200
OK Cookie set stat Show response
nichools.com/ Frame A4EE 9 KB
9 KB 194ms
70ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/stat?i=jvz1bqas4afbza0812345&a=ddb7b1af716ec2432bd0a9cacdaf26fd3&cb=7839911623658069162
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=jvz1bqas4afbza0812345&cb=1418811623658068974
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 4bbec97f2ab0a78ae34ae43e18c2d879ce6407bc6bdf75e82a256f69ea062aa9

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:49 GMT
Set-Cookie: SSID=14796d3dc7eebfc8336e145ad1681bc1c695feaf; Path=/; Expires=Wed, 16 Jun 2021 08:07:49 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 6c9f184c491eed5c51abd110e89bd97b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: 8uQISEwyHsEBmxkmIoaZlU6DchzUZ22FxJbqfBGQ9CvLYNUVqMc8dA==

GET
H/1.1 200
OK Cookie set syncro Show response
nichools.com/ Frame EC27 2 KB
2 KB 193ms
68ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/syncro?i=jvz1bqas4afbza0812345&a=bbd85efe9baabbdcc648c8a3d31dcc1e7&cb=8011951623658069163
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=jvz1bqas4afbza0812345&cb=1418811623658068974
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 6fdf5b5e23cc495f5ff25f0361b6ea48ac1c5ec223ac7016c6b58f543ad339bd

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Content-Length: 1875
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:49 GMT
Set-Cookie: SSID=6fca5f8105bd9f6ccecc45f67b528f35b402b7de; Path=/; Expires=Wed, 16 Jun 2021 08:07:49 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 40e8cff7eb9a18d9e3d7f191f1493514.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: cffzyLzDprJgEWTLpuWTNx7PaVksGw2yrajnFqx7AbmIc6AwzuIUkw==

GET
H/1.1 200
OK Cookie set counter Show response
nichools.com/ Frame D060 9 KB
9 KB 225ms
69ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/counter?i=jvz1bqas4afbza0812345&a=ea88bc08b9d4ddfb0ebc29ddbc4139ad5&cb=9879181623658069165
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=jvz1bqas4afbza0812345&cb=1418811623658068974
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 4bbec97f2ab0a78ae34ae43e18c2d879ce6407bc6bdf75e82a256f69ea062aa9

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:49 GMT
Set-Cookie: SSID=6a341889da4af32181e1c1d4c7fd9c177ed785ff; Path=/; Expires=Wed, 16 Jun 2021 08:07:49 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 c2756f406c0dc2bb176f6e2181d7607e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: --vW9YHj49mFujG6QV1KskbOAtYXIYo82qrczr4RUCaB2IR7cD9A9w==

GET
H2 200 pubads_impl_2021060901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D6DF 326 KB
115 KB 18ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dc0b6e4edbfc8d6d8446e112130624fd05d7b8a8cfe62839046fc733c8b19a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 08:43:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116890
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:49 GMT

GET
H2 204 /
ads.viralize.tv/track/ Frame E149 0
39 B 19ms
18ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A10%2C%22category%22%3A%22player_session%22%2C%22session_id%22%3A%2201ebcce79bdd4b7e213888c93f6fa771%3A0%22%2C%22player_session_id%22%3A%220%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22activation%22%7D%5D
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 200 / Show response
ads.viralize.tv/t-bid-opportunity/ Frame E149 0
95 B 18ms
17ms XHR
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/t-bid-opportunity/?t=badn&zid=AAC96m8Xp3g7AdmK&sid=01ebcce79bdd4b7e213888c93f6fa771&u=http%3A%2F%2Fb.travelmiso.com%2F&item=NTQ3NE-xSgeqTR3C.8.wp8sc1&item=NTQzMPMG9nThE5DE.5.wp5sc1&item=NTQ3NE-xSgeqTR3C.6.wp6sc1&item=NTQwNcKLJ9uLoc34.2.wp2sc1&item=NTQwNcKLJ9uLoc34.3.wp3sc1&item=NTQ3NE-xSgeqTR3C.7.wp7sc1&item=NTM2N8GP0Llpb-_y.0.wp0sc1&item=NTQwNcKLJ9uLoc34.4.wp4sc1&item=NTM4Nc2_r0EEHzOM.1.wp1sc1
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: http://b.travelmiso.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H3-29 200 pubads_impl_2021060901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4D73 326 KB
114 KB 32ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dc0b6e4edbfc8d6d8446e112130624fd05d7b8a8cfe62839046fc733c8b19a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 08:43:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116890
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:49 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame A76A
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

59ms
42ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: nichools.com
URL: http://nichools.com/usersync?i=jvz1bqas4afbza0812345&a=596b8591b62c52eddce41f9071f339927&cb=1677771623658069147
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 47
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=G9NOGXxvoeFdGowL3WYg0g8jPr3vkibf5GUMgieIcxSs09E3lxETfRUbJFkoHToIH6qSfPjfEcXWro8LzeItWeMD5%2BG2vVWZTBUEXZp45X%2F92gOaJgaWLjkFTyLTX%2BIQI6r6SikN"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 0aab29152e00001f4d4aa90000000001
cf-ray: 65f211351a2a1f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:49 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wcuos%2BYFA9EWF8Pmt1UM0bL2WDbvdsF51UaHApOo3lj3uCGDoOUAv0Gzc7fD%2BGzeW70H035yOlYLMLog7FL3bKe34X11M1bPWJF%2BYCcHaH0VzHh7di0ZEHs4SekVUZtCQhJfHZ7j"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f21134d8371772-FRA
cf-request-id: 0aab2915090000177265a97000000001
Expires: Mon, 14 Jun 2021 09:07:49 GMT

GET
H/1.1 200
OK pxl.jpg
nichools.com/ 597 B
1 KB 141ms
68ms Image
image/jpeg 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nichools.com/pxl.jpg?i=jvz1bqas4afbza0812345&s=783&p=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&rstk=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&h=3580371623658069274
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:49 GMT
Via: 1.1 a776ddd883fba0ca203b52822fb50572.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Cache: Miss from cloudfront
Content-Type: image/jpeg; charset=UTF-8
Connection: keep-alive
Content-Length: 597
X-Amz-Cf-Id: gi2wKV7N7tbCgN2YZOq4WN8_lbOFjNziVexnl42lQ4NAA_etS51DtQ==

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 42F4
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

29ms
29ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: nichools.com
URL: http://nichools.com/send?i=jvz1bqas4afbza0812345&a=ad0f2611a810207bc4fa9cdf665058213&cb=0985041623658069150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 47
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LhxrFgdBUM6qy%2F%2FQsHicvt9XxiBla9fSTKqc6T8uRDcEAlInj3FW07sJV%2FayQD5Q117%2BujnOGHvmBS6ZMC20P8ETt7wyLizyQWr5o%2FrFMVtvsGRdp%2B5vNSROL6mcjxRxBX4jY0H1"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 0aab29158400001f4dcd29d000000001
cf-ray: 65f21135ab421f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:49 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Y6FHZ5Vy5IWfuRIhfM9%2FfWMp3E5AeP3hqKw6VPGFA10qZ%2FVk61%2B7tAv0Kx2tc5KUSPHUjlsDQ6Iy1D4O0G819KeGUybrRBnECCpAxln6AHUqTJtUsIRMk7mRs3uOr8KphZSawfb6"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f2113528eb1772-FRA
cf-request-id: 0aab291536000017725e189000000001
Expires: Mon, 14 Jun 2021 09:07:49 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame CF7E
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

37ms
37ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: nichools.com
URL: http://nichools.com/usync?i=jvz1bqas4afbza0812345&a=8d2134f2a2402bac961e8ee1376d93fe5&cb=9589321623658069155
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 47
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qOon19Oa5AYJeP%2FdQmex%2BL9NOMMWaI9cjf%2F0cCZKKP5C%2F6WxoxFzCvRv99XmGG43E%2FDkrAstY5FsB0g3bwl6BeKpY5j0xULlc82WRKGwDLVDy8DEMYIpqAE6BIn5XsOebPSg1V1g"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 0aab29158800001f4de7aea000000001
cf-ray: 65f21135ab4b1f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:49 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=to%2F23%2B3AHCjmCMQMweh%2FYzG%2FesXPyejbLaxPf87qe1YLvx5OQm6rXlb5jcUhBjVLkeoz0SJn8DKTh6S8xCAuOG7vl%2BrqAD%2B65znoT38Rk4WNLAvo8QNMLUXI8mBPANMyfWcSs7UT"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f2113539374ed9-FRA
cf-request-id: 0aab29154200004ed9d110f000000001
Expires: Mon, 14 Jun 2021 09:07:49 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4D73 107 B
853 B 49ms
22ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4D73 107 B
570 B 42ms
13ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4D73 15 KB
6 KB 353ms
347ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2587445608800475&correlator=387540455414098&output=ldjh&impl=fifs&eid=31061224%2C31061362%2C31061428%2C21064368%2C31061003%2C31061411%2C21065724%2C31060840&vrg=2021060901&ptt=17&sc=0&sfv=1-0-38&ecs=20210614&iu_parts=21671350435%2C300x250-travelmiso.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&cdm=b.travelmiso.com&bc=23&abxe=1&lmt=1623658069&dt=1623658069336&dlt=1623658069145&idt=168&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=40&adys=11&adks=2590938559&ucis=nqozl022gwzu&ifi=1&ifk=505958889&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&ref=http%3A%2F%2Fb.travelmiso.com%2F&top=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=469439390.1623658069&ga_sid=1623658069&ga_hid=929423681&ga_fc=false&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f37e0359c19659b78e5083debd6cd6ae290cd040261e3182d7cdd61ca00b020c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6038
x-xss-protection: 0
google-lineitem-id: 5367617210
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138311189073
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
0b1d767a59a203f6c6bbca9edc959c16.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4D73 0
0 54ms
14ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://0b1d767a59a203f6c6bbca9edc959c16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 5ADB
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

40ms
40ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: nichools.com
URL: http://nichools.com/syncro?i=jvz1bqas4afbza0812345&a=8ccc4324aeaf4c4badcaf9dfe34affae7&cb=5345311623658069156
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 47
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=s30sdZ6u23cUq4foTuOi%2Fs%2Bl9sUyqPkaxCjgruSoxRTqpyR1UEdcmTwaQBt5f%2BP5ASjwxOpVgYzDtd0x%2B4AjImgQyl7EChY83dmkM7yfxDsC%2F2jdjXyFdWo%2FnAi8zr3IbqzZgTzK"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 0aab2915ac00001f4d2e904000000001
cf-ray: 65f21135dbb61f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:49 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=01%2BTjCZsAbtTDD4jPvY%2Bg8w3%2FLIiOBZKZohmoqudcqPRJGD1A%2FNHLfCnsKBcW4TiW7uM0Q6jUV5xh6vfs7HcRVuJeWvp%2Fr6xQC%2Fmvw64vW%2F1oIzc%2B75NVRy%2FzHaqnitY%2BzXcAMyi"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f2113579e54ed9-FRA
cf-request-id: 0aab29156700004ed9c41bc000000001
Expires: Mon, 14 Jun 2021 09:07:49 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame D6DF 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame D6DF 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D6DF 491 B
301 B 275ms
274ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3518669369014361&correlator=2396204797951413&output=ldjh&impl=fifs&eid=31061290%2C31061413%2C31061151%2C44743203&vrg=2021060901&ptt=17&sc=0&sfv=1-0-38&ecs=20210614&iu_parts=211003152%2Com_ron_dis_300x250_d_catchall_pp0.1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=4&cust_params=domain%3Dtravelmiso.com%26site_id%3D35808%26publisher_id%3D2633&cookie_enabled=1&cdm=b.travelmiso.com&bc=23&abxe=1&dt=1623658069398&dlt=1623658069103&idt=166&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=1260&adys=25&adks=724430845&ucis=w0syz3dvatvp&ifi=1&ifk=2165813388&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=http%3A%2F%2Fb.travelmiso.com%2F&loc=about%3Ablank&top=b.travelmiso.com&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=457636287.1623658069&ga_sid=1623658069&ga_hid=1744021132&ga_fc=false&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60df838b5e313ac24d78eb39c87caef5010e2c589007d15f8b7e43d858666fba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 271
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

fpi.js Show response
ap.lijit.com/www/delivery/ Frame A95F
Redirect Chain

http://ap.lijit.com/www/delivery/fpi.js?z=739868&width=300&height=250
https://ap.lijit.com/www/delivery/fpi.js?z=739868&width=300&height=250

5 KB
3 KB

20ms
20ms

Script
text/javascript

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/delivery/fpi.js?z=739868&width=300&height=250
Requested by: Host: nichools.com
URL: http://nichools.com/async_usersync?i=jvz1bqas4afbza0812345&a=fdd68d248266fd4eefa4158297b65a017&cb=4841661623658069152
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:49 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"60468d89-1540"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap6ams1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Location: https://ap.lijit.com/www/delivery/fpi.js?z=739868&width=300&height=250
Content-length: 0

GET
H/1.1 200
OK global.js Show response
cdn.innity.net/ 1 KB
741 B 36ms
30ms Script
application/javascript 104.111.224.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.innity.net/global.js
Requested by: Host: as.innity.com
URL: http://as.innity.com/synd/?cb=1623658069002&ver=1&pub=9188905e74c28e489b44e954ec0b9bca&zone=87316&output=js&flash=0&url=b.travelmiso.com&width=300&height=250&vpw=1600&vph=1200&auction=e776974-a3903f3
Protocol: HTTP/1.1
Server: 104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-224-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f3517c5a69a80ca8b695cd91cf0b503c3ea5cca71305a3018b5d953cff331983

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 14 Jun 2021 08:07:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jun 2019 10:05:06 GMT
Server: Apache
ETag: "423-58c2310229880-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 369
Expires: Tue, 15 Jun 2021 08:07:49 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame BA38
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

50ms
47ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: nichools.com
URL: http://nichools.com/stats?i=jvz1bqas4afbza0812345&a=8654fe66f7b66c89a1586bae710b09629&cb=6189501623658069157
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 47
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zMSIq0%2Fdq3DHYx2vWPu5xilonlf7daN1v%2BPh4P60FUy2HjzbaSz7%2BzLaRWngQoMdL4%2F3zxjBGEDnlcwNDRXcLnXJlEX6posv6EHF9y4OPrhhZzzJ1Euhm00VbN4n9LTooJFJFcKM"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 0aab29161400001f4dcd2ab000000001
cf-ray: 65f211368d3f1f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:49 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lq3nwRvDAzXih3ITwvy2v1dkjcfLZc39wfyhHipeL7CU0s2PZSCXyM2YTg9ppdczofM8fJUB%2Fv1YBYPHz8Mpyu%2Fru2Ad6%2BAHlcfCzUmNQkbZ7Ggexf9%2F5m6Hln1cXZreq%2BQcjQiC"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f211363c0c4ed9-FRA
cf-request-id: 0aab2915e100004ed9afa99000000001
Expires: Mon, 14 Jun 2021 09:07:49 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame E944
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

44ms
41ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: nichools.com
URL: http://nichools.com/usersync?i=jvz1bqas4afbza0812345&a=bfae10c7e8ea157c27c8d4ae1f282c139&cb=8173961623658069154
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 47
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9VODBaLq6Nm8vVhTaCBx9sSNoWVJq4AVNmApYULBhjOtnuTF6sfJiKfwgTn2XNTbYtK8cJ71jP8nCtOp6VdK0xqJ%2BOdyxRQgfDabkpgaDSinLtclt%2Fl993vDZ1tnErylvsmYu6c%2B"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 0aab29161400001f4dee2fc000000001
cf-ray: 65f211368d401f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:49 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xmu5y7TDa93IWJSRrgdHZ6gfd52xoDEas1qkRTMv9te56b%2BYJbK%2BGapjyZAMGars5cI9%2BVsD3wlgOAUdtOMUckyU%2BeyjzL5bIv7wpOI2oo75xLTxmXZrP9gkVtmIALZnig5vfZba"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f211363bc11772-FRA
cf-request-id: 0aab2915e00000177248376000000001
Expires: Mon, 14 Jun 2021 09:07:49 GMT

GET
H/1.1 200
OK apnx_prebid.js Show response
www.travelmiso.com/js/ Frame F702 176 KB
56 KB 1347ms
336ms Script
application/javascript 203.76.174.123
SG-8-TO-SG 8 to I...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.travelmiso.com/js/apnx_prebid.js
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/bt/300x250.html
Protocol: HTTP/1.1
Server: 203.76.174.123 , Singapore, ASN45470 (SG-8-TO-SG 8 to Infinity Pte Ltd, SG),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: bff83be7565cfae98489d532757ca6117d69ae27dc45695ab34dc1653b3108ec

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Jun 2021 02:41:34 GMT
Server: Microsoft-IIS/10.0
ETag: "0c3f6f5d85cd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 57229

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame A374
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

42ms
42ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: nichools.com
URL: http://nichools.com/stat?i=jvz1bqas4afbza0812345&a=423f3e0439b6dbaaf9800062c361b91f3&cb=8217261623658069157
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 47
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2Bn8IT2h7raSCfWu%2FBnzz%2BIz0kMmykawzCGm%2BIFecB6BGY6VtDi2OCUrn9ezg7bObcpzOlh2gY1ueHcoU2wlDFae1jr%2FauPBBLn05%2BYYtzIlU%2BN7N%2BwNhBygoAe6wnJs7pNiGOzLy"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 0aab29162c00001f4dd227b000000001
cf-ray: 65f21136ad9a1f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:49 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=i6LNfVBA9OCUr%2BlcZ2oZmyMeIZRfovUkSvhYvBE9vnRPvV0zneu6wac7MEwsAdPW%2Bc%2F8EEipH4M2wCXTBu6pdncEIrI%2FNWaOD6epsluJh4HyEkkVPEv52i4xrOS5szC8yyXBlVdv"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f211364c4e4ed9-FRA
cf-request-id: 0aab2915ed00004ed9b438b000000001
Expires: Mon, 14 Jun 2021 09:07:49 GMT

GET
H2 204 /
ads.viralize.tv/track/ Frame E149 0
39 B 17ms
16ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd4b7e213888c93f6fa771%3A0%3ANTQ3NE-xSgeqTR3C~wp6sc1%22%2C%22bid_opportunity_id%22%3A%22NTQ3NE-xSgeqTR3C~wp6sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd4b7e213888c93f6fa771%3A0%3ANTQ3NE-xSgeqTR3C~wp8sc1%22%2C%22bid_opportunity_id%22%3A%22NTQ3NE-xSgeqTR3C~wp8sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd4b7e213888c93f6fa771%3A0%3ANTQ3NE-xSgeqTR3C~wp7sc1%22%2C%22bid_opportunity_id%22%3A%22NTQ3NE-xSgeqTR3C~wp7sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd4b7e213888c93f6fa771%3A0%3ANTQzMPMG9nThE5DE~wp5sc1%22%2C%22bid_opportunity_id%22%3A%22NTQzMPMG9nThE5DE~wp5sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd4b7e213888c93f6fa771%3A0%3ANTM4Nc2_r0EEHzOM~wp1sc1%22%2C%22bid_opportunity_id%22%3A%22NTM4Nc2_r0EEHzOM~wp1sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd4b7e213888c93f6fa771%3A0%3ANTQwNcKLJ9uLoc34~wp4sc1%22%2C%22bid_opportunity_id%22%3A%22NTQwNcKLJ9uLoc34~wp4sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd4b7e213888c93f6fa771%3A0%3ANTQwNcKLJ9uLoc34~wp3sc1%22%2C%22bid_opportunity_id%22%3A%22NTQwNcKLJ9uLoc34~wp3sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%5D
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 204 /
ads.viralize.tv/track/ Frame E149 0
39 B 17ms
16ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd4b7e213888c93f6fa771%3A0%3ANTM2N8GP0Llpb-_y~wp0sc1%22%2C%22bid_opportunity_id%22%3A%22NTM2N8GP0Llpb-_y~wp0sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd4b7e213888c93f6fa771%3A0%3ANTQwNcKLJ9uLoc34~wp2sc1%22%2C%22bid_opportunity_id%22%3A%22NTQwNcKLJ9uLoc34~wp2sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%5D
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 8546
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

45ms
44ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: nichools.com
URL: http://nichools.com/count?i=jvz1bqas4afbza0812345&a=a3b2f53d5eac3e79fcc75d15b2c749db3&cb=2048831623658069158
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 47
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=E0WZR%2BYh9afGKqrjhnKDSNNDh8a14C5CQOOPUeQBkJ9yYrPjtF15%2Bf1fvT3I%2FJnHg9WV8zFHKowvu5qsFWx7ZKl8Z%2BuhjJBv7d5GSlisyZ%2BQy0K2sNvLnwoQQBciJLC8n1hIYUi8"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 0aab29164800001f4d3f258000000001
cf-ray: 65f21136ddeb1f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:49 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=v5MbJAgo%2BMIgHt3M6fx5YzcFJ127Q8q3AG77GTDFRcYeT%2BVSa4Qjax9n3nKq8QTqHBW4N%2B4Y9lem%2BY2iGhWa5KUnROj9jfxVbkl7Fzm8j79zxsQVuackJHX7uWkB8EKuvCdgHs69"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f211365c1a1772-FRA
cf-request-id: 0aab2915f5000017722a01c000000001
Expires: Mon, 14 Jun 2021 09:07:49 GMT

GET
H/1.1 200
OK / Show response
ads.projectagoraservices.com/ Frame B964 10 KB
4 KB 58ms
34ms Script
application/javascript 2a02:26f0:6c00::210:ba19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.projectagoraservices.com/?id=10641&uref=https%3A%2F%2Ftravelmiso.com
Requested by: Host: nichools.com
URL: http://nichools.com/usersync?i=jvz1bqas4afbza0812345&a=f806503c39db99c77ecab4df904769a71&cb=8764801623658069159
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8256fb3e9d3f254f5264de4b5c9120d0886687485ea0511afcee4493f941ccae

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: private, no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 3541
Expires: Mon, 14 Jun 2021 08:07:49 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 6139
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

39ms
38ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: nichools.com
URL: http://nichools.com/usync?i=jvz1bqas4afbza0812345&a=f19319e02c21f9e140ece01a13716d7d1&cb=3672601623658069161
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 47
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0tKMvwyluYHtaikeJjuDDsFNrPUfZUWaXnMThlSGayEvnpAKdKCm620XOgo%2F5WEz5f%2FNndDcFkp1xi6LP7LJuOe5L26ku5RFrWCJz%2B4zUEq1%2BNEDUs0u6v2Tmcl%2F32X9i51YFdIk"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 0aab29164d00001f4d4bad7000000001
cf-ray: 65f21136edf21f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:49 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gSksK78o01RFI%2FErm8Fle6v06%2FMwaO60b8fZTuBVty4wPGRvgUz73Z4Ys06TBm3I6PvAnFqL3F8S1wQp8tBQ7B%2B9BLiRz6DCQVZ%2FE7DIPSPsJdNVSfdjfm%2FNFzVn5O8maG5ATMMk"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f211367d084ed9-FRA
cf-request-id: 0aab29160f00004ed9de2b4000000001
Expires: Mon, 14 Jun 2021 09:07:49 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame A4EE
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

36ms
36ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: nichools.com
URL: http://nichools.com/stat?i=jvz1bqas4afbza0812345&a=ddb7b1af716ec2432bd0a9cacdaf26fd3&cb=7839911623658069162
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 47
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5fb2aKpBZqzzrOfBYs440XXFgM6zehPPEAc6tM4TeoZtHslfcQoEQj7bho%2B7wb%2FKzF%2B2KDRf%2Bo60rHKhHMkOaCs75LvticxeaKeRN7okLuhUXeFDy6v9I9QpXXVoj3OdrBmSK0vL"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 0aab29168400001f4d37bf8000000001
cf-ray: 65f211373e891f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:49 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Dus0Ows1KjSiXxJrGgqEQuDSbfdDJ3MlflZaNNCgqytQ8yNQkI0qDZenJkZ9FlCPZXwEoFwVBQQScztl0NRCUJsUCIgwcrjd%2FeZseGofZEOAWwMiNuQBnIgXceYrrjIKD4vG9aRJ"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f211368c6c1772-FRA
cf-request-id: 0aab2916140000177212acf000000001
Expires: Mon, 14 Jun 2021 09:07:49 GMT

GET
H/1.1 200
OK async.js Show response
cdn.adtrue.com/rtb/ Frame EC27 7 KB
3 KB 57ms
33ms Script
application/x-javascript 2606:4700:10::ac43:607
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.adtrue.com/rtb/async.js
Requested by: Host: nichools.com
URL: http://nichools.com/syncro?i=jvz1bqas4afbza0812345&a=bbd85efe9baabbdcc648c8a3d31dcc1e7&cb=8011951623658069163
Protocol: HTTP/1.1
Server: 2606:4700:10::ac43:607 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:49 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 16 Nov 2020 01:20:45 GMT
Server: cloudflare
Age: 4503014
ETag: W/"5fb1d3ed-1c9f"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f211369cc94eaa-FRA
cf-request-id: 0aab29162400004eaa4c8e9000000001
Expires: Mon, 18 Apr 2022 05:17:35 GMT

GET
H2 200 / Show response
ads.viralize.tv/t-bid-opportunity/ Frame E149 0
83 B 18ms
18ms XHR
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/t-bid-opportunity/?t=badn&zid=AAC96m8Xp3g7AdmK&sid=01ebcce79bdd4b7e213888c93f6fa771&u=http%3A%2F%2Fb.travelmiso.com%2F&item=NTU1NS23zt7cdAyJ.9.wp9sc1
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: http://b.travelmiso.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame D060
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

34ms
34ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: nichools.com
URL: http://nichools.com/counter?i=jvz1bqas4afbza0812345&a=ea88bc08b9d4ddfb0ebc29ddbc4139ad5&cb=9879181623658069165
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 47
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KLVdmVS1%2FITxWNKoFFQlDeiwF0Ttj2%2F0U4O8aGdfLsCY%2FJjkQ3nBZ4vSD04e9GF4hu9tXzuTqnOPJq31K%2B58r1uZQZVtbBYgSqrRVEwecyLqsVZ9LrXs37%2BEzVRWRgthDIQppgaL"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 0aab29168400001f4d0e227000000001
cf-ray: 65f211373e8c1f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:49 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Rd2wrKAj3ewAiwEd3QSO8RwloG4V7m%2BH8kYWYXwt8KqgZlt%2FtYT%2BL776JB4kSo9zivmpbrBWqUCD%2FzEZtULZZoojdoM9%2BMGYfZ9HaMIfbeZD2rP5wyQkQl90fWuVpaRGxanSevJ0"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f21136acbc1772-FRA
cf-request-id: 0aab2916260000177212ad1000000001
Expires: Mon, 14 Jun 2021 09:07:49 GMT

GET
H/1.1 200
OK innity.js Show response
media.innity.net/lib/ 4 KB
1 KB 292ms
30ms Script
application/javascript 104.111.224.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://media.innity.net/lib/innity.js
Requested by: Host: cdn.innity.net
URL: http://cdn.innity.net/global.js
Protocol: HTTP/1.1
Server: 104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-224-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cea68197ad58b6802f8a1735646931eda8e76702b12d90f7df88d537f62b987a

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 14 Jun 2021 08:07:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Nov 2017 06:07:08 GMT
Server: Apache
ETag: "116f-55cf9cc509b00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1073
Expires: Tue, 15 Jun 2021 08:07:49 GMT

GET
H/1.1 200
OK proxy_245521.js Show response
media.innity.net/adnetwork/house/pub_244/ 2 KB
1 KB 312ms
18ms Script
application/javascript 104.111.224.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://media.innity.net/adnetwork/house/pub_244/proxy_245521.js?ord=[timestamp]
Requested by: Host: cdn.innity.net
URL: http://cdn.innity.net/global.js
Protocol: HTTP/1.1
Server: 104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-224-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6af8e0191b4bccefb0bb3f6501ec4a76d17eb080dd45be2f70a1d469815f0ac2

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 14 Jun 2021 08:07:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 09:14:08 GMT
Server: Apache
ETag: "960-5a56fe2cbe0d1-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 987
Expires: Mon, 14 Jun 2021 08:37:49 GMT

GET
H/1.1 200
OK sync Show response
ap.lijit.com/ Frame A95F 87 KB
20 KB 28ms
27ms Script
text/javascript 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/sync
Requested by: Host: ap.lijit.com
URL: http://ap.lijit.com/www/delivery/fpi.js?z=739868&width=300&height=250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: bf7c9484fdc988e2ee44d62563d76afcd64cd75e1c9aae4c2fd195d9ba4fe649

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Mar 2021 20:48:41 GMT
Server: nginx
ETag: W/"60468da9-15bdc"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=86400, must-revalidate
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap6ams1
Expires: Tue, 15 Jun 2021 08:07:49 GMT

GET
H2 200 pav2_3.25.min.js Show response
projectagora.net/libs/ Frame B964 22 KB
5 KB 43ms
18ms Script
application/javascript 2606:4700:3032::ac43:9028
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora.net/libs/pav2_3.25.min.js
Requested by: Host: ads.projectagoraservices.com
URL: http://ads.projectagoraservices.com/?id=10641&uref=https%3A%2F%2Ftravelmiso.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9028 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2889eb05f073f7d5b57871d886412e1330441ccac21d149403e94ebf869fa813

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 2K73VPDJC2M5EPP1
x-amz-id-2: CAXezVOloR5BM7k6KcBaygn90D5HIA2WkbxqFeDoQB9fNX1vTwRmisOeTbHB80NM+rWixnWhezo=
last-modified: Wed, 05 May 2021 10:07:24 GMT
server: cloudflare
etag: W/"5ad9313a3f5ac0b5de3249cbac8ff4c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fHYRPCysXp2iSwGwuBftsIvFSR6CDWu%2BNeBx95kyWOjSYDCxvLlz%2BU2NCoOrp0L14ZnlSmEN6%2FCeivxj6Ry%2FUUuss8oDPYgoj4tkP7iTTFm5C50QleSEWGgeiNgfVeHLPTmPMrH5MziRBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 0aab29176700004dc4d02aa000000001
cf-ray: 65f21138a8984dc4-FRA

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D6DF 10 KB
8 KB 47ms
26ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0c7693a735cb867375a0fc6cecc3ddcc63327c108d1dc80e2a444b935bbbe6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7987
x-xss-protection: 0

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B71A 0
0 20ms
19ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsum5axOzDzxbnwjSYBdXe2jzYbmrIX-S1xTUPufNs4MqLGpLxhMreSloBmUoaipE9izYF_O448b8XDPNcxesjCNhNk_73w1eCQGSWZxISsUtbWHy4SOqriPmwHDhZrv0wswED9UXqQ11lOkVNS_Dqi9QI6xdcABfCs8Zu4yhFDsqe5fc76S6JSF77j1W9c8YffQGJrjVo1iP4rNyeLyZB5zLWCUYEjp5l_NL7GZHmH32pTh78jm5uWJxcLwfWcRIwpx14QGb5T9-6-KqmM1tHOxyKnNS1U-STe1AIdccJTDsa-MpNho0SMaggO0CJm2bg&sai=AMfl-YRjwdEi34c_0eERI1fzDw9DT9RnMfMgeZuiHoJjr9S_mmVGxshCPOizWUD_FnnhemOm3ZwWjOvlvB4PluIxeSavl3EpIgPQDULG_yk2QV_4Or70JO9-AOdwIRd31m8&sig=Cg0ArKJSzBxdI-pmoXMZEAE&urlfix=1&adurl=

Requested by

Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 08:07:49 GMT

GET
H2

200

prebid.js Show response
hb.adpone.com/ Frame B71A
Redirect Chain

http://hb.adpone.com/prebid.js
https://hb.adpone.com/prebid.js

327 KB
94 KB

37ms
37ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid.js
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80ba016670fbff044c837f7a834165b168c368ab2de6ca75f5ebb34b9ee3be2f

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 30
content-type: application/javascript
x-amz-request-id: JD1K3TXXH20KB13N
x-amz-id-2: 6ZYQ/Eh6NlLvioTFOd07rgaIjcD7uVb4CY7nMmtbPY02jStkKtCLEd9zfZMy6pAAD9RlcGxVUo8=
last-modified: Thu, 08 Oct 2020 08:58:50 GMT
server: cloudflare
etag: W/"3f9f2be0df40c2f61ef943e7de1ea106"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EK6Yrcv%2FuAyKqB3cxsIzuu6UtO4UMrKrL%2BtHdMgk1p9wzSTdeEfFHB3jno%2B41pvl56f66lv9M9SLcHtWPUgrFS2lDfVRDt%2BbZDhKmFXf7c6eJ6d8KF1ayEV%2F%2FYfw6I6BUYBYAVyQ"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: rBVPesXy_KxlMhmQGZiGrffT5fqVdJJ6
cache-control: max-age=14400
cf-request-id: 0aab29181800001f4d1b1c4000000001
cf-ray: 65f21139bc301f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:49 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Wx%2FIDqI4WVrBm4abtcycWGJTnucYZ%2Bh7Rq430Q%2FmEwDHPtc6zgz707K0kAiU9H%2BfKWJtqQQFiRwtyS%2BsprFTwslwP9iNzrLX4WivdXmOU22%2BNvaZa4XM4ybHni5rENH%2BOhvVtgP3"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f21138c9071772-FRA
cf-request-id: 0aab29177d000017725e1ba000000001
Expires: Mon, 14 Jun 2021 09:07:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B71A 122 KB
38 KB 46ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:49 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D73 73 KB
28 KB 50ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:49 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4D73 10 KB
8 KB 34ms
19ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

416655e97b01d63c72ac11d3334718adf8895517c7283bb3a8937d2a2a8f5166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7759
x-xss-protection: 0

GET
H/1.1 200
OK impress Show response
exchange.adtrue.com/delivery/ Frame BA62 3 KB
4 KB 382ms
368ms Script
application/javascript 52.34.145.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://exchange.adtrue.com/delivery/impress?pzoneid=19020&ref=http%3A%2F%2Fb.travelmiso.com%2F&cb=3913285576&timeZone=2&adWidth=300&adHeight=250&loc=http://b.travelmiso.com/
Requested by: Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1
Protocol: HTTP/1.1
Server: 52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-145-6.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 1abdb4a1fe88248fa42351074468df9f907fdfc01befe1a5253c5fa8f921af17

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:50 GMT
Server: nginx
Connection: keep-alive
X-ADTRUE-INSTANCE: java1
Content-Length: 3330
Content-Type: application/javascript

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 77FF 61 KB
21 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/exm/300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 261 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 9B02 61 KB
21 KB 14ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/str/300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 539 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:49 GMT

GET
H/1.1 200
OK adcfg Show response
ap.lijit.com/ Frame A95F 159 B
548 B 20ms
20ms Script
application/x-javascript 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/adcfg?zoneid=739868&tid=0a44f2ab01124911af251833e166eb72b731fe46&mode=1&dmn=b.travelmiso.com
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 0c79962696d3db0fdc3f83b2f7a55e866a981f62250b605296862f7549b85cce

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 144

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D6DF 17 KB
7 KB 40ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4D73 17 KB
6 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H2 204 /
ads.viralize.tv/track/ Frame E149 0
39 B 24ms
16ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd4b7e213888c93f6fa771%3A0%3ANTU1NS23zt7cdAyJ~wp9sc1%22%2C%22bid_opportunity_id%22%3A%22NTU1NS23zt7cdAyJ~wp9sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%5D
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
DATA 200
OK truncated
/ Frame B71A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f6a4d28baa2ac5a6fd6541fea989fe80949a12236744491967712edeb93204a

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 prebid.3-25.js Show response
projectagora.net/libs/prebidv3/ Frame B964 360 KB
103 KB 113ms
100ms Script
application/javascript 2606:4700:3032::ac43:9028
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/pav2_3.25.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9028 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03736b108efeca49e24b0f35ff8b9ac3fb4468b6c64de144b1b441cba12f46e2

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 48
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 7STB6VJT6WDA3MWJ
x-amz-id-2: /ys6rJm0v963RwJLIz1Vw+5I2kXtWUdGVY1NXs1SPMPvxGECyDtJJ9CarnGLKSFrT9GII9o7it0=
last-modified: Wed, 05 May 2021 10:36:16 GMT
server: cloudflare
etag: W/"fa7fdd65f39d0e16a18830e016d93050"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KasC66yKOqGRVoha5z0SMMSMW65YQsfhR1%2BCnxiGSguQFpVaxZprfxQPlCGXEOgBe4HBHvCvkVRcx1b%2FGdAFmldJuYgs2OgGJWYYCwMQU5qO3hlgXtQhQg5qcUcdCwDMer%2FgXrB1hG1RDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 0aab2918ab0000c2ea9717f000000001
cf-ray: 65f2113a9a38c2ea-FRA

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 77FF 318 KB
112 KB 15ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H/1.1 200
OK Cookie set inndef_300x250.asp Show response
www.travelmiso.com/acta/friends/ Frame 059B 297 B
611 B 335ms
328ms Document
text/html 203.76.174.123
SG-8-TO-SG 8 to I...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.travelmiso.com/acta/friends/inndef_300x250.asp
Requested by: Host: media.innity.net
URL: http://media.innity.net/adnetwork/house/pub_244/proxy_245521.js?ord=[timestamp]
Protocol: HTTP/1.1
Server: 203.76.174.123 , Singapore, ASN45470 (SG-8-TO-SG 8 to Infinity Pte Ltd, SG),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 048cf513bacc8e80a09e750693111f4296adfbdf081133ddb77e16d2ef090c5e

Request headers

Host: www.travelmiso.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: __gads=ID=79a2f6b1aefcf0ef-22d6a1c35fc800bf:T=1623658069:S=ALNI_MZKud9jDWaTnCxOATBc_62C7oPBVw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Cache-Control: private
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Set-Cookie: ASPSESSIONIDQCSSCCAC=KCCFPFDDFMBOBIFGACPAKFEH; path=/
Date: Mon, 14 Jun 2021 08:07:49 GMT
Content-Length: 343

GET
H/1.1 200
OK analytics.js Show response
cdn.innity.net/ 173 B
523 B 19ms
19ms Script
application/javascript 104.111.224.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.innity.net/analytics.js
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-224-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d86f773cc0628268e605173f2d589ee2ec9ecfd150e454514240eb2bfcb1fb82

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Dec 2015 07:32:50 GMT
Server: Apache
ETag: "ad-5267218ef0c80-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 152
Expires: Tue, 15 Jun 2021 08:07:50 GMT

GET
H/1.1 200
OK 300x250-btf.html Show response
b.travelmiso.com/ads/bt/ Frame E6D5 2 KB
1 KB 179ms
175ms Document
text/html 203.76.174.123
SG-8-TO-SG 8 to I...

General

Check archive.org

Show headers Download Go to

Full URL: http://b.travelmiso.com/ads/bt/300x250-btf.html
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 203.76.174.123 , Singapore, ASN45470 (SG-8-TO-SG 8 to Infinity Pte Ltd, SG),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5935015fdcf1c112ffd02ad2701afabc23fa8a6da7ffa7b002c23763fb11231f

Request headers

Host: b.travelmiso.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ASPSESSIONIDQCSSCCAC=GCCFPFDDCGMEHOCDGNFOFDGP; __gads=ID=79a2f6b1aefcf0ef-22d6a1c35fc800bf:T=1623658069:S=ALNI_MZKud9jDWaTnCxOATBc_62C7oPBVw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Wed, 09 Jun 2021 02:43:18 GMT
Accept-Ranges: bytes
ETag: "f214134d95cd71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Date: Mon, 14 Jun 2021 08:07:49 GMT
Content-Length: 945

GET
H/1.1 200
OK 300x250.html Show response
b.travelmiso.com/ads/vls/ Frame E534 714 B
774 B 179ms
176ms Document
text/html 203.76.174.123
SG-8-TO-SG 8 to I...

General

Check archive.org

Show headers Download Go to

Full URL: http://b.travelmiso.com/ads/vls/300x250.html
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 203.76.174.123 , Singapore, ASN45470 (SG-8-TO-SG 8 to Infinity Pte Ltd, SG),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9826d8886c55a9908b1a96d55219f80e6d0dfae88d8808801f8935306d50df0f

Request headers

Host: b.travelmiso.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ASPSESSIONIDQCSSCCAC=GCCFPFDDCGMEHOCDGNFOFDGP; __gads=ID=79a2f6b1aefcf0ef-22d6a1c35fc800bf:T=1623658069:S=ALNI_MZKud9jDWaTnCxOATBc_62C7oPBVw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Mon, 13 Jul 2020 15:40:23 GMT
Accept-Ranges: bytes
ETag: "96a35eec2b59d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Date: Mon, 14 Jun 2021 08:07:49 GMT
Content-Length: 502

GET
H/1.1 200
OK 300x250-btf.html Show response
b.travelmiso.com/ads/yl/ Frame 1B96 239 B
576 B 179ms
176ms Document
text/html 203.76.174.123
SG-8-TO-SG 8 to I...

General

Check archive.org

Show headers Download Go to

Full URL: http://b.travelmiso.com/ads/yl/300x250-btf.html
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 203.76.174.123 , Singapore, ASN45470 (SG-8-TO-SG 8 to Infinity Pte Ltd, SG),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: f6a2681d9d055bdf0d0056f9a12d3829ce787e9a5133bffac7dfd863773cf383

Request headers

Host: b.travelmiso.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ASPSESSIONIDQCSSCCAC=GCCFPFDDCGMEHOCDGNFOFDGP; __gads=ID=79a2f6b1aefcf0ef-22d6a1c35fc800bf:T=1623658069:S=ALNI_MZKud9jDWaTnCxOATBc_62C7oPBVw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Mon, 13 Jul 2020 15:40:29 GMT
Accept-Ranges: bytes
ETag: "b11b82ef2b59d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Date: Mon, 14 Jun 2021 08:07:49 GMT
Content-Length: 304

GET
H/1.1 200
OK 300x250.html Show response
b.travelmiso.com/ads/yl/ Frame 483A 239 B
574 B 185ms
183ms Document
text/html 203.76.174.123
SG-8-TO-SG 8 to I...

General

Check archive.org

Show headers Download Go to

Full URL: http://b.travelmiso.com/ads/yl/300x250.html
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 203.76.174.123 , Singapore, ASN45470 (SG-8-TO-SG 8 to Infinity Pte Ltd, SG),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d7d089a8cc7955beab308c948fbd6f45815c5a07b43ccf202158d7cd5eb71434

Request headers

Host: b.travelmiso.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ASPSESSIONIDQCSSCCAC=GCCFPFDDCGMEHOCDGNFOFDGP; __gads=ID=79a2f6b1aefcf0ef-22d6a1c35fc800bf:T=1623658069:S=ALNI_MZKud9jDWaTnCxOATBc_62C7oPBVw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Mon, 13 Jul 2020 15:40:29 GMT
Accept-Ranges: bytes
ETag: "364cf02b59d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Date: Mon, 14 Jun 2021 08:07:49 GMT
Content-Length: 304

GET
H/1.1 200
OK 300x250.html Show response
b.travelmiso.com/ads/gam/ Frame AD69 297 B
615 B 178ms
177ms Document
text/html 203.76.174.123
SG-8-TO-SG 8 to I...

General

Check archive.org

Show headers Download Go to

Full URL: http://b.travelmiso.com/ads/gam/300x250.html
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 203.76.174.123 , Singapore, ASN45470 (SG-8-TO-SG 8 to Infinity Pte Ltd, SG),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 048cf513bacc8e80a09e750693111f4296adfbdf081133ddb77e16d2ef090c5e

Request headers

Host: b.travelmiso.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ASPSESSIONIDQCSSCCAC=GCCFPFDDCGMEHOCDGNFOFDGP; __gads=ID=79a2f6b1aefcf0ef-22d6a1c35fc800bf:T=1623658069:S=ALNI_MZKud9jDWaTnCxOATBc_62C7oPBVw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Mon, 13 Jul 2020 15:40:02 GMT
Accept-Ranges: bytes
ETag: "f3b67fdf2b59d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Date: Mon, 14 Jun 2021 08:07:49 GMT
Content-Length: 343

GET
H/1.1 200
OK 300x250.html Show response
b.travelmiso.com/ads/ucf/ Frame 3313 331 B
647 B 172ms
171ms Document
text/html 203.76.174.123
SG-8-TO-SG 8 to I...

General

Check archive.org

Show headers Download Go to

Full URL: http://b.travelmiso.com/ads/ucf/300x250.html
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 203.76.174.123 , Singapore, ASN45470 (SG-8-TO-SG 8 to Infinity Pte Ltd, SG),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 89184887f32e63b35d3873160a69e7cb720f6361f266a78065e8dcbd129362dd

Request headers

Host: b.travelmiso.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ASPSESSIONIDQCSSCCAC=GCCFPFDDCGMEHOCDGNFOFDGP; __gads=ID=79a2f6b1aefcf0ef-22d6a1c35fc800bf:T=1623658069:S=ALNI_MZKud9jDWaTnCxOATBc_62C7oPBVw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Mon, 13 Jul 2020 15:40:21 GMT
Accept-Ranges: bytes
ETag: "93118eb2b59d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Date: Mon, 14 Jun 2021 08:07:49 GMT
Content-Length: 376

GET
H/1.1 200
OK 300x250-2.html Show response
b.travelmiso.com/ads/ucf/ Frame A0FC 373 B
675 B 343ms
171ms Document
text/html 203.76.174.123
SG-8-TO-SG 8 to I...

General

Check archive.org

Show headers Download Go to

Full URL: http://b.travelmiso.com/ads/ucf/300x250-2.html
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 203.76.174.123 , Singapore, ASN45470 (SG-8-TO-SG 8 to Infinity Pte Ltd, SG),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 513ac9644a583953b23a95939cc9301e2fb85785911525cb1425808932477b70

Request headers

Host: b.travelmiso.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ASPSESSIONIDQCSSCCAC=GCCFPFDDCGMEHOCDGNFOFDGP; __gads=ID=79a2f6b1aefcf0ef-22d6a1c35fc800bf:T=1623658069:S=ALNI_MZKud9jDWaTnCxOATBc_62C7oPBVw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Mon, 13 Jul 2020 15:40:21 GMT
Accept-Ranges: bytes
ETag: "92dfb3ea2b59d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Date: Mon, 14 Jun 2021 08:07:49 GMT
Content-Length: 403

GET
H/1.1 200
OK 300x250.html Show response
b.travelmiso.com/ads/adop/ Frame 556D 237 B
587 B 345ms
175ms Document
text/html 203.76.174.123
SG-8-TO-SG 8 to I...

General

Check archive.org

Show headers Download Go to

Full URL: http://b.travelmiso.com/ads/adop/300x250.html
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 203.76.174.123 , Singapore, ASN45470 (SG-8-TO-SG 8 to Infinity Pte Ltd, SG),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5281ef7042a89f444e234a6a1e035ed3040c117455836c3d77c935e34b9f2299

Request headers

Host: b.travelmiso.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ASPSESSIONIDQCSSCCAC=GCCFPFDDCGMEHOCDGNFOFDGP; __gads=ID=79a2f6b1aefcf0ef-22d6a1c35fc800bf:T=1623658069:S=ALNI_MZKud9jDWaTnCxOATBc_62C7oPBVw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Mon, 13 Jul 2020 15:39:37 GMT
Accept-Ranges: bytes
ETag: "7ef0c3d02b59d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Date: Mon, 14 Jun 2021 08:07:49 GMT
Content-Length: 315

GET
H/1.1 200
OK 300x250.html Show response
b.travelmiso.com/ads/adsp/ Frame 0585 482 B
696 B 351ms
176ms Document
text/html 203.76.174.123
SG-8-TO-SG 8 to I...

General

Check archive.org

Show headers Download Go to

Full URL: http://b.travelmiso.com/ads/adsp/300x250.html
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 203.76.174.123 , Singapore, ASN45470 (SG-8-TO-SG 8 to Infinity Pte Ltd, SG),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4945638accd88df6cd8e07ac5f99ad76180ba39c432944201f76f1ffb2308362

Request headers

Host: b.travelmiso.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ASPSESSIONIDQCSSCCAC=GCCFPFDDCGMEHOCDGNFOFDGP; __gads=ID=79a2f6b1aefcf0ef-22d6a1c35fc800bf:T=1623658069:S=ALNI_MZKud9jDWaTnCxOATBc_62C7oPBVw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Mon, 15 Feb 2021 14:39:57 GMT
Accept-Ranges: bytes
ETag: "667a976ea83d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Date: Mon, 14 Jun 2021 08:07:49 GMT
Content-Length: 425

GET
H2 200 / Show response
ads.viralize.tv/player/ 3 KB
2 KB 22ms
21ms XHR
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/player/?zid=AADSIf6-RvqhS2yK&sid=01ebcce79bdd6998a593b5c3a9c3d841&activation=&experiment=ops.v&u=http%3A%2F%2Fb.travelmiso.com%2F&ahd=1&player_session=%7B%22page_id%22%3A%22017a098ffc044e444fed7cb96752a8d0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1834%2C%22height%22%3A1200%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A160%2C%22height%22%3A600%7D%2C%22player_position%22%3A%7B%22top%22%3A519%2C%22left%22%3A923%7D%7D&r=http%3A%2F%2Fshoppinglifestyle.biz%2F&sc=1&gdpr=1&cmp=unavailable&dd=b.travelmiso.com
Requested by: Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AADSIf6-RvqhS2yK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: fc254214ccac88333c1d7e57e0084164180c0383398572cad83b420fb380c3f6

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://b.travelmiso.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK raven.min.js Show response
cdn.ravenjs.com/3.17.0/ Frame F4AD 25 KB
10 KB 14ms
14ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by: Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AADSIf6-RvqhS2yK
Protocol: HTTP/1.1
Server: 2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: 570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jul 2017 16:58:06 GMT
Server: Fastly
Age: 28359
ETag: "51d6eff0ea5151f41fa0e2f3310fc7c7"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 9634

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.1/ Frame F4AD 95 KB
34 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.12.1/jquery.min.js

Requested by

Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AADSIf6-RvqhS2yK

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 06:18:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 179337
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 34056
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 12 Jun 2022 06:18:53 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ Frame F4AD 72 B
174 B 7ms
7ms Script
text/javascript 151.101.65.26
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated

Requested by

Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AADSIf6-RvqhS2yK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.26 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 508223
detected-user-agent: Chrome Mobile/89.0.4389
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=0
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Tue, 08 Jun 2021 10:31:30 GMT
date: Mon, 14 Jun 2021 08:07:50 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 viralize_player_banner.min.07f50ce3.js Show response
static.viralize.tv/ Frame F4AD 358 KB
112 KB 14ms
14ms Script
application/javascript 2a02:26f0:120::211:7b5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.viralize.tv/viralize_player_banner.min.07f50ce3.js?e=ops
Requested by: Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AADSIf6-RvqhS2yK
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:120::211:7b5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: eb21cbe16828a9be59196144f96632b8a853f173ce31a8300062ed638ffcb7dc

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UyecSkYGEzUgs8-L7WQA489XMZNxd59tvJ2cj6_NZXhxUpdldqiRple_IrhfClXviKnAiG8EKZq3Blcm12sDFyPJvdjEw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 113586
last-modified: Fri, 11 Jun 2021 12:45:24 GMT
server: UploadServer
etag: "07f50ce37d768478c57a3d75508bf39e"
vary: Accept-Encoding
x-goog-hash: crc32c=j4vTvw==, md5=B/UM4312hHjFej11UIvzng==
x-goog-generation: 1623415524664497
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 366310
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 14 Jul 2021 08:07:50 GMT

GET
H2 200 / Show response
ads.viralize.tv/player/ 3 KB
2 KB 23ms
22ms XHR
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/player/?zid=AAC96NRlexLe0QQQ&sid=01ebcce79bdd8a08e56dd70fe641fa11&activation=&u=http%3A%2F%2Fb.travelmiso.com%2F&ahd=1&player_session=%7B%22page_id%22%3A%22017a098ffc044e444fed7cb96752a8d0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1834%2C%22height%22%3A1200%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A300%2C%22height%22%3A600%7D%2C%22player_position%22%3A%7B%22top%22%3A519%2C%22left%22%3A1227%7D%7D&r=http%3A%2F%2Fshoppinglifestyle.biz%2F&sc=1&gdpr=1&cmp=unavailable&dd=b.travelmiso.com
Requested by: Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAC96NRlexLe0QQQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: a5b57e3567664a6a3e648a70ad70cd20ca611c1924e74fc23a1c00a125ad4846

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://b.travelmiso.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK raven.min.js Show response
cdn.ravenjs.com/3.17.0/ Frame 5DCB 25 KB
10 KB 20ms
15ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by: Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAC96NRlexLe0QQQ
Protocol: HTTP/1.1
Server: 2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: 570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jul 2017 16:58:06 GMT
Server: Fastly
Age: 28359
ETag: "51d6eff0ea5151f41fa0e2f3310fc7c7"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 9634

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.1/ Frame 5DCB 95 KB
34 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.12.1/jquery.min.js

Requested by

Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAC96NRlexLe0QQQ

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 06:18:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 179337
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 34056
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 12 Jun 2022 06:18:53 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ Frame 5DCB 72 B
116 B 8ms
7ms Script
text/javascript 151.101.65.26
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated

Requested by

Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAC96NRlexLe0QQQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.26 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 508223
detected-user-agent: Chrome Mobile/89.0.4389
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Tue, 08 Jun 2021 10:31:30 GMT
date: Mon, 14 Jun 2021 08:07:50 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 viralize_player_banner.min.07f50ce3.js Show response
static.viralize.tv/ Frame 5DCB 358 KB
112 KB 14ms
13ms Script
application/javascript 2a02:26f0:120::211:7b5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.viralize.tv/viralize_player_banner.min.07f50ce3.js
Requested by: Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAC96NRlexLe0QQQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:120::211:7b5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: eb21cbe16828a9be59196144f96632b8a853f173ce31a8300062ed638ffcb7dc

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UyBpXSuXTR0F6VX-l2Vt7agHxHoU2Gq--ZqkHzFr1Ru75AE58kghukZwo5L2EbqY-Sx6MyixhabyXWKEk00Qjw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 113586
last-modified: Fri, 11 Jun 2021 12:45:24 GMT
server: UploadServer
etag: "07f50ce37d768478c57a3d75508bf39e"
vary: Accept-Encoding
x-goog-hash: crc32c=j4vTvw==, md5=B/UM4312hHjFej11UIvzng==
x-goog-generation: 1623415524664497
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 366310
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 14 Jul 2021 08:07:50 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 461 B
1 KB 480ms
343ms Script
text/javascript 119.81.192.141
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: http://as.innity.com/synd/?cb=1623658070225&ver=1&pub=9188905e74c28e489b44e954ec0b9bca&zone=87319&output=js&flash=0&url=b.travelmiso.com&width=*&height=*&vpw=1600&vph=1200&auction=e776974-a3903f3
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol: HTTP/1.1
Server: 119.81.192.141 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 8d.c0.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 003ef653f4d00bcc48708007c00636b760c002f3ee2da5211960ceaf737c5484

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jun 2021 08:07:50 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Type: text/javascript; charset=utf-8
Content-Length: 296
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9B02 318 KB
112 KB 14ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H/1.1 200
OK addelivery Show response
ap.lijit.com/ Frame A95F 261 B
852 B 28ms
26ms Script
application/x-javascript 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/addelivery?zoneid=739868&tid=a_739868_ad7ad49366ad48929c4d6e620fa75e51&cb=undefined&mode=1&flv=0.0.0&ifr=true&od=b.travelmiso.com&time=08%3A07%3A50&fd=1&be=sf&loc=http%3A%2F%2Fb.travelmiso.com%2F&orig_loc=http%3A%2F%2Fb.travelmiso.com%2F&abf=true&dpz=false&cv=undefined&dop=0&ndw=1&spif=true&btid=a_739868_ad7ad49366ad48929c4d6e620fa75e51
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 7a851772772a383156ab13dcae54912f33986ca8488b217277a46996e3cf6eaa

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 206

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame D47C 12 KB
5 KB 25ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 14 Jun 2021 07:44:49 GMT
expires: Tue, 14 Jun 2022 07:44:49 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1381
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 160D 783 B
759 B 15ms
15ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

85b84b214d0c36284e921c0bf7539d24427790a4aba570239e4ec42f9f412b54

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s7YW3BulCmqCtoXobfx27A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Mon, 14 Jun 2021 08:07:50 GMT
date: Mon, 14 Jun 2021 08:07:50 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-s7YW3BulCmqCtoXobfx27A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B71A 19 B
716 B 24ms
24ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: http://hb.adpone.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:50 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.239:80
AN-X-Request-Uuid: 44d2d6ed-1fe2-4f4c-8fea-1ccf09255f89
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://b.travelmiso.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame B71A 0
116 B 49ms
16ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: http://hb.adpone.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://b.travelmiso.com
date: Mon, 14 Jun 2021 08:07:49 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame B71A 171 B
437 B 28ms
26ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=715d68e2-0fca-4fae-acf0-b70b388a56ab&nocache=1623658070283&gdpr=0&x_gdpr_f=1&schain=1.0%2C1!adpone.com%2C1992%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1623658069878&auid=541066154
Requested by: Host: hb.adpone.com
URL: http://hb.adpone.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 8a0d714fa61471f1d44b0f893a121af1252fae2e01fbd86935d7d0eab54975f0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
server: OXGW/16.208.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://b.travelmiso.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 162
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame B71A 284 B
1 KB 105ms
32ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=270626&zone_id=1346616&size_id=15&p_pos=atf&gdpr=0&rp_schain=1.0,1!adpone.com,1992,1,,,&rf=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&tk_flint=adpnPbjs_lite_v3.26.0&x_source.tid=715d68e2-0fca-4fae-acf0-b70b388a56ab&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3589646671409743
Requested by: Host: hb.adpone.com
URL: http://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 390f34a7acfc2c467155b4a727266cec67f0ed52eb300312fba4da9e39088c3a

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:50 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://b.travelmiso.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame B71A 0
323 B 93ms
57ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: http://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:49 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame A4B5 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 14 Jun 2021 07:44:49 GMT
expires: Tue, 14 Jun 2022 07:44:49 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1381
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5192 783 B
530 B 18ms
16ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

44650129a6405f1e9a2cebcf99c086b81820ee7972a5ab5c251602e0f79bc89d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HBrg/2wcrQB6aEQsdcc/xQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

expires: Mon, 14 Jun 2021 08:07:50 GMT
date: Mon, 14 Jun 2021 08:07:50 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-HBrg/2wcrQB6aEQsdcc/xQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 77FF 106 KB
29 KB 370ms
370ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=356610498198349&correlator=980787439171413&output=ldjh&impl=fif&eid=31060438%2C31060784%2C31060398%2C31061354%2C31060840&vrg=2021060801&ptt=17&sc=0&sfv=1-0-38&ecs=20210614&iu_parts=42150330%2Ctravelmiso%2Ctravelmiso_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&eri=2&cookie=ID%3D79a2f6b1aefcf0ef-22d6a1c35fc800bf%3AT%3D1623658069%3AS%3DALNI_MZKud9jDWaTnCxOATBc_62C7oPBVw&cdm=b.travelmiso.com&bc=23&abxe=1&lmt=1594654799&dt=1623658070327&dlt=1623658069563&idt=743&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=619&adys=11&adks=3271745543&ucis=lw4yn6ctkdr&ifi=1&ifk=1677781294&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=http%3A%2F%2Fb.travelmiso.com%2Fads%2Fexm%2F300x250.html&ref=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&top=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x0&ga_vid=628443712.1623658070&ga_sid=1623658070&ga_hid=1499035103&ga_fc=false&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09d84ffd35d26fbcb77bb43fd821d59eac118e1a6e8c14d222f2b13646678a7

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPm6ldTVlvECFcO23godFJYEuQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/2228424404972485280/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPm6ldTVlvECFcO23godFJYEuQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/2228424404972485280/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29631
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Mon, 14 Jun 2021 08:07:50 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
ace323fbc6b683616a99f0f08b6daf8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 77FF 0
0 41ms
14ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ace323fbc6b683616a99f0f08b6daf8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B71A 0
0 33ms
18ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrrGQFJ5NWvQagjWpDBbkHGx0kA_Ve38_APxiuJYIGHYfjyHYqKE8DMEtZ2GDOqiFdGpU3Atl8o-UbH9cEgnIq-9cU7n4ZUD_kaNIDvGH3iJAG93iEqgZfglT0mB1ehD5WOM9OEX-6j8eK43W88tH0cAdP9KMsqvfmCNSZAnZxroU4Ohz5A8wCHdLbXWGE0bb6uM2fo9pa90UMCRMc9yOIfyVHumvTP8Yqp17ruruojZ26fh0sLH3JhRbJiJwY_jna9JN1WwDy5925XcTdYmNb3HZ0Egnd0SUS6SQ4LKgYRQsSBTHhDrusBWV8YCGU24xr&sai=AMfl-YTPBs6LIne4qqssq67pXrY0esmf74TrEhq6pvCtf6xsNbcdxSOZ90sgCI169PxFzIRaivpjN8BccI3WBt-gSmxt7L-vlODJIvHinppPiLPgNs4EMSW3t4R9NZ5IwTo&sig=Cg0ArKJSzEOpFj6PECPnEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H/1.1 200
OK /
optimize.innity.com/ 43 B
452 B 362ms
347ms Image
image/gif 119.81.3.35
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://optimize.innity.com/?pubid=244&zoneid=87316&cb=1623658070351
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 119.81.3.35 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 23.03.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:50 GMT
Last-Modified: Mon, 14 Jun 2021 08:07:50 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame C764 62 KB
21 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9866f495460a45d1ec832057bb5b598431206528e7c74fe242d875cb31b3dcd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "902 / 455 of 1000 / last-modified: 1623449396"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 21413
X-XSS-Protection: 0
Expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 5DCB 5 B
448 B 55ms
55ms XHR
application/json 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&cHJpY2VUeXBlPW5ldCZtaWQ9ODQ4NjYyJnRyYW5zYWN0aW9uSWQ9ZjBkZTc2Y2EtOWY5MS00NWI3LTg2ZTMtY2I0ZTA4MGIxY2E1&pt=net&stid=6c700786-798e-42bd-87b0-c00850203758&gdpr=0&gdpr_consent=undefined&fd=1&url=travelmiso.com

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:50 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 5DCB 5 B
448 B 51ms
51ms XHR
application/json 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:50 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5DCB 19 B
715 B 17ms
17ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:50 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.38:80
AN-X-Request-Uuid: dbd65650-17c1-48ad-b96e-757c637cddbb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://b.travelmiso.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 5DCB 0
188 B 20ms
20ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=3.27.0&cb=87407262851
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://b.travelmiso.com
date: Mon, 14 Jun 2021 08:07:50 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5DCB 144 B
1 KB 185ms
185ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

da5582a275c296da1e6ec635a8d8bc8f74a0fb0523cb0a9b95a97cdd51bdd0c6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:50 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.178:80
AN-X-Request-Uuid: 7a10af7e-3975-4798-be7b-1e82884a971b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://b.travelmiso.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5DCB 19 B
716 B 41ms
41ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:50 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.108:80
AN-X-Request-Uuid: 1210a9bc-399d-4e22-856f-ce76dbc02f80
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://b.travelmiso.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 5DCB 24 B
756 B 21ms
21ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.27.0
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 5846c9d5f3bb0c32fe807d8589d2e530e57852c344b58b667eb45a1e3e18f722

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://b.travelmiso.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 5DCB 5 B
448 B 52ms
52ms XHR
application/json 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:50 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H2 200 hb Show response
ice.360yield.com/ Frame 5DCB 4 KB
2 KB 81ms
81ms XHR
application/json 18.197.249.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%222045ccdaac1d3e4%22%2C%22version%22%3A%227.1.0-JS-6.3.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22viralize.com%22%2C%22sid%22%3A%222633%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22189af00e26cc092%22%2C%22pid%22%3A%2222340140%22%2C%22tid%22%3A%22f0de76ca-9f91-45b7-86e3-cb4e080b1ca5%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.249.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-249-149.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 4057245dffeca4510223b12d9fc5495ed307eeaeb3fe1146a326e7c0a544cf06

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://b.travelmiso.com
date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 1919
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 0AF5 61 KB
21 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "902 / 992 of 1000 / last-modified: 1623449339"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 21293
X-XSS-Protection: 0
Expires: Mon, 14 Jun 2021 08:07:50 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame F4AD 0
188 B 20ms
20ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=3.27.0&cb=6774847733
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://b.travelmiso.com
date: Mon, 14 Jun 2021 08:07:50 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F4AD 19 B
715 B 46ms
45ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:50 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.53:80
AN-X-Request-Uuid: 138c258f-21f4-4310-92b3-f6db43938414
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://b.travelmiso.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F4AD 19 B
715 B 20ms
20ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:50 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.38:80
AN-X-Request-Uuid: e1e48ea9-0860-4fef-afc9-33bafaa3cc21
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://b.travelmiso.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ Frame F4AD 5 B
448 B 56ms
56ms XHR
application/json 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&cHJpY2VUeXBlPW5ldCZtaWQ9ODQ4NjcwJnRyYW5zYWN0aW9uSWQ9NzA0MzNhYjUtOTJjNy00MmM5LWJjOTktOGQzNmQ5MmZmN2M2&pt=net&stid=1cfed19f-f927-491f-a8ff-487b8d1da0b0&gdpr=0&gdpr_consent=undefined&fd=1&url=travelmiso.com

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:50 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H2 200 / Show response
adx.adform.net/adx/ Frame F4AD 5 B
448 B 61ms
60ms XHR
application/json 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:50 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F4AD 19 B
715 B 33ms
15ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:50 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.43:80
AN-X-Request-Uuid: 405a20f5-9aaa-452e-a83d-b846779214d1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://b.travelmiso.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 hb Show response
ice.360yield.com/ Frame F4AD 1 KB
765 B 87ms
87ms XHR
application/json 18.197.249.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2219ecf5c506fa0ad%22%2C%22version%22%3A%227.1.0-JS-6.3.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22viralize.com%22%2C%22sid%22%3A%222633%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214df08bc274ec7f%22%2C%22pid%22%3A%2222340172%22%2C%22tid%22%3A%2270433ab5-92c7-42c9-bc99-8d36d92ff7c6%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.249.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-249-149.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c7d9b2f6844743c6df07053ecb517c306560716024a4a62b7347665445a6d488

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://b.travelmiso.com
date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 532
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 / Show response
adx.adform.net/adx/ Frame F4AD 5 B
448 B 60ms
60ms XHR
application/json 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:50 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame F4AD 24 B
756 B 19ms
18ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.27.0
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: dc3500e694556e9d7f4bc780832fdd60eae098650ee86640c73de7ea8d874d19

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://b.travelmiso.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1 200
OK adponegeneral1.js Show response
s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/ Frame DC9F 7 KB
8 KB 1146ms
37ms Script
application/javascript 52.218.96.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/adponegeneral1.js
Requested by: Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.96.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 26e3ca7ea4955ef0f3add437f13b70cb0bff94ded5d99bb5933e80bf1ade44bb

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:52 GMT
Last-Modified: Sat, 09 May 2020 19:50:28 GMT
Server: AmazonS3
x-amz-request-id: FTRQ7R6WXZN58PYM
ETag: "7dad9c68594fb00fa58b39bd12fa9bd7"
Content-Type: application/javascript
x-amz-version-id: XMyhwwsyMGw6DDQEw4ew8Gi.MqWzp_7V
Accept-Ranges: bytes
Content-Length: 7386
x-amz-id-2: Ip2FX8LhtQlhwenzQgfWL3rl/bIjVd4MkNdoYMzOyeNUCGjsp8bErKaKLaxGHg0M9kH9LLsCqAQ=

GET
H2 204 /
ads.viralize.tv/track/ Frame 5DCB 0
39 B 16ms
16ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A10%2C%22category%22%3A%22player_session%22%2C%22session_id%22%3A%2201ebcce79bdd8a08e56dd70fe641fa11%3A0%22%2C%22player_session_id%22%3A%220%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22activation%22%7D%5D
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9B02 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9B02 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B02 0
20 B 52ms
38ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sra_setclickurl&pvsid=2964319579373393&lenfreqs=19%3A1&vrg=2021060801&nw_id=21710144538&nslots=1&eid=31061423&pub_url=http%3A%2F%2Fb.travelmiso.com%2Fads%2Fstr%2F300x250.html

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/str/300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9B02 8 KB
4 KB 49ms
48ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2964319579373393&correlator=2374840954894072&output=ldjh&impl=fif&eid=31061423&vrg=2021060801&ptt=17&sc=0&sfv=1-0-38&ecs=20210614&iu_parts=21710144538%2CDR-GAM-DSK-Travelmiso.com-Directt-RS-STDB-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=360x300%7C336x280%7C250x250%7C300x250&click=%25%25CLICK_URL_UNESC%25%25&eri=4&cookie=ID%3D79a2f6b1aefcf0ef-22d6a1c35fc800bf%3AT%3D1623658069%3AS%3DALNI_MZKud9jDWaTnCxOATBc_62C7oPBVw&cdm=b.travelmiso.com&bc=23&abxe=1&dt=1623658070516&dlt=1623658069566&idt=940&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=923&adys=11&adks=2386355533&ucis=6u4jjmndwx7j&ifi=1&ifk=1079569232&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=travelmiso.com&loc=http%3A%2F%2Fb.travelmiso.com%2Fads%2Fstr%2F300x250.html&top=b.travelmiso.com&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x0&ga_vid=2037942600.1623658071&ga_sid=1623658071&ga_hid=1026844970&ga_fc=false&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bb563ef5abcd76f9d2320e2f2bb98193441a1007797cddeefb76b230950c879

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4193
x-xss-protection: 0
google-lineitem-id: 5595865402
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138340446348
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
8f0df055271aa2a5f2d30a68d2decebb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9B02 0
0 54ms
13ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://8f0df055271aa2a5f2d30a68d2decebb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK Cookie set beacon Show response
gslbeacon.lijit.com/ Frame A8F0 6 KB
2 KB 3067ms
18ms Document
text/html 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://gslbeacon.lijit.com/beacon?viewId=a_739868_ad7ad49366ad48929c4d6e620fa75e51&rand=133&informer=13406526&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com%2F&v=1.2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 1c1197a008ef0eeac40027d2011f930024ae7027d8b64aff0b23435eef6fc419

Request headers

Host: gslbeacon.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://nichools.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=e6d1d55497521ebcd973323b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://nichools.com/

Response headers

Server: nginx
Date: Mon, 14 Jun 2021 08:07:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxdkDESwzAIBP%2BiOgUgBChf8%2FjviTxu2HIZZu%2FgGjq%2BGjbT3XN%2BRsTDXpFx2DrOjqmdlwgmKmAI882zsDq8986%2B8Z8UHOhYyCi0LAcvMH1oYPRtNES%2BxftTUXs4%2B40TeQ6%2Fw7%2Bwv%2FgP6Q3vH15DXO0%3D;Path=/;Domain=.lijit.com;Expires=Tue, 14-Jun-2022 08:07:53 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=e6d1d55497521ebcd973323b;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Tue, 14-Jun-2022 08:07:53 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap5ams1

GET
H/1.1 200
OK containertag Show response
ap.lijit.com/ Frame A95F 47 KB
6 KB 22ms
21ms Script
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/containertag?containerId=18&zoneId=739868&v=2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 49b5a9d4670f825ad185940adfbe74183b456c3efa4b0e44c6ea9976c5d6ce4e

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: raptor
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap6ams1
Content-Type: application/json
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET impression
vap6ams1.lijit.com/addelivery/ Frame A95F 0
0

GET
H2 200 / Show response
adx.adform.net/adx/ Frame B964 5 B
445 B 79ms
78ms XHR
application/json 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwMzA1NjQmdHJhbnNhY3Rpb25JZD1hMWZmZjU4NS1hYWE2LTRkOWMtODhjMC1iZGQ0ODJhZjRhZDE%3D&pt=gross&stid=671e962c-f761-4fc1-b509-7073bd888a4f&gdpr=0&gdpr_consent=undefined&fd=1

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:50 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://nichools.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B964 19 B
712 B 20ms
19ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:50 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.139:80
AN-X-Request-Uuid: 44699b2d-c231-45db-912f-18f9a04fcf45
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://nichools.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK prebid.js Show response
cdn.adtrue.com/pb/ Frame BA62 252 KB
80 KB 22ms
21ms Script
application/x-javascript 2606:4700:10::ac43:607
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.adtrue.com/pb/prebid.js
Requested by: Host: exchange.adtrue.com
URL: http://exchange.adtrue.com/delivery/impress?pzoneid=19020&ref=http%3A%2F%2Fb.travelmiso.com%2F&cb=3913285576&timeZone=2&adWidth=300&adHeight=250&loc=http://b.travelmiso.com/
Protocol: HTTP/1.1
Server: 2606:4700:10::ac43:607 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8935e379e4ffba3e9bc383bdce200b1a6f2a81023182b6a9b5b43f0161b9bcf

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 14 Apr 2021 09:06:46 GMT
Server: cloudflare
Age: 4740344
ETag: W/"6076b0a6-3f06e"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f2113d1f3f4eaa-FRA
cf-request-id: 0aab291a2e00004eaac5a78000000001
Expires: Fri, 15 Apr 2022 11:22:06 GMT

GET
H/1.1 200
OK ga.js Show response
cdn-adtrue.com/track/ Frame BA62 751 B
1 KB 33ms
20ms Script
application/x-javascript 2606:4700:3038::6815:eb9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn-adtrue.com/track/ga.js
Requested by: Host: exchange.adtrue.com
URL: http://exchange.adtrue.com/delivery/impress?pzoneid=19020&ref=http%3A%2F%2Fb.travelmiso.com%2F&cb=3913285576&timeZone=2&adWidth=300&adHeight=250&loc=http://b.travelmiso.com/
Protocol: HTTP/1.1
Server: 2606:4700:3038::6815:eb9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 6408879
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aab291a3b00004d8a890b1000000001
Last-Modified: Thu, 01 Apr 2021 03:35:26 GMT
Server: cloudflare
ETag: W/"60653f7e-2ef"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qovaFVKpc5GJ2oUhgVLcCaViNdrGQkLPrcBT%2FZLvNBYrG2g%2BgD4N7vD4LzwvcugMPvGXrQr%2Bmrziq%2FXKaKXUa%2F5Vk6bwwbs3sdyD7cRwl9ABsXFSfFVsXDXuuJIitoNQiwnncY7tjS8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=31104000
CF-RAY: 65f2113d29774d8a-FRA
Expires: Sun, 27 Mar 2022 03:53:11 GMT

GET
H2 200 / Show response
ads.viralize.tv/t-bid-opportunity/ Frame 5DCB 0
83 B 37ms
34ms XHR
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/t-bid-opportunity/?t=badn&zid=AAC96NRlexLe0QQQ&sid=01ebcce79bdd8a08e56dd70fe641fa11&u=http%3A%2F%2Fb.travelmiso.com%2F&item=NTQwMhF5fDYzZBha.3.wp3sc1&item=NTQwMhF5fDYzZBha.2.wp2sc1&item=NTQ3NXhJL5pivmX_.8.wp8sc1&item=NTQyORfzaWDo5H6H.5.wp5sc1&item=NTQ3NXhJL5pivmX_.6.wp6sc1&item=NTQ3NXhJL5pivmX_.7.wp7sc1&item=NTM4NOazVeU25U7P.1.wp1sc1&item=NTQwMhF5fDYzZBha.4.wp4sc1&item=NTM2NmA42SzuJNnK.0.wp0sc1
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: http://b.travelmiso.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 204 /
ads.viralize.tv/track/ Frame F4AD 0
39 B 26ms
26ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A10%2C%22category%22%3A%22player_session%22%2C%22session_id%22%3A%2201ebcce79bdd6998a593b5c3a9c3d841%3A0%22%2C%22player_session_id%22%3A%220%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22activation%22%7D%5D
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 200 / Show response
ads.viralize.tv/t-bid-opportunity/ Frame F4AD 0
83 B 47ms
47ms XHR
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/t-bid-opportunity/?t=badn&zid=AADSIf6-RvqhS2yK&sid=01ebcce79bdd6998a593b5c3a9c3d841&u=http%3A%2F%2Fb.travelmiso.com%2F&item=NTQzM4NJLhxQu4hM.5.wp5sc1&item=NTQ3N2kIqZELw1g2.8.wp8sc1&item=NTQ3N2kIqZELw1g2.7.wp7sc1&item=NTQwNyJ6ooeDAV4x.4.wp4sc1&item=NTQwNyJ6ooeDAV4x.3.wp3sc1&item=NTQ3N2kIqZELw1g2.6.wp6sc1&item=NTM2MOQMamNKeb6g.0.wp0sc1&item=NTQwNyJ6ooeDAV4x.2.wp2sc1&item=NTM3OGqLtz5uBKJP.1.wp1sc1
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: http://b.travelmiso.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B4F5 0
0 43ms
41ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDXR6HpAcWjTyNiT3-j0FKke_DCjcjZgAwVFO_fti6u4JvF5PXFAmU0u22Rib_NaL1c94gjLTzLZK7V1ExUV5qOkJQGg_Vf9U7v8L_b3AFQdB20IFpehwXxMERIeFRbqMuxXalhZbPBKTjRV-Dxi25SAgJVdAH4eS3aH5aeQ37F7vIGxd9Iw9jE_Rr1ylE0OeCyb2AaNXHYxC0idkRS39HUSVPDqs9VQzsRooIXIEmgW1SEIs-j-_KERp509p4OOTMKwro7OT9LT3EyAuK4vJ5hDPTGsOPJDehsGykS1Q7bF3OldgciPw8DIWA2BhjuGbVj3VxGahXntsSvaw01iDzV_odg4PajZE&sig=Cg0ArKJSzHMyK2JsdB9REAE&urlfix=1&adurl=

Requested by

Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B4F5 61 KB
21 KB 41ms
39ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 561 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B4F5 122 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B02 73 KB
28 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H3-29 200 pubads_impl_2021060901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C764 326 KB
114 KB 33ms
31ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dc0b6e4edbfc8d6d8446e112130624fd05d7b8a8cfe62839046fc733c8b19a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 08:43:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116890
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0AF5 318 KB
112 KB 24ms
22ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H/1.1

200
OK

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 3313
Redirect Chain

http://ads.aralego.com/sdk
http://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

23ms
23ms

Script
application/octet-stream

2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/ucf/300x250.html
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a87fd41597436af0e4160d453d7e8e2b4384edb15d2fdf2058de7c29b31e637

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:51 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 5548
Connection: keep-alive
Content-Length: 40120
cf-request-id: 0aab291c9f0000dfffdd22f000000001
Last-Modified: Fri, 28 May 2021 01:36:32 GMT
Server: cloudflare
ETag: "60b04920-9cb8"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xTGVVNAmHCs9bRVES4K4zNJ2hgarhFTG7SzlfMgYmTa3qdQCNDujPPdHhnj9nfavbsAKdK2tcCnhZcFQOYI1MJgnc1kKZqR32vJFopeh83G29IjSDwc4jz0mGK46sYooenknHt3Qfls%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/octet-stream
Cache-Control: max-age=14400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
CF-RAY: 65f21140f8f3dfff-FRA

Redirect headers

Location: http://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H/1.1 200
OK apnx_prebid.js Show response
www.travelmiso.com/js/ Frame E6D5 176 KB
56 KB 169ms
169ms Script
application/javascript 203.76.174.123
SG-8-TO-SG 8 to I...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.travelmiso.com/js/apnx_prebid.js
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/bt/300x250-btf.html
Protocol: HTTP/1.1
Server: 203.76.174.123 , Singapore, ASN45470 (SG-8-TO-SG 8 to Infinity Pte Ltd, SG),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: bff83be7565cfae98489d532757ca6117d69ae27dc45695ab34dc1653b3108ec

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Jun 2021 02:41:34 GMT
Server: Microsoft-IIS/10.0
ETag: "0c3f6f5d85cd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 57229

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame E534 61 KB
21 KB 16ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/vls/300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1534e66c0f755f2d4cd2b899a7155bd2fbff98b00a37e940a08822fc87bfb7f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 364 of 1000 / last-modified: 1623449396"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21294
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1B96 61 KB
21 KB 19ms
17ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/yl/300x250-btf.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 526 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H/1.1 200
OK ad-exchange.js Show response
gamma.cachefly.net/js/ Frame AD69 8 KB
3 KB 303ms
45ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: http://gamma.cachefly.net/js/ad-exchange.js
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/gam/300x250.html
Protocol: HTTP/1.1
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 8bc47888d38c629485975fa1e1f57bf5166fd24880bebf2fdaa4ccd190313f47

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Encoding: gzip
X-CF3: H
CF4ttl: 604800.000
X-CF1: 16114:fC.fra2:co:1615366953:cacheN.fra2-01:H
Gamma-CDN: srv_178
Connection: keep-alive
Content-Length: 2563
x-cf-tsc: 1622029705
X-CF2: H
Last-Modified: Wed, 10 Mar 2021 07:30:07 GMT
Server: CFS 0215
X-CFF: B
ETag: W/"6048757f-1eed"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
CF4Age: 47111
Accept-Ranges: bytes
Expires: Tue, 15 Jun 2021 08:07:50 GMT

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 483A 61 KB
21 KB 20ms
17ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/yl/300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 585 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H/1.1 204
No Content t.dhj Show response
pxdrop.lijit.com/1/d/ Frame A95F 0
225 B 2186ms
29ms Script
text/plain 104.111.233.227
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pxdrop.lijit.com/1/d/t.dhj?dmn=nichools.com&GDPR_v2=
Requested by: Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1
Protocol: HTTP/1.1
Server: 104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-227.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:52 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Mon, 14 Jun 2021 08:07:52 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame A95F
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=1512&partner_device_id=e6d1d55497521ebcd973323b&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=e6d1d55497521ebcd973323b&gdpr=1&gdpr_consent=

95 B
415 B

16ms
16ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=e6d1d55497521ebcd973323b&gdpr=1&gdpr_consent=

Requested by

Host: nichools.com
URL: http://nichools.com/async_usersync?i=jvz1bqas4afbza0812345&a=fdd68d248266fd4eefa4158297b65a017&cb=4841661623658069152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Jetty(9.4.36.v20210114) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

Redirect headers

date: Mon, 14 Jun 2021 08:07:52 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=e6d1d55497521ebcd973323b&gdpr=1&gdpr_consent=
alt-svc: clear
content-length: 0

GET pixel
ps.eyeota.net/ Frame A95F 0
0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame A95F
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=e6d1d55497521ebcd973323b/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent=
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=e6d1d55497521ebcd973323b/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=5001&3pid=ad91e9f4930391490cc1eef6ef65029e&gdpr=1&gdpr_consent=

43 B
1 KB

50ms
16ms

Image
image/gif

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=ad91e9f4930391490cc1eef6ef65029e&gdpr=1&gdpr_consent=
Requested by: Host: nichools.com
URL: http://nichools.com/async_usersync?i=jvz1bqas4afbza0812345&a=fdd68d248266fd4eefa4158297b65a017&cb=4841661623658069152
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:52 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:52 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=ad91e9f4930391490cc1eef6ef65029e&gdpr=1&gdpr_consent=
cache-control: no-cache
x-server: 10.45.17.125
content-length: 0
expires: 0

GET
H/1.1 200
OK ct
ap.lijit.com/data/ Frame A95F 43 B
206 B 16ms
16ms Image
image/gif 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/data/ct?tid=a_739868_ad7ad49366ad48929c4d6e620fa75e51&zoneid=739868&cid=18&geo=DE&all_tags=185%2C203%2C205%2C248%2C429%2C458%2C462%2C465%2C490%2C501%2C503%2C512%2C515%2C519%2C520%2C523%2C539%2C541%2C543%2C561%2C563%2C565%2C578%2C589%2C590%2C600&tss=128%2C128%2C129%2C130&fired_tags=519%2C520%2C541%2C590&count=4&status=8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C1%2C8%2C8%2C1%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C32&elapsed_ms=132
Requested by: Host: nichools.com
URL: http://nichools.com/async_usersync?i=jvz1bqas4afbza0812345&a=fdd68d248266fd4eefa4158297b65a017&cb=4841661623658069152
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:50 GMT
Server: nginx
X-Sovrn-Pod: ad_ap6ams1
X-Powered-By: raptor
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/travelmiso300x250gr-r19505065/ Frame F676 72 KB
20 KB 1230ms
204ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/travelmiso300x250gr-r19505065/loader.js
Requested by: Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1
Protocol: HTTP/1.1
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f0ee7153e4635b6c56ebdd0e3eea1463aea8deab28c3a9d4f08cfc28efb6053

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cGc3V8clZgYfenvUKZ4J3yNfonOly8uj
Content-Encoding: gzip
ETag: "f9604526f4bfe19bbc1c0ac371e2b084"
Age: 0
X-Cache: HIT
Connection: keep-alive
Content-Length: 19560
x-amz-id-2: kkrfMjpJvyE+Oh9JUoTg5xRINR35jWO6WU+Pg2Zk5DH8JajgrPDuMEF7q5oM7yyWynGyjq44MBw=
X-Served-By: cache-hhn11558-HHN
Last-Modified: Sun, 13 Jun 2021 09:46:16 GMT
Server: AmazonS3
X-Timer: S1623658072.706559,VS0,VE197
Date: Mon, 14 Jun 2021 08:07:51 GMT
Vary: Accept-Encoding
x-amz-request-id: CK89ANCD7NTCG1XM
Via: 1.1 varnish
Cache-Control: private,max-age=14401
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 89
X-Cache-Hits: 1

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ Frame B964 0
103 B 122ms
31ms Image
text/plain 34.249.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiNjcxZTk2MmMtZjc2MS00ZmMxLWI1MDktNzA3M2JkODg4YTRmIiwiaG9zdG5hbWUiOiJuaWNob29scy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJBREZPUk0ifSx7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX1dfQ%3D%3D&id=671e962c-f761-4fc1-b509-7073bd888a4f&part=0&on=0
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.98.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:50 GMT
Server: nginx

GET
H2 204 /
ads.viralize.tv/track/ Frame F4AD 0
39 B 20ms
20ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd6998a593b5c3a9c3d841%3A0%3ANTQzM4NJLhxQu4hM~wp5sc1%22%2C%22bid_opportunity_id%22%3A%22NTQzM4NJLhxQu4hM~wp5sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd6998a593b5c3a9c3d841%3A0%3ANTQ3N2kIqZELw1g2~wp7sc1%22%2C%22bid_opportunity_id%22%3A%22NTQ3N2kIqZELw1g2~wp7sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd6998a593b5c3a9c3d841%3A0%3ANTM3OGqLtz5uBKJP~wp1sc1%22%2C%22bid_opportunity_id%22%3A%22NTM3OGqLtz5uBKJP~wp1sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd6998a593b5c3a9c3d841%3A0%3ANTQ3N2kIqZELw1g2~wp6sc1%22%2C%22bid_opportunity_id%22%3A%22NTQ3N2kIqZELw1g2~wp6sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd6998a593b5c3a9c3d841%3A0%3ANTQ3N2kIqZELw1g2~wp8sc1%22%2C%22bid_opportunity_id%22%3A%22NTQ3N2kIqZELw1g2~wp8sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd6998a593b5c3a9c3d841%3A0%3ANTQwNyJ6ooeDAV4x~wp4sc1%22%2C%22bid_opportunity_id%22%3A%22NTQwNyJ6ooeDAV4x~wp4sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd6998a593b5c3a9c3d841%3A0%3ANTQwNyJ6ooeDAV4x~wp3sc1%22%2C%22bid_opportunity_id%22%3A%22NTQwNyJ6ooeDAV4x~wp3sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%5D
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 204 /
ads.viralize.tv/track/ Frame F4AD 0
39 B 20ms
19ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd6998a593b5c3a9c3d841%3A0%3ANTQwNyJ6ooeDAV4x~wp2sc1%22%2C%22bid_opportunity_id%22%3A%22NTQwNyJ6ooeDAV4x~wp2sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd6998a593b5c3a9c3d841%3A0%3ANTM2MOQMamNKeb6g~wp0sc1%22%2C%22bid_opportunity_id%22%3A%22NTM2MOQMamNKeb6g~wp0sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%5D
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H/1.1 200
OK ad-exchange.js Show response
gamma.cachefly.net/js/ Frame 059B 8 KB
3 KB 301ms
25ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: http://gamma.cachefly.net/js/ad-exchange.js
Requested by: Host: www.travelmiso.com
URL: http://www.travelmiso.com/acta/friends/inndef_300x250.asp
Protocol: HTTP/1.1
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 8bc47888d38c629485975fa1e1f57bf5166fd24880bebf2fdaa4ccd190313f47

Request headers

Referer: http://www.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Encoding: gzip
X-CF3: H
CF4ttl: 604800.000
X-CF1: 16114:fC.fra2:co:1615366953:cacheN.fra2-01:H
Gamma-CDN: srv_178
Connection: keep-alive
Content-Length: 2563
x-cf-tsc: 1622029705
X-CF2: H
Last-Modified: Wed, 10 Mar 2021 07:30:07 GMT
Server: CFS 0215
X-CFF: B
ETag: W/"6048757f-1eed"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
CF4Age: 47111
Accept-Ranges: bytes
Expires: Tue, 15 Jun 2021 08:07:50 GMT

GET
H/1.1

200
OK

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame A0FC
Redirect Chain

http://ads.aralego.com/sdk
http://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

30ms
30ms

Script
application/octet-stream

2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/ucf/300x250-2.html
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a87fd41597436af0e4160d453d7e8e2b4384edb15d2fdf2058de7c29b31e637

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:51 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 5548
Connection: keep-alive
Content-Length: 40120
cf-request-id: 0aab291de50000dfff22b4f000000001
Last-Modified: Fri, 28 May 2021 01:36:32 GMT
Server: cloudflare
ETag: "60b04920-9cb8"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=w1EzMawBPm4V3UWVmyJbUMCWnbpvMx9BCfX8sXPul5iPxm1dD3R7LozAhitGy3hRBymEQ5V%2B5YAKHj54Ywczk0eGa75%2BoMiIop5YW5%2FG%2FEvjyljm7KnIIuW6IYNJe0hpRWWUOE9xFgc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/octet-stream
Cache-Control: max-age=14400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
CF-RAY: 65f211430dbedfff-FRA

Redirect headers

Location: http://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
DATA 200
OK truncated
/ Frame B4F5 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b27af093161622b107717ce907fe354a0d68c52285e1470548f283b26b69acf9

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK adopJ.js Show response
compass.adop.cc/assets/js/adop/ Frame 556D 3 KB
2 KB 278ms
21ms Script
application/javascript 143.204.98.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://compass.adop.cc/assets/js/adop/adopJ.js?v=14
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/adop/300x250.html
Protocol: HTTP/1.1
Server: 143.204.98.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-61.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 251e9b67408005183aefc63f5b2cdf136bddb8eec9a8080cdc072c6ebc16044f

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:04:27 GMT
Content-Encoding: gzip
Age: 207
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1921
Last-Modified: Tue, 11 May 2021 09:31:17 GMT
Server: nginx
ETag: W/"609a4ee5-d6b"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
Cache-Control: max-age=600
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: Yp9oOB_tyoCjdeFtEzjftBtgiTjFBpVBzoF1auXY2Hm2hUD7_G_acw==
Expires: Mon, 14 Jun 2021 08:14:23 GMT

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0585 61 KB
21 KB 16ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/adsp/300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 242 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H2 204 /
ads.viralize.tv/track/ Frame 5DCB 0
39 B 19ms
18ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd8a08e56dd70fe641fa11%3A0%3ANTQ3NXhJL5pivmX_~wp8sc1%22%2C%22bid_opportunity_id%22%3A%22NTQ3NXhJL5pivmX_~wp8sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd8a08e56dd70fe641fa11%3A0%3ANTQyORfzaWDo5H6H~wp5sc1%22%2C%22bid_opportunity_id%22%3A%22NTQyORfzaWDo5H6H~wp5sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd8a08e56dd70fe641fa11%3A0%3ANTM4NOazVeU25U7P~wp1sc1%22%2C%22bid_opportunity_id%22%3A%22NTM4NOazVeU25U7P~wp1sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd8a08e56dd70fe641fa11%3A0%3ANTQ3NXhJL5pivmX_~wp7sc1%22%2C%22bid_opportunity_id%22%3A%22NTQ3NXhJL5pivmX_~wp7sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd8a08e56dd70fe641fa11%3A0%3ANTQwMhF5fDYzZBha~wp2sc1%22%2C%22bid_opportunity_id%22%3A%22NTQwMhF5fDYzZBha~wp2sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd8a08e56dd70fe641fa11%3A0%3ANTQwMhF5fDYzZBha~wp3sc1%22%2C%22bid_opportunity_id%22%3A%22NTQwMhF5fDYzZBha~wp3sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd8a08e56dd70fe641fa11%3A0%3ANTQwMhF5fDYzZBha~wp4sc1%22%2C%22bid_opportunity_id%22%3A%22NTQwMhF5fDYzZBha~wp4sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%5D
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 204 /
ads.viralize.tv/track/ Frame 5DCB 0
39 B 19ms
18ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd8a08e56dd70fe641fa11%3A0%3ANTM2NmA42SzuJNnK~wp0sc1%22%2C%22bid_opportunity_id%22%3A%22NTM2NmA42SzuJNnK~wp0sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd8a08e56dd70fe641fa11%3A0%3ANTQ3NXhJL5pivmX_~wp6sc1%22%2C%22bid_opportunity_id%22%3A%22NTQ3NXhJL5pivmX_~wp6sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%5D
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BA62 19 B
866 B 45ms
45ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adtrue.com
URL: http://cdn.adtrue.com/pb/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:50 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.49:80
AN-X-Request-Uuid: a154e15c-bfab-4674-ab35-2c295727827c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://nichools.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 483A 318 KB
112 KB 15ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1B96 318 KB
112 KB 15ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame D47C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 15:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 15:49:47 GMT

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B4F5 318 KB
112 KB 16ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H3-29 200 container.html Show response
ace323fbc6b683616a99f0f08b6daf8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 793E 6 KB
3 KB 21ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ace323fbc6b683616a99f0f08b6daf8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ace323fbc6b683616a99f0f08b6daf8b.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 14 Jun 2021 08:07:50 GMT
expires: Tue, 14 Jun 2022 08:07:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 77FF 73 KB
28 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 77FF 10 KB
8 KB 22ms
22ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b6a7343e93ef352bca2f1ccb4af428a86d906957ce7c3142ca4098a3edaa29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7981
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0AF5 107 B
122 B 22ms
19ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0AF5 107 B
122 B 20ms
18ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0AF5 15 KB
7 KB 369ms
368ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2845213270438478&correlator=3172810217748352&output=ldjh&impl=fifs&eid=31061224%2C31061289%2C21068863%2C44744016&vrg=2021060801&ptt=17&sc=0&sfv=1-0-38&ecs=20210614&iu_parts=211003152%2Com_ron_dis_160x600_d_catchall_pp0.1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&eri=4&cust_params=domain%3Dtravelmiso.com%26site_id%3D35808%26publisher_id%3D2633&cookie=ID%3D79a2f6b1aefcf0ef%3AT%3D1623658069%3AS%3DALNI_MZoxHzK7RPU6Cg0jzzgpyfVQnW1Yg&cdm=b.travelmiso.com&bc=23&abxe=1&dt=1623658070838&dlt=1623658070435&idt=384&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=927&adys=533&adks=3266069665&ucis=jh5tn5bcacyx&ifi=1&ifk=2165813388&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=http%3A%2F%2Fb.travelmiso.com%2F&loc=about%3Ablank&top=b.travelmiso.com&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=437680620.1623658071&ga_sid=1623658071&ga_hid=978853136&ga_fc=false&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee25e7eeb8499d12fa1e8cea642d1618835c2209598776345c2744503ed67354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6779
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
900ad9171b4789fb6aabe90cecb3aac7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0AF5 0
0 38ms
13ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://900ad9171b4789fb6aabe90cecb3aac7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E534 318 KB
112 KB 16ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame C764 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame C764 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C764 364 B
191 B 359ms
359ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=141010910105095&correlator=3576587992339554&output=ldjh&impl=fifs&eid=31060784%2C31061278%2C31061413%2C31061142&vrg=2021060901&ptt=17&sc=0&sfv=1-0-38&ecs=20210614&iu_parts=211003152%2Com_ron_dis_300x600_d_catchall_pp0.1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&eri=4&cust_params=domain%3Dtravelmiso.com%26site_id%3D35808%26publisher_id%3D2633&cookie=ID%3D79a2f6b1aefcf0ef%3AT%3D1623658069%3AS%3DALNI_MZoxHzK7RPU6Cg0jzzgpyfVQnW1Yg&cdm=b.travelmiso.com&bc=23&abxe=1&dt=1623658070859&dlt=1623658070372&idt=480&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=1231&adys=533&adks=1576936405&ucis=j84hslqi1nyh&ifi=1&ifk=2165813388&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=http%3A%2F%2Fb.travelmiso.com%2F&loc=about%3Ablank&top=b.travelmiso.com&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1907362002.1623658071&ga_sid=1623658071&ga_hid=2028965035&ga_fc=false&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5eb062a5b58045c40019f2c13b47ea5d3651ce4e54cedc5920024f9fbcbbc53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
604b84c9c67a9a09464fca3227900ad1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C764 0
0 32ms
14ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://604b84c9c67a9a09464fca3227900ad1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame A4B5 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 15:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 15:49:47 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 461 B
1 KB 180ms
180ms Script
text/javascript 119.81.192.141
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: http://as.innity.com/synd/?cb=1623658070864&ver=1&pub=9188905e74c28e489b44e954ec0b9bca&zone=89377&output=js&flash=0&url=b.travelmiso.com&width=*&height=*&vpw=1600&vph=1200&auction=e776974-a3903f3
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol: HTTP/1.1
Server: 119.81.192.141 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 8d.c0.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: bc3f5bd37566f24846d301e072a8d8fc26d59cefa46680dd16d66e9d67498278

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jun 2021 08:07:50 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Type: text/javascript; charset=utf-8
Content-Length: 296
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK passback.js Show response
cdn.adtrue.com/rtb/ Frame F93B 753 B
912 B 18ms
18ms Script
application/x-javascript 2606:4700:10::ac43:607
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.adtrue.com/rtb/passback.js
Requested by: Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1
Protocol: HTTP/1.1
Server: 2606:4700:10::ac43:607 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 28 Oct 2020 03:26:52 GMT
Server: cloudflare
Age: 4626378
ETag: W/"5f98e4fc-2f1"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f2113efc5b4eaa-FRA
cf-request-id: 0aab291b5800004eaad7905000000001
Expires: Sat, 16 Apr 2022 19:01:32 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 77FF 17 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H/1.1 200
OK /
optimize.innity.com/ 43 B
452 B 172ms
171ms Image
image/gif 119.81.3.35
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://optimize.innity.com/?pubid=244&zoneid=87319&cb=1623658070907
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 119.81.3.35 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 23.03.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:50 GMT
Last-Modified: Mon, 14 Jun 2021 08:07:50 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0585 318 KB
112 KB 22ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:50 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 483A 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 483A 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 483A 7 KB
4 KB 204ms
204ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3012122230113830&correlator=2947917128924160&output=ldjh&impl=fif&eid=31061278%2C31061290%2C31061361&vrg=2021060801&ptt=17&sc=0&sfv=1-0-38&ecs=20210614&iu_parts=53015287%2Ctravelmiso.com_d_300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie=ID%3D79a2f6b1aefcf0ef%3AT%3D1623658069%3AS%3DALNI_MZoxHzK7RPU6Cg0jzzgpyfVQnW1Yg&cdm=b.travelmiso.com&bc=23&abxe=1&lmt=1594654829&dt=1623658070932&dlt=1623658070475&idt=445&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=923&adys=265&adks=882287229&ucis=f8ln3s42jy85&ifi=1&ifk=3400364530&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=http%3A%2F%2Fb.travelmiso.com%2Fads%2Fyl%2F300x250.html&ref=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&top=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x0&ga_vid=677029298.1623658071&ga_sid=1623658071&ga_hid=1050596917&ga_fc=false&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4978ace63d2ce2a15231b2670f85b867355a8961fbbfa469a4b719918294be0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3902
x-xss-protection: 0
google-lineitem-id: 5064520045
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138322598764
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
bac3b5d97b007b25224cd197816d29e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 483A 0
0 41ms
14ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bac3b5d97b007b25224cd197816d29e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1B96 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1B96 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1B96 7 KB
4 KB 188ms
188ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3361641550234498&correlator=992912223111716&output=ldjh&impl=fif&eid=31061019%2C31061143&vrg=2021060801&ptt=17&sc=0&sfv=1-0-38&ecs=20210614&iu_parts=53015287%2Ctravelmiso.com_d_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie=ID%3D79a2f6b1aefcf0ef%3AT%3D1623658069%3AS%3DALNI_MZoxHzK7RPU6Cg0jzzgpyfVQnW1Yg&cdm=b.travelmiso.com&bc=23&abxe=1&lmt=1594654829&dt=1623658070947&dlt=1623658070466&idt=473&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=619&adys=265&adks=1866056204&ucis=5zz6llt7zcj4&ifi=1&ifk=4190388977&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=http%3A%2F%2Fb.travelmiso.com%2Fads%2Fyl%2F300x250-btf.html&ref=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&top=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x0&ga_vid=539431211.1623658071&ga_sid=1623658071&ga_hid=877327615&ga_fc=false&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b81c2d4758bed1b8c20b3d0d3cbf8601735ca2bbf3a2480b90841a94356a78d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3897
x-xss-protection: 0
google-lineitem-id: 5089889175
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138322591312
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
95bc523acecf1542a2b84e9dfeccab8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1B96 0
0 40ms
14ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://95bc523acecf1542a2b84e9dfeccab8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
ads.viralize.tv/t-bid-opportunity/ Frame F4AD 0
83 B 30ms
30ms XHR
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/t-bid-opportunity/?t=badn&zid=AADSIf6-RvqhS2yK&sid=01ebcce79bdd6998a593b5c3a9c3d841&u=http%3A%2F%2Fb.travelmiso.com%2F&item=NTU1OPkpEx5nemgF.9.wp9sc1
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: http://b.travelmiso.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame B4F5 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame B4F5 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B4F5 33 KB
12 KB 53ms
53ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3117270916098045&correlator=3472582741203020&output=ldjh&impl=fif&eid=31061160&vrg=2021060801&ptt=17&sc=0&sfv=1-0-38&ecs=20210614&iu_parts=21710144538%2CGAM-GDPR-ADX-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C336x280%7C360x300%7C300x250&cookie=ID%3D79a2f6b1aefcf0ef%3AT%3D1623658069%3AS%3DALNI_MZoxHzK7RPU6Cg0jzzgpyfVQnW1Yg&cdm=b.travelmiso.com&bc=23&abxe=1&lmt=1623658070&dt=1623658070977&dlt=1623658070609&idt=361&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=923&adys=11&adks=2297083023&ucis=d1erqsc8ly19&ifi=1&ifk=2088145492&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=http%3A%2F%2Fb.travelmiso.com%2Fads%2Fstr%2F300x250.html&top=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=1357210546.1623658071&ga_sid=1623658071&ga_hid=1505107547&ga_fc=false&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4806e5331fe32230230ce6fe4d0d50950f553fd7f9e1bdd026cd216d83a573e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12564
x-xss-protection: 0
google-lineitem-id: 5625994501
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138340387250
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
07c85aa029238e9a2eeb3dc1f846d5a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B4F5 0
0 73ms
17ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://07c85aa029238e9a2eeb3dc1f846d5a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK passback Show response
exchange.adtrue.com/tag/ Frame F93B 296 B
588 B 188ms
188ms Script
application/javascript 52.34.145.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://exchange.adtrue.com/tag/passback?adtrue_pzoneid=19020&divid=257651889&ref=undefined
Requested by: Host: cdn.adtrue.com
URL: http://cdn.adtrue.com/rtb/passback.js
Protocol: HTTP/1.1
Server: 52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-145-6.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 02a5518875d045157cd5d6d44e20f74dee4c80d0a1135a17fd942049b91c6685

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:51 GMT
Server: nginx
Connection: keep-alive
Content-Length: 296
Content-Type: application/javascript

GET
H2 200 / Show response
ads.viralize.tv/t-bid-opportunity/ Frame 5DCB 0
83 B 17ms
16ms XHR
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/t-bid-opportunity/?t=badn&zid=AAC96NRlexLe0QQQ&sid=01ebcce79bdd8a08e56dd70fe641fa11&u=http%3A%2F%2Fb.travelmiso.com%2F&item=NTU2MNTbtGao6pCO.9.wp9sc1
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: http://b.travelmiso.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame E534 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame E534 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E534 13 KB
7 KB 688ms
687ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4073378915195881&correlator=2075665416393189&output=ldjh&impl=fifs&eid=31061278%2C31061412%2C31061149&vrg=2021060801&ptt=17&sc=0&sfv=1-0-38&ecs=20210614&iu_parts=152344380%2Cca-pub-8804303781641925-tag%2Ctravelmiso.com_300X250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie=ID%3D79a2f6b1aefcf0ef%3AT%3D1623658069%3AS%3DALNI_MZoxHzK7RPU6Cg0jzzgpyfVQnW1Yg&cdm=b.travelmiso.com&bc=23&abxe=1&lmt=1594654823&dt=1623658071034&dlt=1623658070464&idt=544&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=315&adys=265&adks=2714596404&ucis=1dcwv66sjy50&ifi=1&ifk=3526672771&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=http%3A%2F%2Fb.travelmiso.com%2Fads%2Fvls%2F300x250.html&ref=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&top=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=1399337741.1623658071&ga_sid=1623658071&ga_hid=456014245&ga_fc=false&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ef778f2567949c5b78ab8f3fa379056a6f9fa56be26fd0a9f3a3e9a39be44a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6733
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E534 0
0 37ms
21ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/ Frame F7D0 10 KB
2 KB 13ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/index.html

Requested by

Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037fff012afcaa31b35f8010b843ef12c0544fd176245447cf68ebefc4b70102

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/2228424404972485280/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ace323fbc6b683616a99f0f08b6daf8b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ace323fbc6b683616a99f0f08b6daf8b.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1943
date: Sat, 12 Jun 2021 22:05:25 GMT
expires: Sun, 12 Jun 2022 22:05:25 GMT
last-modified: Thu, 30 Mar 2017 09:34:48 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 122546
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7BDC 0
0 21ms
19ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ChmdtVg7HYPm3FsPt-gaUrJLIC4P84M5iw_v4hPENlL-1q64BEAEgyoatJ2CV-vCBjAegAcu-tbsDyAEJqQIdHakeRw-SPuACAKgDAcgDCKoE9wFP0HWQJ-cNb24XpFUqClNWDDr3JQCn__MCJF1VOsWNEabHXcDWDr6B_X7az8NFtioGPX_4whNBZ-LUnid0QcXsIaVB6cxuAo3B6LXXGHYKyzXIHtHX1T090AKDjAa0Q-AxjfNhEeZtniGhzVa_VMtZaYxokGl5Awvdqxnu3ktE57imrXla3VgjckZ8p9_dQ3lDaoNgQ0zAWlobCY7UGo7xl4-q5petsN3JULf88QBgkwBFpI-oQBLcqyYaB9L6mxPvRtQlhUfEA0dy4aR4iB48S7CJH8RCUOulwFOcjMHzaq6yAoxb9d2KKbLpDTgWM3YWoA9iiAcqwASFoP7eWOAEAZIFBAgEGAGSBQQIBRgEoAYugAedwcpEqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEPjyDdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNTc0Mjc0MTU0NTExNjg5NoAKA8gLAdgTAtAVAYAXAbIXGgoYCAASFHB1Yi05MDIxMzg3ODkwNzMxNDI4&sigh=SWEMER8WOS8&template_id=419
Requested by: Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://ace323fbc6b683616a99f0f08b6daf8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 7BDC 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ace323fbc6b683616a99f0f08b6daf8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 08:02:13 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 7BDC 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ace323fbc6b683616a99f0f08b6daf8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 08:04:36 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7BDC 122 KB
37 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ace323fbc6b683616a99f0f08b6daf8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 7BDC 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ace323fbc6b683616a99f0f08b6daf8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:02:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 08:02:30 GMT

GET
H/1.1 200
OK / Show response
tag.gammaplatform.com/adx/request/ Frame AD69 3 KB
3 KB 362ms
344ms Script
application/x-javascript 54.255.154.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.gammaplatform.com/adx/request/?wid=1567569789&zid=1567570933&urf=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&zt=&cb=070457/
Requested by: Host: gamma.cachefly.net
URL: http://gamma.cachefly.net/js/ad-exchange.js
Protocol: HTTP/1.1
Server: 54.255.154.87 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-255-154-87.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 4ef3ab4b6d94e7a40924e333f97fbfedc8f9c9a0f1ea2b6f29e1e3436f82fe10

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/x-javascript
server-time: 1.1(DD).2(B).2(W).2(CB).2
x-server: AdEx-App126
access-control-allow-credentials: true
x-robots-tag: noindex
transfer-encoding: chunked

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6CE3 0
0 39ms
36ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssW3F8ecoN41P5ZHi3EJFIYp_TXbJOzM9W-JyH-V8wU5tLMjJkFf3DEXsPW6zVm1TGcIcGhF9R7J2WJ2Kv57Wnpe0vZ-KG8u2DokybbxMjkTYeH-uOkxis5kEBXxNBSpLZnzGMa-GuVTGiMeSN8sJ7d9krWyu6bygD_EwbZUhBm8rWOzkeKLZFXRDUGrTOXiGNp52cOxUXoqqSfr8mR7DR6-SjUwnPZhFuE5Jgc8EmTvt3hJGTYHDaNYMp-GOnrcASNntc1vRqrlnOaJ4XImSpyyA1n_Lz7Y8CV8Hjtl3rBPkjqKAo6VbxaYQc&sig=Cg0ArKJSzA6xbqZO8c3MEAE&adurl=

Requested by

Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 6CE3 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 08:02:13 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 6CE3 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 08:04:36 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6CE3 122 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H3-29 200 5165969620167402730
tpc.googlesyndication.com/simgad/ Frame 6CE3 8 KB
8 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5165969620167402730

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437a944207b3710f33a5ccd0afc47993219e69b7b5309a928049511e04b49cd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 08:33:33 GMT
x-content-type-options: nosniff
age: 171258
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8048
x-xss-protection: 0
last-modified: Fri, 22 Jan 2021 08:57:32 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:33:33 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B4F5 73 KB
28 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame BC5C 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 14 Jun 2021 07:44:49 GMT
expires: Tue, 14 Jun 2022 07:44:49 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1382
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7A6B 783 B
533 B 16ms
15ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

da4c55d5abb9523d61f9dcc9f9b7e0a50deae23826c4b5e4700faee9a7f8c357

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FLT4FTRqnJKMDRxhv557oA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

expires: Mon, 14 Jun 2021 08:07:51 GMT
date: Mon, 14 Jun 2021 08:07:51 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-FLT4FTRqnJKMDRxhv557oA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK / Show response
tag.gammaplatform.com/adx/request/ Frame 059B 3 KB
3 KB 357ms
343ms Script
application/x-javascript 54.255.154.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.gammaplatform.com/adx/request/?wid=1567569789&zid=1567570933&urf=http%3A%2F%2Fb.travelmiso.com%2F&zt=&cb=531702/
Requested by: Host: gamma.cachefly.net
URL: http://gamma.cachefly.net/js/ad-exchange.js
Protocol: HTTP/1.1
Server: 54.255.154.87 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-255-154-87.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 2ce009b3512f661dfefcc4a05c8a93fc5b306c4aafd5123c427919d6827a52e6

Request headers

Referer: http://www.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/x-javascript
server-time: 1.1(DD).1(B).1(W).1(CB).2
x-server: AdEx-App126
access-control-allow-credentials: true
x-robots-tag: noindex
transfer-encoding: chunked

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0585 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0585 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0585 7 KB
4 KB 49ms
48ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2505662907223103&correlator=1450280368274019&output=ldjh&impl=fif&eid=31060784%2C31061019&vrg=2021060801&ptt=17&sc=0&sfv=1-0-38&ecs=20210614&iu_parts=21673142571%2C113__travelmiso.com__default__300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie=ID%3D79a2f6b1aefcf0ef%3AT%3D1623658069%3AS%3DALNI_MZoxHzK7RPU6Cg0jzzgpyfVQnW1Yg&cdm=b.travelmiso.com&bc=23&abxe=1&lmt=1613399997&dt=1623658071207&dlt=1623658070600&idt=601&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=619&adys=519&adks=2246383180&ucis=x8kvqi884d69&ifi=1&ifk=1961491143&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=http%3A%2F%2Fb.travelmiso.com%2Fads%2Fadsp%2F300x250.html&ref=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&top=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x0&ga_vid=502040957.1623658071&ga_sid=1623658071&ga_hid=587912004&ga_fc=false&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53a2e264a57d8824be10e606472aa36835121f3c09b939ee2c28e4be9b15b0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3883
x-xss-protection: 0
google-lineitem-id: 5624503837
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138340232162
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a975d44e242651280ff74898190a2f37.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0585 0
0 44ms
13ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a975d44e242651280ff74898190a2f37.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F017 0
0 20ms
19ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9RfLPFDvmy8njhCE973_D52fPEOnx-bh8nBvNJxkJ5Yiq4NSWpvYXQXkcKOuJ9p06llSBXeL6vA6XlWXt0BS27erPjZU01dSfl-dwZR-eBRf2KdzB_JxVd6T5Iq6IkY2aXaDtuAXw7V17snO36qX05yYeYsxrzEQkK7qyD_ZNE2pOxC-8LAOXWVOcubg4rqlVgrKiu12r_rLRxwO1uWWPU0T3m8kznUSZ8uZypPNhcAX0R-gXsrw4nv--txm-OC6D-v89HEJmFIA8N6fXEpFZ8dUv0NT9SaoMacFuxQhjvhA3HVU6kuabbAg2NmFavYU&sig=Cg0ArKJSzJNjyDBT3llfEAE&urlfix=1&adurl=

Requested by

Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame F017 61 KB
21 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 907 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F017 122 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B96 73 KB
28 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1B96 10 KB
8 KB 27ms
26ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fc2a26ebbb5f44e03f871a333f9781dc56240e37f4a38fa826e4376148a9433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8111
x-xss-protection: 0

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6275 0
0 19ms
18ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkNSX9PjuDLj2rU4le_LDfAzFPjay6vc1rez71LOWZP7krC7lRS_bVydKYJS3oFnW2akoD85u4dL-jn3sh5nFZwb9HOdW8cTz5Z8y0T3_E4ynvYROd-qpK4Y0HHBdX9qT1V1RTGbhDHp4w1IQ598-41OgIrTlyeD1v1uGnUoUI0V4-VrC3qn-t-p46FDL_ItxEJbnW6_7K6P1xpBBxGT3Q-UfMziVVelcR7eiixudB73_w3pE9hiSehHxRRRKqCj5dWfhPPG5uZJdkuA62L_mpb4loh_4mscU_8I1SZtuebJwoCQ_sWwKLoGVRFoJzWGI&sig=Cg0ArKJSzMCIJrfi-GZNEAE&urlfix=1&adurl=

Requested by

Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 6275 61 KB
21 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4f0ecf2a3868791a4ac6cc6d19209cde90bb201fc0500ae4b678074ba19f71c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 37 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21288
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6275 122 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 483A 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 483A 10 KB
8 KB 19ms
19ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8337080c83672edd045c5cf1486f93e9dd9974c7bbfb036a38d8f38b1f9cf8cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7962
x-xss-protection: 0

GET
H/1.1

200
OK

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

http://ads.aralego.com/sdk
http://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

40ms
33ms

Script
application/octet-stream

2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a87fd41597436af0e4160d453d7e8e2b4384edb15d2fdf2058de7c29b31e637

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:53 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 5550
Connection: keep-alive
Content-Length: 40120
cf-request-id: 0aab29269a00004abddca52000000001
Last-Modified: Fri, 28 May 2021 01:36:32 GMT
Server: cloudflare
ETag: "60b04920-9cb8"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GfMONZDJLZRT33n7xTdTVMjjOl0lglsZDUhxfeZc5nMDgY1QIiCi%2F23WARygvxhNXS0Y0BiMsLTquqobhHdo6FebyhOxIbxc55ENDMepxErFbSyeArYxA8N6IUeLtdg9wLDohryc%2Boo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/octet-stream
Cache-Control: max-age=14400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
CF-RAY: 65f21150fc304abd-FRA

Redirect headers

Location: http://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 807 B
1 KB 180ms
179ms Script
text/javascript 119.81.192.141
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: http://as.innity.com/synd/?cb=1623658071233&ver=1&pub=9188905e74c28e489b44e954ec0b9bca&zone=87315&output=js&flash=0&url=b.travelmiso.com&width=728&height=90&vpw=1600&vph=1200&auction=e776974-a3903f3
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol: HTTP/1.1
Server: 119.81.192.141 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 8d.c0.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 2434f3fbadd96060a49f5e5e9a7f0de5c74f6f66cca89f8c156398c0e14a55cf

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jun 2021 08:07:51 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Type: text/javascript; charset=utf-8
Content-Length: 453
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET f9358c97-5614-4a21-8133-fd2cce2c76ee
compass.adop.cc/RE/ Frame 3961 0
0

GET
H3-29 200 container.html Show response
900ad9171b4789fb6aabe90cecb3aac7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6AE3 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://900ad9171b4789fb6aabe90cecb3aac7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 900ad9171b4789fb6aabe90cecb3aac7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 14 Jun 2021 08:07:50 GMT
expires: Tue, 14 Jun 2022 08:07:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
ads.viralize.tv/t-bid-done/ Frame F4AD 0
83 B 20ms
20ms XHR
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/t-bid-done/?t=badn&item=NTU1OPkpEx5nemgF&sc=wp9sc1&u=http%3A%2F%2Fb.travelmiso.com%2F&zid=AADSIf6-RvqhS2yK&sid=01ebcce79bdd6998a593b5c3a9c3d841&l=gpt&as=google&ct=&cpm=0.1
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: http://b.travelmiso.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0AF5 73 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0AF5 10 KB
8 KB 19ms
19ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c53e156f74bca50035b240df1fe8497ae1d2fbb96d937bcff851be54dd9b01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C764 10 KB
8 KB 19ms
18ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15e38c39c85248de80b304763a3c42dcdc6df8ee4c097aaff55422ed0c8becb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7811
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B3D4 143 B
245 B 6ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: ace323fbc6b683616a99f0f08b6daf8b.safeframe.googlesyndication.com
URL: https://ace323fbc6b683616a99f0f08b6daf8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ace323fbc6b683616a99f0f08b6daf8b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlUwbfld26-xWEnDmnGt3ZrWeJ_B1utNZnOEA8tuqq3VrlW-WR8RHiwFEJrJaU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ace323fbc6b683616a99f0f08b6daf8b.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 14 Jun 2021 07:51:12 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F702 19 B
871 B 49ms
48ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.travelmiso.com
URL: http://www.travelmiso.com/js/apnx_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:51 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.154:80
AN-X-Request-Uuid: 7147070e-0e3a-43f3-800f-11a40c7d738b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://b.travelmiso.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E6D5 19 B
871 B 28ms
28ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.travelmiso.com
URL: http://www.travelmiso.com/js/apnx_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:51 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.102:80
AN-X-Request-Uuid: 0331d016-4182-49e1-a6da-068864d12af4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://b.travelmiso.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 adtrue.travelmiso.com.975429.js Show response
jsc.mgid.com/a/d/ Frame F93B 0
522 B 77ms
34ms Script
text/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/a/d/adtrue.travelmiso.com.975429.js
Requested by: Host: exchange.adtrue.com
URL: http://exchange.adtrue.com/tag/passback?adtrue_pzoneid=19020&divid=257651889&ref=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
cf-cache-status: HIT
age: 4980
cf-ray: 65f21141fc75084b-CDG
last-modified: Thu, 28 Jan 2021 17:16:02 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
x-amz-id-2: uRdhG5UHRnY98gQbQCloCHwo78Duz8eJwG+wdNVPu6PMnQy4f5InVjrTbSh7qY7pK1+N9eAn6Z8=
cf-bgj: minify
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: AZ2AZ43B9MXMQGNC
cache-control: public, max-age=10800
cf-request-id: 0aab291d3c0000084b9023a000000001
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 14 Jun 2021 11:07:51 GMT

GET
H/1.1 200
OK /
optimize.innity.com/ 43 B
452 B 411ms
411ms Image
image/gif 119.81.3.35
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://optimize.innity.com/?pubid=244&zoneid=89377&cb=1623658071304
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 119.81.3.35 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 23.03.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:51 GMT
Last-Modified: Mon, 14 Jun 2021 08:07:51 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
1 KB 22ms
22ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: http://ads.aralego.com/sdk
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 7097
Cf-Polished: origSize=1191
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0aab291d0c0000dfffe9ad7000000001
Last-Modified: Fri, 16 Mar 2018 07:19:46 GMT
Server: cloudflare
ETag: W/"5aab7012-4a7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JLdySQWiyZERsZNbEMrZkZSVbJ%2BngMKCAMhKaScqC33oI0H%2Bt5mWq79uogibfQOO9wD9L9F8wzn%2FsmezOUL9r7%2FXRpcY%2BNsdhNgWQ27d3kljgEVSmCLkL79BQK10xBXXzxqH6BCMfyU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Access-Control-Allow-Credentials: true
CF-RAY: 65f21141aae9dfff-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
493 B 586ms
102ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?
Requested by: Host: ads.aralego.com
URL: http://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Falls Church, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 543968ad89b6ab2c57522dcc8d17bda9405637cac9c97e4686ace4156d422615

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: http://b.travelmiso.com
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 1 KB
1 KB 626ms
154ms XHR
text/html 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=b.travelmiso.com&u=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&xr=0&adid=ad-2737989E46EA329AF8AD8BAE88E73D2A&w=970&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.7377109894578506&euconsent-v2=%24%7BGDPR_CONSENT_607%7D
Requested by: Host: ads.aralego.com
URL: http://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: dc9ccdcc7815ae04e6554daefaf5d11678dbd757b31ca89abf2101c7ba723d53

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:51 GMT
X-Width: 970
X-Height: 250
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: http://b.travelmiso.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Access-Control-Allow-Credentials: true
X-Adtype: html
Connection: close
Content-Encoding: gzip
Transfer-Encoding: chunked
X-AdStyle: banner

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 1 KB
1 KB 2057ms
161ms XHR
text/html 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=b.travelmiso.com&u=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&xr=0&adid=ad-8A296626DD227AEDFB79A483A68EB8E2&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.7066900309312585&euconsent-v2=%24%7BGDPR_CONSENT_607%7D
Requested by: Host: ads.aralego.com
URL: http://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 8ceff14966c7ee8e15d37f8ca0f3b0b24db4cbf94595b8b6ee35f28e27d0a8a1

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:53 GMT
X-Width: 728
X-Height: 90
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: http://b.travelmiso.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Access-Control-Allow-Credentials: true
X-Adtype: html
Connection: close
Content-Encoding: gzip
Transfer-Encoding: chunked
X-AdStyle: banner

GET
DATA 200
OK truncated
/ Frame 7BDC 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef2ad5d9f24229e8b9dc4c67fc91bab3933c639dc3e328787b3941b41e551c9e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6CE3 0
0 19ms
18ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiyjcPM7SvVzLnk6l4TGgE8rAtIrNxwEHgKkRnjucnYPxPz2z723s5w5E7kEPDXCoYo9ydG0hzggaW8VZcXG1-E8XHeneLm04_i22uDmzhzpadOMZgQuJHqUKN_lfwGpvrrhV0f0VJBNc3O6_FwrB1xgyLSFa-3R4Eo59MHjbld13sXQMrNpXiXprdB_a3h9AAZSV_viF7tBYEqrCzEw7WJUDseK4frV0AwQ8amIqIe4uYw2uTRIwLRT-r3Ld_m8_qCklxAUEEO7Gm_PR2J4_yLWl0EUlmI96nY_fuReqOAAP_pIWvDIu4ykhLcg&sig=Cg0ArKJSzF9x9vpJYf95EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
DATA 200
OK truncated
/ Frame 6CE3 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 115058445a3eb3ff957f9129ad85e18de0d44d9bba6c5080d9502e65b51ae813

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1B96 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 483A 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 753F 0
0 18ms
18ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstc322m99xZOTE336kvR9kr-Kvwl3smJfpG8JQOqjWYkTsVbDngfPsrvQ4_PFVi-RS7rDYbtMWyYLwlpG79NBfCsEue0cwGcvTHW8qYMa6cPzA1cg1syMOOg6_NlRGTAfenYleelL_ioCMsErS-JibLj4vCf-_iT6mLyTHm2dlavg002x7uq7YZqUVb1dM_1XA8m6SVQveQsFeQWruiMgubY29M9G3iL0U-41ilijl_XoekG06_KGEWdtA8ElSRMvXMP2MJpDqtGmpMZGxg6jRx6m93oS07AoMvptNWw2oCkCHmmx8wr_4MYjZt5WuRTkSf3R0NJDy21lr-R4mg&sig=Cg0ArKJSzO6enxSa9iGtEAE&urlfix=1&adurl=

Requested by

Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

fp Show response
ap.lijit.com/www/delivery/ Frame 753F
Redirect Chain

http://ap.lijit.com/www/delivery/fp?z=861814
https://ap.lijit.com/www/delivery/fp?z=861814

87 KB
20 KB

27ms
26ms

Script
text/javascript

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/delivery/fp?z=861814
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/adsp/300x250.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: bf7c9484fdc988e2ee44d62563d76afcd64cd75e1c9aae4c2fd195d9ba4fe649

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:51 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"60468da9-15bdc"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap6ams1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Location: https://ap.lijit.com/www/delivery/fp?z=861814
Content-length: 0

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 753F 122 KB
37 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0585 73 KB
28 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0AF5 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C764 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H2 204 /
ads.viralize.tv/track/ Frame F4AD 0
39 B 22ms
20ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ebcce79bdd6998a593b5c3a9c3d841%3A0%3ANTU1OPkpEx5nemgF~wp9sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_selected%22%7D%5D
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 204 /
ads.viralize.tv/track/ Frame 5DCB 0
39 B 19ms
18ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd8a08e56dd70fe641fa11%3A0%3ANTU2MNTbtGao6pCO~wp9sc1%22%2C%22bid_opportunity_id%22%3A%22NTU2MNTbtGao6pCO~wp9sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%5D
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F017 318 KB
112 KB 15ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 6275 318 KB
112 KB 16ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H/1.1 200
OK ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 3313 975 B
1 KB 24ms
23ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: http://ads.aralego.com/sdk
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 7097
Cf-Polished: origSize=1191
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0aab291d990000dfff1d867000000001
Last-Modified: Fri, 16 Mar 2018 07:19:46 GMT
Server: cloudflare
ETag: W/"5aab7012-4a7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7j4fM1YFT4e6nmJrW9VQU%2FqQmuDtX5tGVsMrXyc0dsv4oRJ6mjU%2B7HJys2UduaeRLs8Q8bHFaMANgUHlZaASzAPBSYiRIH2MZJdJ1gCfoIRmlinXhEej6qTarJ6ftNyO4Vaqq%2BhnKWA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Access-Control-Allow-Credentials: true
CF-RAY: 65f211428ccddfff-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame 3313 46 B
493 B 541ms
114ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?
Requested by: Host: ads.aralego.com
URL: http://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Falls Church, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 543968ad89b6ab2c57522dcc8d17bda9405637cac9c97e4686ace4156d422615

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: http://b.travelmiso.com
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 3313 1 KB
1 KB 7752ms
164ms XHR
text/html 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=b.travelmiso.com&u=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&xr=0&adid=ad-47B773A8369E2ADDC396364BDBB384D&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.3811582709426169&ao=http%3A%2F%2Fb.travelmiso.com
Requested by: Host: ads.aralego.com
URL: http://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 83bf8dc0ed879407ce40e70684ab4aec37b7aef16b78a1690b8996463a512dee

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:59 GMT
X-Width: 300
X-Height: 250
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: http://b.travelmiso.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Access-Control-Allow-Credentials: true
X-Adtype: html
Connection: close
Content-Encoding: gzip
Transfer-Encoding: chunked
X-AdStyle: banner

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame F7D0 9 KB
3 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 14:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 14 Jun 2021 14:40:25 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F7D0 26 KB
10 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:06:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82860
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 14 Jun 2021 09:06:51 GMT

GET
H3-29 200 index.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/css/ Frame F7D0 3 KB
835 B 7ms
6ms Stylesheet
text/css 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/css/index.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68dd0a726c01518e90dffbc6e56e993e69087e137e51ea8cafecd6668b9a673c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 122545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-resource-policy: cross-origin
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 806
x-xss-protection: 0
last-modified: Thu, 30 Mar 2017 09:34:48 GMT
server: sffe
date: Sat, 12 Jun 2021 22:05:26 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 22:05:26 GMT

GET
H3-29 200 EmbedCanvas.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/js/ Frame F7D0 129 KB
26 KB 10ms
9ms Script
application/x-javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/js/EmbedCanvas.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96afeb94e0aa542906ca69c8b24eea2b645e732f0198228c8beff366b00e3295

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 122545
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26872
x-xss-protection: 0
last-modified: Thu, 30 Mar 2017 09:34:48 GMT
server: sffe
date: Sat, 12 Jun 2021 22:05:26 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 22:05:26 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B4F5 0
0 18ms
18ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiLpGtYJ3Rjyj61-0m0hlWKHeC8hpBPDGjHxilhQUl2psEGQ_LJZVurhasxoUnM86lt47VmaskNJZlAXNFn8VtV3Te4iTv_MkJHfGwZiZsOhG3EXjLaMt0xHgQ7ygmloSEgi2K2TpIMves9LE5QV2b-e9YKLKl3-cSgbJ6H7g62Fjg0kjWUemZZoC-28pXOvTf3sG9_bh_k_r52zWMEZCinC7YRL9JuuQxiA-FmJEh9lMbr3zrE8GRwmgkqJrzcSsUrueODFS-i8yaZWQ2gsqQnPAomejCVUaWQn8yTKoReQzjDz6HH5DxfBuN1N9PyQEaDUTUVVkIRYXkr2xgWqmvw3LDdbIocDQEtw&sig=Cg0ArKJSzEC3pkNQo7Z-EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B4F5 11 KB
8 KB 20ms
20ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a82aa5792944b0ac5ebe4df0442c48d34ee335d9133790c052cc8f7d01f3deec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8415
x-xss-protection: 0

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9B02 10 KB
8 KB 19ms
18ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c654d9e1d76eaacb14975fb5f158d37e87c4d63e04315e33bc438f788beeb13e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7814
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B71A 42 B
64 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_tvSpp0tmekZLEnLjqYBAlKSgIsos6jklDGplHj4cntSYZA4IInC5TeffQ5fBRpe3wKSk7iR0oXljQeE0Y_uOyN-udobivn8OzoGeMmQ&sig=Cg0ArKJSzJ5givxwfAvQEAE&id=lidar2&mcvt=1106&p=0,0,250,300&mtos=1106,1106,1106,1106,1106&tos=1106,0,0,0,0&v=20210611&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2590938559&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1623658069886&dlt=0&rpt=456&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK proxy_245519.js Show response
media.innity.net/adnetwork/house/pub_244/ 2 KB
1 KB 19ms
18ms Script
application/javascript 104.111.224.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://media.innity.net/adnetwork/house/pub_244/proxy_245519.js?ord=[timestamp]
Requested by: Host: cdn.innity.net
URL: http://cdn.innity.net/global.js
Protocol: HTTP/1.1
Server: 104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-224-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9463970f54f61dbfb8d8c98776041ae86e009e6101fc13952bda5a98b1bc0edc

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 14 Jun 2021 08:07:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 09:13:58 GMT
Server: Apache
ETag: "95e-5a56fe22c72c9-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 988
Expires: Mon, 14 Jun 2021 08:37:51 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B4F5 17 KB
6 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9B02 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame F017 107 B
122 B 16ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame F017 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F017 7 KB
4 KB 437ms
437ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=270750834586226&correlator=2764905530831344&output=ldjh&impl=fif&eid=31061143&vrg=2021060801&ptt=17&sc=0&sfv=1-0-38&ecs=20210614&iu_parts=53015287%2Ctravelmiso.com_d_300x250_2a&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie=ID%3D79a2f6b1aefcf0ef%3AT%3D1623658069%3AS%3DALNI_MZoxHzK7RPU6Cg0jzzgpyfVQnW1Yg&cdm=b.travelmiso.com&bc=23&abxe=1&lmt=1623658071&dt=1623658071689&dlt=1623658071213&idt=375&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=619&adys=265&adks=722326227&ucis=xml9kbx9q5e9&ifi=1&ifk=3551825510&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=http%3A%2F%2Fb.travelmiso.com%2Fads%2Fyl%2F300x250-btf.html&top=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=93547791.1623658072&ga_sid=1623658072&ga_hid=24616695&ga_fc=false&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa498cf6e87c4cb678ee0b00646676139a212cbeb5533c37b3520507a6be093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3896
x-xss-protection: 0
google-lineitem-id: 5089888533
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138322600219
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
88258e3907a40f32184cba85deb769ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F017 0
0 48ms
13ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://88258e3907a40f32184cba85deb769ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame F017 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c774a5f4e6e4f5fee925eb39e567a4300303a79b379ecd9c307f9acd41a4964b

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 21FC 0
0 19ms
18ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CU8O9Vg7HYImTNZue7_UP54S48AKQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4NTU1MjgyMDMzNDU4oAHCrujdA8gBCakCfsYep6lQtD7gAgCoAwGqBPsBT9C43mIr6w8v0b0rcQEPNiQq4ribNYWq6uxXftWtAOaFBtI-gb0OIAS6J1XLswb5y75_zhxb209IDGmCKnFAr6AE8AoJuybz4YYUQotibqiLZO0Yp0gv8BPlEAuficaZXLdeAIPvWb1dwnsipQsO4kJbAxTDyDMYAJDkZpkL4jniVPrcFW6qA5TklOQAbuXpeHJW2HAmP0HRqQxfMfrFr47ltaBSY_JF9oBZvuXBgoU9zLTYXbOWtqWOgwzcSDeW6pTqDvV34-jI0pRzffytOTND0Mvut0FHixQef8LJNAdigW-OFXHl6bKNcqukGvH9KlR7C8zqOss3gCrgBAGABv6UqZKnj8n4_gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLECqAeKnLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNjA0MTczNjczNjIxMjU5M4AKA_oLAggBgAwB0BUBgBcBshcYChYSFHB1Yi03NTM4NTU1MjgyMDMzNDU4&sigh=38rQnyZRcJQ
Requested by: Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://900ad9171b4789fb6aabe90cecb3aac7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 21FC 0
0 34ms
15ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gv27p5x135ewxn94vn85bdq6k24a1mz4g9x4k8vqb9m2ajjntwxxne3zrm8j31ykr0sspd127fw7c0jke7mnr5g3jda3vcn6ywj76g2d8jhvzxbnahst9rwnmwrq7a08as8g3k9y596hax2be6w20b1q471z2gefkh15b373d4p0yf14bdreqqtjc5x41x066mk9rg58pcg299wme9yqsks8mtxcchrejzp8vjcxcq494erzfvhzmgaj5z3sjqe91qfgrm60q8wp82yj1w1eg010nf5ak5kvw5as9t62492hq4pytn04fhynvp7vwjmjj9mt5ks0sz45q9f59s5ssz60p9mfzrr6ge1zvfj9an37559zebgt1gj8kf0g0b3dctnx1yc&b=YMcOVgANSYkIu88bAA4CZ7eLBjQ9df5dDyUNXQ
Requested by: Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://900ad9171b4789fb6aabe90cecb3aac7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Jun 2021 08:07:51 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame CE53 2 KB
2 KB 50ms
29ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1jdxebtrge6tfkgak9az0g4vby831prcj5dhbvhjr0rd6hpkt9fapse2nb1m9p1g86qjkt1yka2ektqfp2523371vwe6fzfb0eeesf12z6ztejwbw4gjgbzgsd7ax40mxag0fm3q8k1ex5fxjtk85azfw5c7azrzdh339d6b05p5tf4h1k6xxhhev45c8cpsrf3t59yjbgztvgjy6nhb9ypagj749jp75654a7k1d6zrzzgrdgsw1wev02qk4ascddj0g31fvj9d5bcsttqwv698tttag3cdzs9a709yesbmmczve4wbaf2rfb2fd0kbhp5pg9eq4ck24b1fa5akt5fz4xsptvygzjrfx91f9s7ttfyw4sqt7rv6k0t96&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfwJYVg7HYImTNZue7_UP54S48AKQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4NTU1MjgyMDMzNDU4oAHCrujdA8gBCakCfsYep6lQtD7gAgCoAwGqBP4BT9C43mIr6w8v0b0rcQEPNiQq4ribNYWq6uxXftWtAOaFBtI-gb0OIAS6J1XLswb5y75_zhxb209IDGmCKnFAr6AE8AoJuybz4YYUQotibqiLZO0Yp0gv8BPlEAuficaZXLdeAIPvWb1dwnsipQsO4kJbAxTDyDMYAJDkZpkL4jniVPrcFW6qA5TklOQAbuXpeHJW2HAmP0HRqQxfMfrFr47ltaBSY_JF9oBZvuXBgoU9zLTYXbOWtqWOgwzcSDeW6pTqDvV34-jI0pRzffytOTND0Mvut0FHixQef8LJNAdigW-OFXHl6bLPcKY2zSR6apz8Q1owc1nFuT58gF_gBAGABv6UqZKnj8n4_gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLECqAeKnLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNjA0MTczNjczNjIxMjU5M_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0bLc6SrNi_hgcOKB9GWljWgcHf_g%26client%3Dca-pub-7538555282033458%26adurl%3D

Requested by

Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90350c023a34849d37a7c8591f7f1fa1d36d948e3c54ba132169b53614652c6a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1jdxebtrge6tfkgak9az0g4vby831prcj5dhbvhjr0rd6hpkt9fapse2nb1m9p1g86qjkt1yka2ektqfp2523371vwe6fzfb0eeesf12z6ztejwbw4gjgbzgsd7ax40mxag0fm3q8k1ex5fxjtk85azfw5c7azrzdh339d6b05p5tf4h1k6xxhhev45c8cpsrf3t59yjbgztvgjy6nhb9ypagj749jp75654a7k1d6zrzzgrdgsw1wev02qk4ascddj0g31fvj9d5bcsttqwv698tttag3cdzs9a709yesbmmczve4wbaf2rfb2fd0kbhp5pg9eq4ck24b1fa5akt5fz4xsptvygzjrfx91f9s7ttfyw4sqt7rv6k0t96&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfwJYVg7HYImTNZue7_UP54S48AKQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4NTU1MjgyMDMzNDU4oAHCrujdA8gBCakCfsYep6lQtD7gAgCoAwGqBP4BT9C43mIr6w8v0b0rcQEPNiQq4ribNYWq6uxXftWtAOaFBtI-gb0OIAS6J1XLswb5y75_zhxb209IDGmCKnFAr6AE8AoJuybz4YYUQotibqiLZO0Yp0gv8BPlEAuficaZXLdeAIPvWb1dwnsipQsO4kJbAxTDyDMYAJDkZpkL4jniVPrcFW6qA5TklOQAbuXpeHJW2HAmP0HRqQxfMfrFr47ltaBSY_JF9oBZvuXBgoU9zLTYXbOWtqWOgwzcSDeW6pTqDvV34-jI0pRzffytOTND0Mvut0FHixQef8LJNAdigW-OFXHl6bLPcKY2zSR6apz8Q1owc1nFuT58gF_gBAGABv6UqZKnj8n4_gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLECqAeKnLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNjA0MTczNjczNjIxMjU5M_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0bLc6SrNi_hgcOKB9GWljWgcHf_g%26client%3Dca-pub-7538555282033458%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://900ad9171b4789fb6aabe90cecb3aac7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://900ad9171b4789fb6aabe90cecb3aac7.safeframe.googlesyndication.com/

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0aab291ecf000016f2580b1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65f21144785916f2-FRA
content-encoding: br

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 21FC 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://900ad9171b4789fb6aabe90cecb3aac7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 08:04:36 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3FF2 1 KB
749 B 8ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://900ad9171b4789fb6aabe90cecb3aac7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://900ad9171b4789fb6aabe90cecb3aac7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 13 Jun 2021 09:02:58 GMT
expires: Mon, 14 Jun 2021 09:02:58 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 83093
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 21FC 122 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://900ad9171b4789fb6aabe90cecb3aac7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 21FC 13 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://900ad9171b4789fb6aabe90cecb3aac7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:02:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 08:02:30 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 21FC 0
0 15ms
13ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSuzfcby4yD-lopfdKG3aupdHsaiPqoKeryTvKXHj9x5OBEbnmHhBzwYt9Gmbh4CsvPhN2O6c6XTo40vCmjcW7s99DL2A
Requested by: Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://900ad9171b4789fb6aabe90cecb3aac7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 21FC 22 KB
7 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://900ad9171b4789fb6aabe90cecb3aac7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165676
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 10:06:35 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 8AE7 12 KB
5 KB 9ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 14 Jun 2021 07:44:49 GMT
expires: Tue, 14 Jun 2022 07:44:49 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1382
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A0EA 783 B
533 B 18ms
15ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b16e7fa753e224bbc406d01fb29b705279ae871d8cbf9096594181010ea9ad90

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VmmkmouNk9JuLwUB9fX3Zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

expires: Mon, 14 Jun 2021 08:07:51 GMT
date: Mon, 14 Jun 2021 08:07:51 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-VmmkmouNk9JuLwUB9fX3Zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 6275 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6275 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6275 12 KB
6 KB 176ms
175ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=504940153901225&correlator=2045988664364768&output=ldjh&impl=fif&eid=31061040%2C31061289%2C31061357%2C21064371%2C21068030&vrg=2021060801&ptt=17&sc=0&sfv=1-0-38&ecs=20210614&iu_parts=53015287%2Ctravelmiso.com_d_300x250_1a&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie=ID%3D79a2f6b1aefcf0ef%3AT%3D1623658069%3AS%3DALNI_MZoxHzK7RPU6Cg0jzzgpyfVQnW1Yg&cdm=b.travelmiso.com&bc=23&abxe=1&lmt=1623658071&dt=1623658071758&dlt=1623658071221&idt=527&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=923&adys=265&adks=2309991019&ucis=fsgzflnk6su8&ifi=1&ifk=1150393722&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=http%3A%2F%2Fb.travelmiso.com%2Fads%2Fyl%2F300x250.html&top=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=1743142145.1623658072&ga_sid=1623658072&ga_hid=2127655050&ga_fc=false&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d391b9ca69a31fd2268ec15276a3195a6c2e98be585bf9880bd55b0e650f40fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6154
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6275 0
0 50ms
14ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 6275 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54e79aa3b2f299d6ef8319a3fd1c0529767fc9e3603398ec1743ab0a7fbe74a4

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 7514 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 14 Jun 2021 07:44:49 GMT
expires: Tue, 14 Jun 2022 07:44:49 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1382
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B2A3 783 B
532 B 16ms
16ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

90ef7311ab6237bfc8340a80bec0ff6e839bbeb7a5bc8271a1b88f61b5c2d4c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1P2JrsNa4hX9M9ijB2lt6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

expires: Mon, 14 Jun 2021 08:07:51 GMT
date: Mon, 14 Jun 2021 08:07:51 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-1P2JrsNa4hX9M9ijB2lt6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 3444 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 14 Jun 2021 07:44:49 GMT
expires: Tue, 14 Jun 2022 07:44:49 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1382
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E410 783 B
532 B 17ms
17ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

27d2f5ba78d96f6265cad0ee3cd4c02c8e1af5b70f1373f74819e58a6bd97654

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NEFq4o3umo3KvS+Q0MSzUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Mon, 14 Jun 2021 08:07:51 GMT
date: Mon, 14 Jun 2021 08:07:51 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-NEFq4o3umo3KvS+Q0MSzUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame C19A 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 14 Jun 2021 07:44:49 GMT
expires: Tue, 14 Jun 2022 07:44:49 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1382
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E74A 783 B
532 B 18ms
18ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9bf06cacd159e2404224ff03437c99e7eedcbb4c011334b49880b42b6c65f2f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P50jfh0WxSwOkIaiT1yb1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Mon, 14 Jun 2021 08:07:51 GMT
date: Mon, 14 Jun 2021 08:07:51 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-P50jfh0WxSwOkIaiT1yb1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 03bd7f7edf615438d8c7076244791ced.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/images/ Frame F7D0 15 KB
15 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/images/03bd7f7edf615438d8c7076244791ced.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

362881fda270f621775893d7f7769fe837d4d6787aad64d5f4d9dc701edc61f7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 166848
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15247
x-xss-protection: 0
last-modified: Thu, 30 Mar 2017 09:34:48 GMT
server: sffe
date: Sat, 12 Jun 2021 09:47:03 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 09:47:03 GMT

GET
H3-29 200 0e7ae2690e1e9cbb8183e1815658f705.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/images/ Frame F7D0 1 KB
1 KB 11ms
8ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/images/0e7ae2690e1e9cbb8183e1815658f705.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b342361406ea76e4dfbf332f8157574a1e553665d796023c53da45bb19bb187d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 186518
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1351
x-xss-protection: 0
last-modified: Thu, 30 Mar 2017 09:34:48 GMT
server: sffe
date: Sat, 12 Jun 2021 04:19:13 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 04:19:13 GMT

GET
H3-29 200 d26d0330a574fdc713c887b212c8b859.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/images/ Frame F7D0 2 KB
2 KB 11ms
8ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/images/d26d0330a574fdc713c887b212c8b859.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aed6632107b994e16b45209cf996b6e3ed073dfeb8fdc24659fa2843b8820b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 122545
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2440
x-xss-protection: 0
last-modified: Thu, 30 Mar 2017 09:34:48 GMT
server: sffe
date: Sat, 12 Jun 2021 22:05:26 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 22:05:26 GMT

GET
H3-29 200 2496635c071a5e646194a6076f6ed283.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/images/ Frame F7D0 605 B
636 B 13ms
10ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/images/2496635c071a5e646194a6076f6ed283.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc445d9b23052c1f426a57834bba3b49669aa06499589c6f33eaabf922595cf1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 180667
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 605
x-xss-protection: 0
last-modified: Thu, 30 Mar 2017 09:34:48 GMT
server: sffe
date: Sat, 12 Jun 2021 05:56:44 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:56:44 GMT

GET
H3-29 200 8cbfd619df52820292884ea8e3d05a0c.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/images/ Frame F7D0 1021 B
1 KB 13ms
10ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/images/8cbfd619df52820292884ea8e3d05a0c.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe67a28612469478474dd3714add7decb8efb402f2c2cc4cac54a5ea2d74b58f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 180072
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1021
x-xss-protection: 0
last-modified: Thu, 30 Mar 2017 09:34:48 GMT
server: sffe
date: Sat, 12 Jun 2021 06:06:39 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 06:06:39 GMT

GET
H3-29 200 9b97924cb1f112259d49005e500e45fb.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/images/ Frame F7D0 2 KB
2 KB 12ms
10ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/images/9b97924cb1f112259d49005e500e45fb.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18a6d7381c4d18405fb9366f91285c9544ce7437df89c84e17716e4a6909172a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 176679
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1824
x-xss-protection: 0
last-modified: Thu, 30 Mar 2017 09:34:48 GMT
server: sffe
date: Sat, 12 Jun 2021 07:03:12 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:03:12 GMT

GET
H3-29 200 9941496f05ef7fe6b9aaeb2b4449346f.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/images/ Frame F7D0 1 KB
1 KB 11ms
9ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/images/9941496f05ef7fe6b9aaeb2b4449346f.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbc9370b084c02425fc46aeaa05b777efc01547bfaae54d844d5ed8f8be6be68

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 122545
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1184
x-xss-protection: 0
last-modified: Thu, 30 Mar 2017 09:34:48 GMT
server: sffe
date: Sat, 12 Jun 2021 22:05:26 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 22:05:26 GMT

GET
H3-29 200 5181ec026d98dd93d4562ea2c1b48d89.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/images/ Frame F7D0 642 B
672 B 10ms
9ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/images/5181ec026d98dd93d4562ea2c1b48d89.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2228424404972485280/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ed7e49d4623d8eeae66f31af9c2006689fe21ef4888a2332de1865558a3470e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 183736
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 642
x-xss-protection: 0
last-modified: Thu, 30 Mar 2017 09:34:48 GMT
server: sffe
date: Sat, 12 Jun 2021 05:05:35 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:05:35 GMT

GET
H/1.1 200
OK gmdef_300x250.asp Show response
www.travelmiso.com/acta/friends/ Frame 53F0 373 B
604 B 176ms
172ms Document
text/html 203.76.174.123
SG-8-TO-SG 8 to I...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.travelmiso.com/acta/friends/gmdef_300x250.asp
Requested by: Host: tag.gammaplatform.com
URL: http://tag.gammaplatform.com/adx/request/?wid=1567569789&zid=1567570933&urf=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&zt=&cb=070457/
Protocol: HTTP/1.1
Server: 203.76.174.123 , Singapore, ASN45470 (SG-8-TO-SG 8 to Infinity Pte Ltd, SG),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 513ac9644a583953b23a95939cc9301e2fb85785911525cb1425808932477b70

Request headers

Host: www.travelmiso.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ASPSESSIONIDQCSSCCAC=KCCFPFDDFMBOBIFGACPAKFEH; __gads=ID=79a2f6b1aefcf0ef:T=1623658069:S=ALNI_MZoxHzK7RPU6Cg0jzzgpyfVQnW1Yg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Cache-Control: private
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Length: 403

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame AFF5 8 KB
3 KB 312ms
19ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D
Requested by: Host: tag.gammaplatform.com
URL: http://tag.gammaplatform.com/adx/request/?wid=1567569789&zid=1567570933&urf=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&zt=&cb=070457/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=110542
expires: Tue, 15 Jun 2021 14:50:14 GMT
date: Mon, 14 Jun 2021 08:07:52 GMT
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame CECB 8 KB
3 KB 312ms
21ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159249&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D53%26uid%3D
Requested by: Host: tag.gammaplatform.com
URL: http://tag.gammaplatform.com/adx/request/?wid=1567569789&zid=1567570933&urf=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&zt=&cb=070457/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=159249&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D53%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=110542
expires: Tue, 15 Jun 2021 14:50:14 GMT
date: Mon, 14 Jun 2021 08:07:52 GMT
vary: Accept-Encoding

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ Frame AD69 2 KB
1 KB 7352ms
48ms Script
application/javascript 104.16.200.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=83432313f553532313f5435393&cid=954&p=1505449937&s=http://travelmiso.com/&x=gammassp&nci=&adtg=1567570933&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=1567569789&di=&mm=&os=&ua=&lat=&lon=
Requested by: Host: tag.gammaplatform.com
URL: http://tag.gammaplatform.com/adx/request/?wid=1567569789&zid=1567570933&urf=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&zt=&cb=070457/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Jun 2021 15:09:31 GMT
server: cloudflare
age: 7019
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 65f21172a962ee79-CDG
content-length: 1146
cf-request-id: 0aab293baa0000ee799d810000000001
expires: Mon, 14 Jun 2021 10:07:59 GMT

GET
H/1.1

200
OK

recv
cm.gammaplatform.com/adx/ Frame AD69
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ambient-digital&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ambient-digital&ttd_tpi=1
https://cm.gammaplatform.com/adx/recv?pid=5&uid=83d60638-2dbc-4bd6-b11a-4844dbf331b7

43 B
576 B

533ms
176ms

Image
image/gif

52.220.229.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.gammaplatform.com/adx/recv?pid=5&uid=83d60638-2dbc-4bd6-b11a-4844dbf331b7

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/gam/300x250.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.220.229.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

lws: 224
date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
time-ms: 0
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-encoding: utf-8
content-length: 51

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:52 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.gammaplatform.com/adx/recv?pid=5&uid=83d60638-2dbc-4bd6-b11a-4844dbf331b7
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 199

GET
H2

200

sync
x.bidswitch.net/ Frame AD69
Redirect Chain

https://x.bidswitch.net/sync?ssp=ambient
https://x.bidswitch.net/ul_cb/sync?ssp=ambient
https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=ambient&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=ambient&gdpr=1&user_id=Pl2QjjgIxtglX5CLOVTejWlVwYElX5LbOV8Qa3W0

43 B
146 B

377ms
15ms

Image
image/gif

35.156.245.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=ambient&gdpr=1&user_id=Pl2QjjgIxtglX5CLOVTejWlVwYElX5LbOV8Qa3W0
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/gam/300x250.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.245.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-245-144.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:56 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=ambient&gdpr=1&user_id=Pl2QjjgIxtglX5CLOVTejWlVwYElX5LbOV8Qa3W0
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

recv
cm.gammaplatform.com/adx/ Frame AD69
Redirect Chain

https://gocm.c.appier.net/ambient
https://cm.gammaplatform.com/adx/recv?pid=10&uid=6GbCktOPCiui0H3CWQ7HYA

43 B
285 B

642ms
174ms

Image
image/gif

52.220.229.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.gammaplatform.com/adx/recv?pid=10&uid=6GbCktOPCiui0H3CWQ7HYA

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/gam/300x250.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.220.229.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

lws: 38
date: Mon, 14 Jun 2021 08:07:54 GMT
content-encoding: gzip
time-ms: 0
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-encoding: utf-8
content-length: 51

Redirect headers

location: https://cm.gammaplatform.com/adx/recv?pid=10&uid=6GbCktOPCiui0H3CWQ7HYA
date: Mon, 14 Jun 2021 08:07:53 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 98
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET send
cm.ambientdsp.com/cm/ Frame AD69 0
0

GET send
cm.gammadsp.com/cm/ Frame AD69 0
0

GET
H2

200

tpid=z3bp11tpmppv
bcp.crwdcntrl.net/5/ct=y/c=13633/tp=GMMA/ Frame AD69
Redirect Chain

https://bcp.crwdcntrl.net/5/c=13633/tp=GMMA/tpid=z3bp11tpmppv
https://bcp.crwdcntrl.net/5/ct=y/c=13633/tp=GMMA/tpid=z3bp11tpmppv

49 B
799 B

67ms
66ms

Image
image/gif

54.194.226.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=13633/tp=GMMA/tpid=z3bp11tpmppv
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/gam/300x250.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:52 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.10.197
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:51 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=13633/tp=GMMA/tpid=z3bp11tpmppv
cache-control: no-cache
x-server: 10.45.2.79
content-length: 0
expires: 0

GET

sync
d.gammaplatform.com/ltm/ Frame AD69
Redirect Chain

https://ad.crwdcntrl.net/5/c=13633/pe=y?https%3A%2F%2Fd.gammaplatform.com%2Fltm%2Fsync%3Fsegs%3D%24%7Baud_ids%7D
https://d.gammaplatform.com/ltm/sync?segs=

0
0

GET
H/1.1 200
OK adcfg Show response
ap.lijit.com/ Frame 753F 159 B
550 B 16ms
16ms Script
application/x-javascript 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/adcfg?zoneid=861814&tid=44088d2479894e73b702e2520e87c1b669faf500&mode=0&dmn=b.travelmiso.com
Requested by: Host: ap.lijit.com
URL: http://ap.lijit.com/www/delivery/fp?z=861814
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: f9d60f1303876440192c2fed55bc170f4face3818b4109c7ebee322bae9aea2d

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:51 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 146

GET
DATA 200
OK truncated
/ Frame 753F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a09e10fb19178dce1303dd1aad6a75be94847ae5dcd07b9394742f4fac2bf079

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK gmdef_300x250.asp Show response
www.travelmiso.com/acta/friends/ Frame 19C4 373 B
604 B 168ms
168ms Document
text/html 203.76.174.123
SG-8-TO-SG 8 to I...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.travelmiso.com/acta/friends/gmdef_300x250.asp
Requested by: Host: tag.gammaplatform.com
URL: http://tag.gammaplatform.com/adx/request/?wid=1567569789&zid=1567570933&urf=http%3A%2F%2Fb.travelmiso.com%2F&zt=&cb=531702/
Protocol: HTTP/1.1
Server: 203.76.174.123 , Singapore, ASN45470 (SG-8-TO-SG 8 to Infinity Pte Ltd, SG),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 513ac9644a583953b23a95939cc9301e2fb85785911525cb1425808932477b70

Request headers

Host: www.travelmiso.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.travelmiso.com/acta/friends/inndef_300x250.asp
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: _a3rd1567570933=0-9; ASPSESSIONIDQCSSCCAC=KCCFPFDDFMBOBIFGACPAKFEH; __gads=ID=79a2f6b1aefcf0ef:T=1623658069:S=ALNI_MZoxHzK7RPU6Cg0jzzgpyfVQnW1Yg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.travelmiso.com/acta/friends/inndef_300x250.asp

Response headers

Cache-Control: private
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Length: 403

GET
H/1.1

200
OK

recv
cm.gammaplatform.com/adx/ Frame 059B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ambient-digital&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ambient-digital&ttd_tpi=1
https://cm.gammaplatform.com/adx/recv?pid=5&uid=83d60638-2dbc-4bd6-b11a-4844dbf331b7

43 B
575 B

709ms
175ms

Image
image/gif

52.220.229.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.gammaplatform.com/adx/recv?pid=5&uid=83d60638-2dbc-4bd6-b11a-4844dbf331b7

Requested by

Host: www.travelmiso.com
URL: http://www.travelmiso.com/acta/friends/inndef_300x250.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.220.229.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://www.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

lws: 38
date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
time-ms: 0
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-encoding: utf-8
content-length: 51

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:52 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.gammaplatform.com/adx/recv?pid=5&uid=83d60638-2dbc-4bd6-b11a-4844dbf331b7
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 199

GET

adxcm.aspx
inv-nets.admixer.net/ Frame 059B
Redirect Chain

https://x.bidswitch.net/sync?ssp=ambient
https://x.bidswitch.net/ul_cb/sync?ssp=ambient
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dambient%26bsw_param%...

0
0

GET
H/1.1

200
OK

recv
cm.gammaplatform.com/adx/ Frame 059B
Redirect Chain

https://gocm.c.appier.net/ambient
https://cm.gammaplatform.com/adx/recv?pid=10&uid=YdgTINPuB9GSMhzpWQ7HYA

43 B
286 B

818ms
175ms

Image
image/gif

52.220.229.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.gammaplatform.com/adx/recv?pid=10&uid=YdgTINPuB9GSMhzpWQ7HYA

Requested by

Host: www.travelmiso.com
URL: http://www.travelmiso.com/acta/friends/inndef_300x250.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.220.229.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://www.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

lws: 224
date: Mon, 14 Jun 2021 08:07:54 GMT
content-encoding: gzip
time-ms: 0
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-encoding: utf-8
content-length: 51

Redirect headers

location: https://cm.gammaplatform.com/adx/recv?pid=10&uid=YdgTINPuB9GSMhzpWQ7HYA
date: Mon, 14 Jun 2021 08:07:53 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 98
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET send
cm.ambientdsp.com/cm/ Frame 059B 0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame DB14 8 KB
3 KB 252ms
19ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D
Requested by: Host: tag.gammaplatform.com
URL: http://tag.gammaplatform.com/adx/request/?wid=1567569789&zid=1567570933&urf=http%3A%2F%2Fb.travelmiso.com%2F&zt=&cb=531702/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.travelmiso.com/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=110542
expires: Tue, 15 Jun 2021 14:50:14 GMT
date: Mon, 14 Jun 2021 08:07:52 GMT
vary: Accept-Encoding

GET send
cm.gammadsp.com/cm/ Frame 059B 0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame FE10 8 KB
3 KB 255ms
23ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159249&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D53%26uid%3D
Requested by: Host: tag.gammaplatform.com
URL: http://tag.gammaplatform.com/adx/request/?wid=1567569789&zid=1567570933&urf=http%3A%2F%2Fb.travelmiso.com%2F&zt=&cb=531702/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=159249&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D53%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.travelmiso.com/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=110542
expires: Tue, 15 Jun 2021 14:50:14 GMT
date: Mon, 14 Jun 2021 08:07:52 GMT
vary: Accept-Encoding

GET

sync
d.gammaplatform.com/ltm/ Frame 059B
Redirect Chain

https://ad.crwdcntrl.net/5/c=13633/pe=y?https%3A%2F%2Fd.gammaplatform.com%2Fltm%2Fsync%3Fsegs%3D%24%7Baud_ids%7D
https://d.gammaplatform.com/ltm/sync?segs=

0
0

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ Frame 059B 2 KB
1 KB 7292ms
48ms Script
application/javascript 104.16.200.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=83432313f553532313f5435393&cid=954&p=1505449937&s=http://travelmiso.com/&x=gammassp&nci=&adtg=1567570933&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=1567569789&di=&mm=&os=&ua=&lat=&lon=
Requested by: Host: tag.gammaplatform.com
URL: http://tag.gammaplatform.com/adx/request/?wid=1567569789&zid=1567570933&urf=http%3A%2F%2Fb.travelmiso.com%2F&zt=&cb=531702/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer: http://www.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Jun 2021 15:09:31 GMT
server: cloudflare
age: 7019
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 65f21172a965ee79-CDG
content-length: 1146
cf-request-id: 0aab293baa0000ee798a852000000001
expires: Mon, 14 Jun 2021 10:07:59 GMT

GET
H2

200

tpid=ijrbzs0kecv7
bcp.crwdcntrl.net/5/ct=y/c=13633/tp=GMMA/ Frame 059B
Redirect Chain

https://bcp.crwdcntrl.net/5/c=13633/tp=GMMA/tpid=ijrbzs0kecv7
https://bcp.crwdcntrl.net/5/ct=y/c=13633/tp=GMMA/tpid=ijrbzs0kecv7

49 B
798 B

116ms
115ms

Image
image/gif

54.194.226.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=13633/tp=GMMA/tpid=ijrbzs0kecv7
Requested by: Host: www.travelmiso.com
URL: http://www.travelmiso.com/acta/friends/inndef_300x250.asp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: http://www.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:52 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.24.62
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:51 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=13633/tp=GMMA/tpid=ijrbzs0kecv7
cache-control: no-cache
x-server: 10.45.11.30
content-length: 0
expires: 0

GET
H3-29 200 container.html Show response
fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E89E 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 14 Jun 2021 08:07:51 GMT
expires: Tue, 14 Jun 2022 08:07:51 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame E534 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:51 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E534 10 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

492f522f57be1f8e7acd3a76dd68715d8cc2c34a4cda7774b881b87ca26ac938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7937
x-xss-protection: 0

GET
H/1.1 200
OK inndef_728x90.asp Show response
www.travelmiso.com/acta/friends/ Frame DC08 3 B
323 B 218ms
172ms Document
text/html 203.76.174.123
SG-8-TO-SG 8 to I...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.travelmiso.com/acta/friends/inndef_728x90.asp
Requested by: Host: media.innity.net
URL: http://media.innity.net/adnetwork/house/pub_244/proxy_245519.js?ord=[timestamp]
Protocol: HTTP/1.1
Server: 203.76.174.123 , Singapore, ASN45470 (SG-8-TO-SG 8 to Infinity Pte Ltd, SG),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e0dc0ad7ac4bba718029e4937736aa9610cf977cd2dd0c3bd468036e4e4f5fe4

Request headers

Host: www.travelmiso.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: _a3rd1567570933=0-9; ASPSESSIONIDQCSSCCAC=KCCFPFDDFMBOBIFGACPAKFEH; __gads=ID=79a2f6b1aefcf0ef:T=1623658069:S=ALNI_MZoxHzK7RPU6Cg0jzzgpyfVQnW1Yg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Cache-Control: private
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Length: 122

GET
H2

200

prebid.js Show response
hb.adpone.com/ Frame DC9F
Redirect Chain

http://hb.adpone.com/prebid.js
https://hb.adpone.com/prebid.js

327 KB
94 KB

47ms
46ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid.js
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80ba016670fbff044c837f7a834165b168c368ab2de6ca75f5ebb34b9ee3be2f

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 32
content-type: application/javascript
x-amz-request-id: JD1K3TXXH20KB13N
x-amz-id-2: 6ZYQ/Eh6NlLvioTFOd07rgaIjcD7uVb4CY7nMmtbPY02jStkKtCLEd9zfZMy6pAAD9RlcGxVUo8=
last-modified: Thu, 08 Oct 2020 08:58:50 GMT
server: cloudflare
etag: W/"3f9f2be0df40c2f61ef943e7de1ea106"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SQA71gcmd%2Bnz2X%2BUsyKmp%2FDefTeOckLuCLYQOM%2BeXIQyANzTxtVlnQHkhYSIQfZuIkYYymdvctiAvb2zRAWZkrXn6wS4AJWHxYUDdZllkkMWt8gzgKwIf3lP1JJ5ytVoZ40yVyKE"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: rBVPesXy_KxlMhmQGZiGrffT5fqVdJJ6
cache-control: max-age=14400
cf-request-id: 0aab29200d00001f4d16311000000001
cf-ray: 65f211467da11f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:51 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BXUsWMFiLCtQ0u9uVArzJ4wb1Cba9E2Ysdw4VVeyN8WlKBI3QM4%2FRpdmRVD9qb5suL6VngYUivBXgBkN4Gi6y02wvqoI2JODqR7xgQOxG7EZn8YamVmsbsYdNlfOrGzd7xz5tVWN"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f21145baeb1772-FRA
cf-request-id: 0aab291f97000017720f32e000000001
Expires: Mon, 14 Jun 2021 09:07:51 GMT

GET
H/1.1 200
OK ucfad-formats.css
cdn.aralego.net/css/dev/ Frame A0FC 975 B
1 KB 14ms
13ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: http://ads.aralego.com/sdk
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 7097
Cf-Polished: origSize=1191
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0aab291f9f0000dfffd4916000000001
Last-Modified: Fri, 16 Mar 2018 07:19:46 GMT
Server: cloudflare
ETag: W/"5aab7012-4a7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xFcdKa%2FGll4%2FENmPMuMCiQ9ss41XcdvV3gp1JDDapDjA4t%2FHBsiniZ6TlnRHIlA9pE1JHT4XKIIodlo63OO50jT%2BiFdNpAvDSndkryTPvmoqrlZ6w0%2FBmDz3NRWrbH7L7fv1QgFqfyU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Access-Control-Allow-Credentials: true
CF-RAY: 65f21145cb97dfff-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame A0FC 46 B
493 B 435ms
113ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?
Requested by: Host: ads.aralego.com
URL: http://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Falls Church, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 543968ad89b6ab2c57522dcc8d17bda9405637cac9c97e4686ace4156d422615

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: http://b.travelmiso.com
access-control-allow-credentials: true
connection: close
content-length: 46

GET ad_request
ads.aralego.com/ Frame A0FC 0
0

GET
H2 200 cht_cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame C216 807 B
864 B 30ms
14ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: http://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678

Request headers

:method: GET
:authority: cdn.aralego.net
:scheme: https
:path: /ucfad/cookie/cht_cookieSyncIframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-type: text/html
last-modified: Tue, 11 Aug 2020 08:15:02 GMT
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 6898
cf-request-id: 0aab291fd200002b89bc039000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cNV5I3qE2MoH1KXzBc5SPuyYr3UM845gPAlMTG7cEO0bYDlT%2FminECCIWP3Fn2fxeWIiUh4VTVRp9q2nn6onTCDkiNgEavABsFZ0R7jW8TDhYGxiYFJK%2BXlSwHrNptcQx0Jb3IJET8A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 65f211461e642b89-FRA
content-encoding: br

GET
H/1.1 200
OK idsync
sync.aralego.com/ 35 B
266 B 888ms
111ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Falls Church, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
connection: close
content-length: 35
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 21FC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7081d414f999a99dfe85ff051be57227991903212b368a59367bb27d2c763d8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E534 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:52 GMT

GET
H3-29 200 container.html Show response
d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F309 6 KB
3 KB 25ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 14 Jun 2021 08:07:51 GMT
expires: Tue, 14 Jun 2022 08:07:51 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6275 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:52 GMT

GET
H2 200 production_flurryTag.html Show response
cdn.aralego.net/ucfad/mobile/ Frame 3D1F 10 KB
2 KB 13ms
12ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/mobile/production_flurryTag.html?adid=d3ba746a-82fb-4032-b01e-ccb4c304c69a&width=970&height=250&click=
Requested by: Host: ads.aralego.com
URL: http://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9bbf2c828c70be6c37d14a29e850719276d371dd384d968c62c63a1f6e8ba2a

Request headers

:method: GET
:authority: cdn.aralego.net
:scheme: https
:path: /ucfad/mobile/production_flurryTag.html?adid=d3ba746a-82fb-4032-b01e-ccb4c304c69a&width=970&height=250&click=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-type: text/html
last-modified: Tue, 27 Apr 2021 04:01:41 GMT
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 1221
cf-request-id: 0aab291ffe00002b89e9872000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AjT10kn7DjM62FsfFjnABiS8nX6oyGuGOXJ7NF6gSi9R%2F5AbKTkE2%2F%2F6wD0rPaY9qzYoX2OCjBkrCvA4YThcF23CVX1%2Fpveo6vfONOQdiB%2F%2BVC3JJhdlZ%2FADpT5lgcpB7jyV2494pZQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 65f211466f082b89-FRA
content-encoding: br

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 93CB 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 14 Jun 2021 07:44:49 GMT
expires: Tue, 14 Jun 2022 07:44:49 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1383
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1897 783 B
530 B 15ms
15ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a644b5c26cd642141f715708a93046ac7602f80908e7c9983d16be28a7456258

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Z3hvAyBq+2/+tLLfwjcevg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

expires: Mon, 14 Jun 2021 08:07:52 GMT
date: Mon, 14 Jun 2021 08:07:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Z3hvAyBq+2/+tLLfwjcevg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 6DA4 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 14 Jun 2021 07:44:49 GMT
expires: Tue, 14 Jun 2022 07:44:49 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1383
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4A8D 783 B
533 B 15ms
14ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0ade48b5951d9dfaeaf00febf37ffcad7e8a283041c47f3810b882804ba433ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-c3LPE8PM+0vVW05QKGtIkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

expires: Mon, 14 Jun 2021 08:07:52 GMT
date: Mon, 14 Jun 2021 08:07:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-c3LPE8PM+0vVW05QKGtIkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cht_cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 61E1 807 B
592 B 17ms
16ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: http://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678

Request headers

:method: GET
:authority: cdn.aralego.net
:scheme: https
:path: /ucfad/cookie/cht_cookieSyncIframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-type: text/html
last-modified: Tue, 11 Aug 2020 08:15:02 GMT
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 6898
cf-request-id: 0aab29201000002b89a9067000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZFksl1KbRefC2z2UizMQEO3TZp5J0vE03dEpQIpGVJmAX547i4xl99xJEW4kKDRyALddWL0z2hHUTbB3VdGJwzh1kkWQeYYXTi2NDG00mjsFMEh1%2FEFjzhrjTPkjQB3AFWoM10lh5qQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 65f211468f432b89-FRA
content-encoding: br

GET idsync
sync.aralego.com/ Frame 3313 0
0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B3D4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

58ms
58ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: ace323fbc6b683616a99f0f08b6daf8b.safeframe.googlesyndication.com
URL: https://ace323fbc6b683616a99f0f08b6daf8b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlUwbfld26-xWEnDmnGt3ZrWeJ_B1utNZnOEA8tuqq3VrlW-WR8RHiwFEJrJaU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 14 Jun 2021 08:07:52 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 14-Jun-2021 09:07:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Jun 2021 08:07:52 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 14 Jun 2021 08:07:52 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK addelivery Show response
ap.lijit.com/ Frame 753F 811 B
1 KB 30ms
29ms Script
application/x-javascript 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/addelivery?zoneid=861814&tid=a_861814_45e99dcd2ffc4403ad5b1c68052cdd43&cb=undefined&mode=0&flv=0.0.0&ifr=true&od=b.travelmiso.com&time=08%3A07%3A52&fd=2&be=sf&loc=http%3A%2F%2Fb.travelmiso.com&orig_loc=http%3A%2F%2Fb.travelmiso.com%2Fads%2Fadsp%2F300x250.html&abf=false&dpz=false&cv=undefined&dop=0&ndw=1&spif=true&btid=a_861814_45e99dcd2ffc4403ad5b1c68052cdd43
Requested by: Host: ap.lijit.com
URL: http://ap.lijit.com/www/delivery/fp?z=861814
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ee427fb78cbd271780701f801d67eced026ad405cb1bbb689d8ca72bc2ab76d

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:52 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 571

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame BC5C 14 KB
6 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 15:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 15:49:47 GMT

GET
H/1.1 200
OK analytics.js Show response
cdn.innity.net/ 173 B
523 B 21ms
19ms Script
application/javascript 104.111.224.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.innity.net/analytics.js
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-224-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d86f773cc0628268e605173f2d589ee2ec9ecfd150e454514240eb2bfcb1fb82

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Dec 2015 07:32:50 GMT
Server: Apache
ETag: "ad-5267218ef0c80-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 152
Expires: Tue, 15 Jun 2021 08:07:52 GMT

GET
H/1.1 200
OK t.js Show response
nichools.com/ 18 KB
18 KB 73ms
73ms Script
application/javascript 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/t.js?i=bdsfyu86g9gsdn1e02&cb=1433201623658072117
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 67098d7a06bd54efd87ae094d7e19800a2b4b1aec6c00421300da2612c165935

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:52 GMT
Via: 1.1 a776ddd883fba0ca203b52822fb50572.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
X-Amz-Cf-Id: rGvx_IqeCvSxXVw2MMgeWR29t6UTSh8-iaG1h8HXJTMS4Ysx3rWyng==

GET
H/1.1 200
OK 728x90.html Show response
b.travelmiso.com/ads/ucf/ Frame 5D24 328 B
646 B 177ms
177ms Document
text/html 203.76.174.123
SG-8-TO-SG 8 to I...

General

Check archive.org

Show headers Download Go to

Full URL: http://b.travelmiso.com/ads/ucf/728x90.html
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 203.76.174.123 , Singapore, ASN45470 (SG-8-TO-SG 8 to Infinity Pte Ltd, SG),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 6e1ce5438c8e9c3b630f802b27725bb86a8f7593158decb3cd4b0120e9593e68

Request headers

Host: b.travelmiso.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ASPSESSIONIDQCSSCCAC=GCCFPFDDCGMEHOCDGNFOFDGP; __gads=ID=79a2f6b1aefcf0ef:T=1623658069:S=ALNI_MZoxHzK7RPU6Cg0jzzgpyfVQnW1Yg; ucfunnel_uid=96a69de5-8eea-3a41-9a88-ca1e5509e83b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Mon, 13 Jul 2020 15:40:21 GMT
Accept-Ranges: bytes
ETag: "34137eb2b59d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Length: 375

GET
H/1.1 200
OK 728x90.html Show response
b.travelmiso.com/ads/gam/ Frame 7A63 294 B
613 B 177ms
175ms Document
text/html 203.76.174.123
SG-8-TO-SG 8 to I...

General

Check archive.org

Show headers Download Go to

Full URL: http://b.travelmiso.com/ads/gam/728x90.html
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 203.76.174.123 , Singapore, ASN45470 (SG-8-TO-SG 8 to Infinity Pte Ltd, SG),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ab04851695c80397b2c597c90d6806041956b5b82ab47ab8e0c65bf222c01675

Request headers

Host: b.travelmiso.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: _a3rd1567570933=0-9; ASPSESSIONIDQCSSCCAC=GCCFPFDDCGMEHOCDGNFOFDGP; __gads=ID=79a2f6b1aefcf0ef:T=1623658069:S=ALNI_MZoxHzK7RPU6Cg0jzzgpyfVQnW1Yg; ucfunnel_uid=96a69de5-8eea-3a41-9a88-ca1e5509e83b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Mon, 13 Jul 2020 15:40:02 GMT
Accept-Ranges: bytes
ETag: "2c9ee8df2b59d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Length: 341

GET
H/1.1 200
OK 728x90.html Show response
b.travelmiso.com/ads/vls/ Frame 7621 710 B
773 B 174ms
172ms Document
text/html 203.76.174.123
SG-8-TO-SG 8 to I...

General

Check archive.org

Show headers Download Go to

Full URL: http://b.travelmiso.com/ads/vls/728x90.html
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 203.76.174.123 , Singapore, ASN45470 (SG-8-TO-SG 8 to Infinity Pte Ltd, SG),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 0c73e4a8977dc108b5f28a9e205a2b3a61bd38ce6d4708ecde9b2517df429e75

Request headers

Host: b.travelmiso.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ASPSESSIONIDQCSSCCAC=GCCFPFDDCGMEHOCDGNFOFDGP; __gads=ID=79a2f6b1aefcf0ef:T=1623658069:S=ALNI_MZoxHzK7RPU6Cg0jzzgpyfVQnW1Yg; ucfunnel_uid=96a69de5-8eea-3a41-9a88-ca1e5509e83b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Mon, 20 Jul 2020 00:21:58 GMT
Accept-Ranges: bytes
ETag: "5406c82b5ed61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Length: 503

GET
H2 200 / Show response
ads.viralize.tv/player/ 3 KB
2 KB 22ms
21ms XHR
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/player/?zid=AAC95piwLXRmBuZQ&sid=01ebcce79bdd7dc85520296cfcecfeb1&activation=&experiment=ops.v&u=http%3A%2F%2Fb.travelmiso.com%2F&ahd=1&player_session=%7B%22page_id%22%3A%22017a098ffc044e444fed7cb96752a8d0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1834%2C%22height%22%3A1656%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A728%2C%22height%22%3A90%7D%2C%22player_position%22%3A%7B%22top%22%3A1555%2C%22left%22%3A802%7D%7D&r=http%3A%2F%2Fshoppinglifestyle.biz%2F&sc=1&gdpr=1&cmp=unavailable&dd=b.travelmiso.com
Requested by: Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAC95piwLXRmBuZQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: 143dd3b86a38cf1deff3df55ba37087a3ffb7f8a0f1bbbabe1ecdde35dedf609

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://b.travelmiso.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK raven.min.js Show response
cdn.ravenjs.com/3.17.0/ Frame CB71 25 KB
10 KB 14ms
14ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by: Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAC95piwLXRmBuZQ
Protocol: HTTP/1.1
Server: 2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: 570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jul 2017 16:58:06 GMT
Server: Fastly
Age: 28361
ETag: "51d6eff0ea5151f41fa0e2f3310fc7c7"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 9634

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.1/ Frame CB71 95 KB
34 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.12.1/jquery.min.js

Requested by

Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAC95piwLXRmBuZQ

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 06:18:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 179339
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 34056
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 12 Jun 2022 06:18:53 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ Frame CB71 72 B
145 B 8ms
7ms Script
text/javascript 151.101.65.26
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated

Requested by

Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAC95piwLXRmBuZQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.26 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 508224
detected-user-agent: Chrome Mobile/89.0.4389
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Tue, 08 Jun 2021 10:31:30 GMT
date: Mon, 14 Jun 2021 08:07:52 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 viralize_player_banner.min.07f50ce3.js Show response
static.viralize.tv/ Frame CB71 358 KB
112 KB 15ms
14ms Script
application/javascript 2a02:26f0:120::211:7b5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.viralize.tv/viralize_player_banner.min.07f50ce3.js?e=ops
Requested by: Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAC95piwLXRmBuZQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:120::211:7b5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: eb21cbe16828a9be59196144f96632b8a853f173ce31a8300062ed638ffcb7dc

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UyecSkYGEzUgs8-L7WQA489XMZNxd59tvJ2cj6_NZXhxUpdldqiRple_IrhfClXviKnAiG8EKZq3Blcm12sDFyPJvdjEw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 113586
last-modified: Fri, 11 Jun 2021 12:45:24 GMT
server: UploadServer
etag: "07f50ce37d768478c57a3d75508bf39e"
vary: Accept-Encoding
x-goog-hash: crc32c=j4vTvw==, md5=B/UM4312hHjFej11UIvzng==
x-goog-generation: 1623415524664497
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 366310
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 14 Jul 2021 08:07:52 GMT

GET
H/1.1 200
OK 160x600.html Show response
b.travelmiso.com/ads/ucf/ Frame 9888 331 B
648 B 183ms
183ms Document
text/html 203.76.174.123
SG-8-TO-SG 8 to I...

General

Check archive.org

Show headers Download Go to

Full URL: http://b.travelmiso.com/ads/ucf/160x600.html
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 203.76.174.123 , Singapore, ASN45470 (SG-8-TO-SG 8 to Infinity Pte Ltd, SG),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c015ace92e72f8257d6c10d4efef532980ac5970b890101ff23d171b0a86009e

Request headers

Host: b.travelmiso.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ASPSESSIONIDQCSSCCAC=GCCFPFDDCGMEHOCDGNFOFDGP; __gads=ID=79a2f6b1aefcf0ef:T=1623658069:S=ALNI_MZoxHzK7RPU6Cg0jzzgpyfVQnW1Yg; ucfunnel_uid=96a69de5-8eea-3a41-9a88-ca1e5509e83b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Mon, 13 Jul 2020 15:40:20 GMT
Accept-Ranges: bytes
ETag: "117f92ea2b59d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Length: 376

GET
H/1.1 200
OK 160x600.html Show response
b.travelmiso.com/ads/gam/ Frame 3347 295 B
615 B 183ms
177ms Document
text/html 203.76.174.123
SG-8-TO-SG 8 to I...

General

Check archive.org

Show headers Download Go to

Full URL: http://b.travelmiso.com/ads/gam/160x600.html
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 203.76.174.123 , Singapore, ASN45470 (SG-8-TO-SG 8 to Infinity Pte Ltd, SG),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5a0f0e8724b21e36fb0ee6771a1afcbb3f596ab6d2b181443a32a7a6612354b2

Request headers

Host: b.travelmiso.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: _a3rd1567570933=0-9; ASPSESSIONIDQCSSCCAC=GCCFPFDDCGMEHOCDGNFOFDGP; __gads=ID=79a2f6b1aefcf0ef:T=1623658069:S=ALNI_MZoxHzK7RPU6Cg0jzzgpyfVQnW1Yg; ucfunnel_uid=96a69de5-8eea-3a41-9a88-ca1e5509e83b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Mon, 13 Jul 2020 15:40:01 GMT
Accept-Ranges: bytes
ETag: "40f35bdf2b59d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Date: Mon, 14 Jun 2021 08:07:50 GMT
Content-Length: 343

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 807 B
1 KB 175ms
174ms Script
text/javascript 119.81.192.141
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: http://as.innity.com/synd/?cb=1623658072139&ver=1&pub=9188905e74c28e489b44e954ec0b9bca&zone=87318&output=js&flash=0&url=b.travelmiso.com&width=160&height=600&vpw=1600&vph=2260&auction=e776974-a3903f3
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol: HTTP/1.1
Server: 119.81.192.141 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 8d.c0.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 773db7f37b862dc1b6407edd489a46559c497800c105f447bd4bd6cdd5acdca2

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jun 2021 08:07:52 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Type: text/javascript; charset=utf-8
Content-Length: 453
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F017 0
0 19ms
16ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8iRu_KzJ3XWenaRECyCAVjc8xrF1jsCde0cyc6IPhdabYYOMi5cIP4ptkB_r84CgS-wH0tuF6iQ1BVLhbd2ZISI-lvNl9o4ckfrh9I2pOkC7QBo34ETNJkl_RjuRx3Q6-d2Erf1TYrSnaiSedy1IAaTnpjBowwO3k5wFsB2GdZ6Tk37_wfCuFjasOxwbxJZHD4t7gxSto4H__fnaKBpWOwX6T6xCE34_Czj-CDE3Sqwu0utyoXEqPa5d_UQeA2tpXwmX0gz42qxK9EKsZ5pLEQqh0YoptWPjurUvSVpAUj4Jq77Y7ouNnhjliedXjhuYzsQ&sig=Cg0ArKJSzGZDQ0FQ8QvoEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 08:07:52 GMT

GET
H2 200 impl.20210613-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame F676 496 KB
114 KB 8ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210613-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/travelmiso300x250gr-r19505065/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 8974f58be666ac2c5f7d8a69b09e031e9251163b711e58ec9ca3c9e42fcb7e27

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: MqGiLIR6El3MkuQHJ3.1eYqZMAGTaULA
content-encoding: br
etag: "9678bab06f2bace18fc306bb0efe8c6c"
age: 23686
x-cache: HIT
content-length: 116369
x-amz-id-2: fnO/Pz6PeUpWgpYZ+ik9h3feMutGfagRVzyWKHnWaFSlUcIfz3cLNzzaZduvg0TPEhNDhhtvhd0=
x-served-by: cache-hhn11522-HHN
last-modified: Sun, 13 Jun 2021 09:27:32 GMT
server: AmazonS3-br
x-timer: S1623658072.161880,VS0,VE0
date: Mon, 14 Jun 2021 08:07:52 GMT
vary: Accept-Encoding
x-amz-request-id: 9RZMKTQKNNBRP2Y1
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 23
x-cache-hits: 139320

GET
H3-29 200 default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame CE53 58 KB
59 KB 39ms
27ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jdxebtrge6tfkgak9az0g4vby831prcj5dhbvhjr0rd6hpkt9fapse2nb1m9p1g86qjkt1yka2ektqfp2523371vwe6fzfb0eeesf12z6ztejwbw4gjgbzgsd7ax40mxag0fm3q8k1ex5fxjtk85azfw5c7azrzdh339d6b05p5tf4h1k6xxhhev45c8cpsrf3t59yjbgztvgjy6nhb9ypagj749jp75654a7k1d6zrzzgrdgsw1wev02qk4ascddj0g31fvj9d5bcsttqwv698tttag3cdzs9a709yesbmmczve4wbaf2rfb2fd0kbhp5pg9eq4ck24b1fa5akt5fz4xsptvygzjrfx91f9s7ttfyw4sqt7rv6k0t96&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfwJYVg7HYImTNZue7_UP54S48AKQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4NTU1MjgyMDMzNDU4oAHCrujdA8gBCakCfsYep6lQtD7gAgCoAwGqBP4BT9C43mIr6w8v0b0rcQEPNiQq4ribNYWq6uxXftWtAOaFBtI-gb0OIAS6J1XLswb5y75_zhxb209IDGmCKnFAr6AE8AoJuybz4YYUQotibqiLZO0Yp0gv8BPlEAuficaZXLdeAIPvWb1dwnsipQsO4kJbAxTDyDMYAJDkZpkL4jniVPrcFW6qA5TklOQAbuXpeHJW2HAmP0HRqQxfMfrFr47ltaBSY_JF9oBZvuXBgoU9zLTYXbOWtqWOgwzcSDeW6pTqDvV34-jI0pRzffytOTND0Mvut0FHixQef8LJNAdigW-OFXHl6bLPcKY2zSR6apz8Q1owc1nFuT58gF_gBAGABv6UqZKnj8n4_gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLECqAeKnLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNjA0MTczNjczNjIxMjU5M_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0bLc6SrNi_hgcOKB9GWljWgcHf_g%26client%3Dca-pub-7538555282033458%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jdxebtrge6tfkgak9az0g4vby831prcj5dhbvhjr0rd6hpkt9fapse2nb1m9p1g86qjkt1yka2ektqfp2523371vwe6fzfb0eeesf12z6ztejwbw4gjgbzgsd7ax40mxag0fm3q8k1ex5fxjtk85azfw5c7azrzdh339d6b05p5tf4h1k6xxhhev45c8cpsrf3t59yjbgztvgjy6nhb9ypagj749jp75654a7k1d6zrzzgrdgsw1wev02qk4ascddj0g31fvj9d5bcsttqwv698tttag3cdzs9a709yesbmmczve4wbaf2rfb2fd0kbhp5pg9eq4ck24b1fa5akt5fz4xsptvygzjrfx91f9s7ttfyw4sqt7rv6k0t96&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfwJYVg7HYImTNZue7_UP54S48AKQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4NTU1MjgyMDMzNDU4oAHCrujdA8gBCakCfsYep6lQtD7gAgCoAwGqBP4BT9C43mIr6w8v0b0rcQEPNiQq4ribNYWq6uxXftWtAOaFBtI-gb0OIAS6J1XLswb5y75_zhxb209IDGmCKnFAr6AE8AoJuybz4YYUQotibqiLZO0Yp0gv8BPlEAuficaZXLdeAIPvWb1dwnsipQsO4kJbAxTDyDMYAJDkZpkL4jniVPrcFW6qA5TklOQAbuXpeHJW2HAmP0HRqQxfMfrFr47ltaBSY_JF9oBZvuXBgoU9zLTYXbOWtqWOgwzcSDeW6pTqDvV34-jI0pRzffytOTND0Mvut0FHixQef8LJNAdigW-OFXHl6bLPcKY2zSR6apz8Q1owc1nFuT58gF_gBAGABv6UqZKnj8n4_gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLECqAeKnLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNjA0MTczNjczNjIxMjU5M_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0bLc6SrNi_hgcOKB9GWljWgcHf_g%26client%3Dca-pub-7538555282033458%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=XxVHlg==, md5=RCdMWH7YOCWDIhuwI9UcWg==
date: Mon, 14 Jun 2021 08:07:52 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7211325
cf-polished: origSize=59196
x-guploader-uploadid: ABg5-Uy4aivieyuBWrRiQC4_Ppn1uUsCErWp3PCNabOAR1DHIeajjF0MmTZg9JuSRGfocIdDxNZdYx3-JXnC-nTF81uHDLT_kw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58969
cf-request-id: 0aab29207600001f4148250000000001
last-modified: Tue, 16 Mar 2021 10:53:32 GMT
server: cloudflare
etag: "44274c587ed8382583221bb023d51c5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FHmx9lT0xc3K6ikiHmHzErhImyBz2XTE6Lx4wTFwJhCGHZCVyTeSk5SGnohXBItDFyIIew87WTA%2FVjKbr%2F8ZSPpWh95BcUy5f76ANNe2uwWtTvHxNtJpD39FozhVDZL9"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1615892011975494
content-type: text/css
expires: Tue, 22 Mar 2022 20:59:07 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 65f211472c8c1f41-FRA
cf-bgj: minify

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame CE53 36 KB
12 KB 33ms
22ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jdxebtrge6tfkgak9az0g4vby831prcj5dhbvhjr0rd6hpkt9fapse2nb1m9p1g86qjkt1yka2ektqfp2523371vwe6fzfb0eeesf12z6ztejwbw4gjgbzgsd7ax40mxag0fm3q8k1ex5fxjtk85azfw5c7azrzdh339d6b05p5tf4h1k6xxhhev45c8cpsrf3t59yjbgztvgjy6nhb9ypagj749jp75654a7k1d6zrzzgrdgsw1wev02qk4ascddj0g31fvj9d5bcsttqwv698tttag3cdzs9a709yesbmmczve4wbaf2rfb2fd0kbhp5pg9eq4ck24b1fa5akt5fz4xsptvygzjrfx91f9s7ttfyw4sqt7rv6k0t96&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfwJYVg7HYImTNZue7_UP54S48AKQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4NTU1MjgyMDMzNDU4oAHCrujdA8gBCakCfsYep6lQtD7gAgCoAwGqBP4BT9C43mIr6w8v0b0rcQEPNiQq4ribNYWq6uxXftWtAOaFBtI-gb0OIAS6J1XLswb5y75_zhxb209IDGmCKnFAr6AE8AoJuybz4YYUQotibqiLZO0Yp0gv8BPlEAuficaZXLdeAIPvWb1dwnsipQsO4kJbAxTDyDMYAJDkZpkL4jniVPrcFW6qA5TklOQAbuXpeHJW2HAmP0HRqQxfMfrFr47ltaBSY_JF9oBZvuXBgoU9zLTYXbOWtqWOgwzcSDeW6pTqDvV34-jI0pRzffytOTND0Mvut0FHixQef8LJNAdigW-OFXHl6bLPcKY2zSR6apz8Q1owc1nFuT58gF_gBAGABv6UqZKnj8n4_gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLECqAeKnLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNjA0MTczNjczNjIxMjU5M_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0bLc6SrNi_hgcOKB9GWljWgcHf_g%26client%3Dca-pub-7538555282033458%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jdxebtrge6tfkgak9az0g4vby831prcj5dhbvhjr0rd6hpkt9fapse2nb1m9p1g86qjkt1yka2ektqfp2523371vwe6fzfb0eeesf12z6ztejwbw4gjgbzgsd7ax40mxag0fm3q8k1ex5fxjtk85azfw5c7azrzdh339d6b05p5tf4h1k6xxhhev45c8cpsrf3t59yjbgztvgjy6nhb9ypagj749jp75654a7k1d6zrzzgrdgsw1wev02qk4ascddj0g31fvj9d5bcsttqwv698tttag3cdzs9a709yesbmmczve4wbaf2rfb2fd0kbhp5pg9eq4ck24b1fa5akt5fz4xsptvygzjrfx91f9s7ttfyw4sqt7rv6k0t96&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfwJYVg7HYImTNZue7_UP54S48AKQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4NTU1MjgyMDMzNDU4oAHCrujdA8gBCakCfsYep6lQtD7gAgCoAwGqBP4BT9C43mIr6w8v0b0rcQEPNiQq4ribNYWq6uxXftWtAOaFBtI-gb0OIAS6J1XLswb5y75_zhxb209IDGmCKnFAr6AE8AoJuybz4YYUQotibqiLZO0Yp0gv8BPlEAuficaZXLdeAIPvWb1dwnsipQsO4kJbAxTDyDMYAJDkZpkL4jniVPrcFW6qA5TklOQAbuXpeHJW2HAmP0HRqQxfMfrFr47ltaBSY_JF9oBZvuXBgoU9zLTYXbOWtqWOgwzcSDeW6pTqDvV34-jI0pRzffytOTND0Mvut0FHixQef8LJNAdigW-OFXHl6bLPcKY2zSR6apz8Q1owc1nFuT58gF_gBAGABv6UqZKnj8n4_gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLECqAeKnLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNjA0MTczNjczNjIxMjU5M_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0bLc6SrNi_hgcOKB9GWljWgcHf_g%26client%3Dca-pub-7538555282033458%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=VHPQMw==, md5=O4FGM/ivTqRkLkRDXbVbMw==
date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 52915
x-guploader-uploadid: ABg5-UyHG-hOHMrblKFIYL7z0-xw-9pArwKph-VJrtcWULownBnqKUo-1GLHEGsXvwH8Zp6QorI5FIk9wmVPTpub1M4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aab29207500001f41e3ad2000000001
last-modified: Thu, 06 May 2021 17:25:03 GMT
server: cloudflare
etag: W/"3b814633f8af4ea4642e44435db55b33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wQTKklcdhHl2ABjHfWJKSHcoQsrBEseyLer%2BROFBm0HY2qh%2Fqgs6I7yxjxIw6mYeKCB3NAe2Ph3W3FV7mnVChLFGKY4VMj4wg%2BpvvxG%2FLn%2B3ArA5wI27vUAjOtdcae1c"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620321903630655
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 12034
cf-ray: 65f211472c8a1f41-FRA
expires: Sun, 13 Jun 2021 17:25:57 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F940 0
0 18ms
18ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssE0Ji0s7WF1ZBJTM1_rlkiZzaQJQpf47Frr2ceiAgoaYp3XupC68xbc2NdxYA19vozrtPASZVkencM7XWrwYddfLDoaH0wDXhnUC3cOJsFCli0Q_23trixgJutP56ksF-QL8x8Xx1PRiMZOtM5iNIr3LqvIapJqv8Tp1uEfzo4h3zHRZQTVM5sH3UnAiK8Ngxs2Y5TX2VvQu_2AOJs-Xek0B_uprOwXKG0X_6BuY-HiW6KLiYku3KCRFE10N49LVC9s9X0tjsQH3LxrgqJDooMHmxMUNsbKzQONQp4UgAlJAIxMJz_WfOZFaxYB16OJcrv&sig=Cg0ArKJSzCGe8TXpjFR9EAE&urlfix=1&adurl=

Requested by

Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame F940 61 KB
21 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 669 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:52 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F940 122 KB
37 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:52 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame F017 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:52 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F017 10 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa70784e592bbe17d4bb199b9703b08795a58ccb6f8ba20b56a03406191ee154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8050
x-xss-protection: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame E149 83 KB
27 KB 55ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player_banner.min.07f50ce3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Jun 2021 08:07:52 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E89E 0
0 24ms
22ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C6n0yVw7HYOSRBbuT7_UP5sG_-AeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04ODA0MzAzNzgxNjQxOTI1oAHCrujdA8gBCakCfsYep6lQtD7gAgCoAwGqBJYCT9CO9x-j7Xf60Mrc02sXWj3LnW4USrh-y_1o35utncZo_kg7pjwW9vccWy-1SxT58zlvqwGChL4JbKCmh-9GynvyWq60UuQhjjZErOenjfbM03g4K6Mo8SfV7km6Wju3TFtc_CwlHxe5CipjJZZRCTTNzhisOZhl1uwyQNao9ORGpT3nm1AiYcT-44UwoepOGR9c7NAbuVAdUhsj-BSPIiLrWwes0OfFo84oZhk4bduy56SxDj4eczpRU-6xF0pvWbsx6AunWv3SfYe-Iye68cuM3eVuwJUtoN4laI3FgoG07_g2AUN93QYFblbw3Mrsg3ef4tmoyfcmo10-lYPvz2l-pFzs2bc9E6pPqtE5bncU33tn1N7gBAGABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzgzMjc2NjM2MDU5NjUxOIAKA_oLAggBgAwB0BUBgBcBshcYChYSFHB1Yi04ODA0MzAzNzgxNjQxOTI1&sigh=VPqrbMNrH1w
Requested by: Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame E89E 0
0 18ms
14ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j967v3y4ktznd2s75nm4k03r8qq17qb33c9h2xn8trkyhteqfwk4v33azxyqxfhk9cyhbtqzny40je554a51sv8awhe972ynh4g3gk8m1qjzxhs1d21swbcyt4b9z960yqj8z8805hcb4kzzvnzm0gy4nmzy73pfnfzpj26tpb0kkpg66851fkvv593a03eye90dzxe3184bvtcr30q1ctczg9tghw9mdevhnwjxcx0a2npwh59pw3vcs05jp7ga3dm8t7g0rcc19des960nx3dwx4pd40ybn637qk4pk04cn6q32912babs73dhej4edr2tqkv7n08datxvpfkhamxb8d3gcyahkpbwbh78d3fx3ykr0g64y2vxp30wg5930t76746&b=YMcOVwABSOQIu8m7AA_g5t9Oq0zJbyS_YJCvFw
Requested by: Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Jun 2021 08:07:52 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H3-29 200 dr Show response
ad4m.at/ad/ Frame E3CE 2 KB
2 KB 26ms
23ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1j89pc4zfp7pm30ft351w97ma21panxv3cc4rd890p1cxj0fk1c5eqdbcqbdvza1g801rxnfebcbk64m70dbcdgxsrn1e36rceh2f9z71bw5sj1m00evnz8qqa9tbscb911gwtbz6sxmzy7z6zkrqw7ra57887n7g64v49fd10zpe1xxprjpbrys4mkxmhye38qj3esh4qwyrf5ggxz48z009w98vep0r25qgbyt2am84x2b080h6j37h2ab280t7zgtwd408ng1w2f1q8e9eryh9hgv37g2d30ragyp5q2a1a00h2kbhmffxqg3j8x977cbmppacyrpss496dpf53j0rearagywv3asgde5466xfpzw05xzkq4q8wtqe&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG5r7Vw7HYOSRBbuT7_UP5sG_-AeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04ODA0MzAzNzgxNjQxOTI1oAHCrujdA8gBCakCfsYep6lQtD7gAgCoAwGqBJkCT9CO9x-j7Xf60Mrc02sXWj3LnW4USrh-y_1o35utncZo_kg7pjwW9vccWy-1SxT58zlvqwGChL4JbKCmh-9GynvyWq60UuQhjjZErOenjfbM03g4K6Mo8SfV7km6Wju3TFtc_CwlHxe5CipjJZZRCTTNzhisOZhl1uwyQNao9ORGpT3nm1AiYcT-44UwoepOGR9c7NAbuVAdUhsj-BSPIiLrWwes0OfFo84oZhk4bduy56SxDj4eczpRU-6xF0pvWbsx6AunWv3SfYe-Iye68cuM3eVuwJUtoN4laI3FgoG07_g2AUN93QYFblbw3Mrsg3ef4tmoyfcmo10-lYPvz2l-pFyu27qvxH_I6hm-JuHOlumV7cqz5uTgBAGABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzgzMjc2NjM2MDU5NjUxOPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1cpuX8GbsUAm09Uur8NbdB7DegXQ%26client%3Dca-pub-8804303781641925%26adurl%3D

Requested by

Host: fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com
URL: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1edb56bac4bb22cd26b03ecc217bab3b4539c3fef7592fd849a86450779b0eda

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1j89pc4zfp7pm30ft351w97ma21panxv3cc4rd890p1cxj0fk1c5eqdbcqbdvza1g801rxnfebcbk64m70dbcdgxsrn1e36rceh2f9z71bw5sj1m00evnz8qqa9tbscb911gwtbz6sxmzy7z6zkrqw7ra57887n7g64v49fd10zpe1xxprjpbrys4mkxmhye38qj3esh4qwyrf5ggxz48z009w98vep0r25qgbyt2am84x2b080h6j37h2ab280t7zgtwd408ng1w2f1q8e9eryh9hgv37g2d30ragyp5q2a1a00h2kbhmffxqg3j8x977cbmppacyrpss496dpf53j0rearagywv3asgde5466xfpzw05xzkq4q8wtqe&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG5r7Vw7HYOSRBbuT7_UP5sG_-AeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04ODA0MzAzNzgxNjQxOTI1oAHCrujdA8gBCakCfsYep6lQtD7gAgCoAwGqBJkCT9CO9x-j7Xf60Mrc02sXWj3LnW4USrh-y_1o35utncZo_kg7pjwW9vccWy-1SxT58zlvqwGChL4JbKCmh-9GynvyWq60UuQhjjZErOenjfbM03g4K6Mo8SfV7km6Wju3TFtc_CwlHxe5CipjJZZRCTTNzhisOZhl1uwyQNao9ORGpT3nm1AiYcT-44UwoepOGR9c7NAbuVAdUhsj-BSPIiLrWwes0OfFo84oZhk4bduy56SxDj4eczpRU-6xF0pvWbsx6AunWv3SfYe-Iye68cuM3eVuwJUtoN4laI3FgoG07_g2AUN93QYFblbw3Mrsg3ef4tmoyfcmo10-lYPvz2l-pFyu27qvxH_I6hm-JuHOlumV7cqz5uTgBAGABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzgzMjc2NjM2MDU5NjUxOPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1cpuX8GbsUAm09Uur8NbdB7DegXQ%26client%3Dca-pub-8804303781641925%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7d3s
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0aab2920ab00001f41e53c6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65f211477d421f41-FRA
content-encoding: br

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame E89E 2 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com
URL: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 08:04:36 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 42A8 1 KB
749 B 11ms
9ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com
URL: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 13 Jun 2021 09:02:58 GMT
expires: Mon, 14 Jun 2021 09:02:58 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 83094
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E89E 122 KB
37 KB 21ms
18ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com
URL: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:52 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame E89E 13 KB
6 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com
URL: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:02:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 08:02:30 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame E89E 0
0 20ms
18ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSoJej-redz1he6FWS2-oGQZYrBp8IdgUCH97Z9l2Z7vZVNGiKR43Hvr2QmuReLU4D4WrC373LtNUI5tk2s7EsLThPBuA
Requested by: Host: fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com
URL: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E89E 22 KB
7 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com
URL: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 10:06:35 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 6C1C 12 KB
5 KB 14ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 14 Jun 2021 07:44:49 GMT
expires: Tue, 14 Jun 2022 07:44:49 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1383
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BB50 783 B
533 B 24ms
16ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

55116936ad93c03c659944931b81e09d120d148a0d758e3bd5799080cd3b989e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZTb+EvdzjY8ASh59OJ7XRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

expires: Mon, 14 Jun 2021 08:07:52 GMT
date: Mon, 14 Jun 2021 08:07:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ZTb+EvdzjY8ASh59OJ7XRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 53F0
Redirect Chain

http://ads.aralego.com/sdk
http://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

22ms
16ms

Script
application/octet-stream

2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.travelmiso.com
URL: http://www.travelmiso.com/acta/friends/gmdef_300x250.asp
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a87fd41597436af0e4160d453d7e8e2b4384edb15d2fdf2058de7c29b31e637

Request headers

Referer: http://www.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:54 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 5551
Connection: keep-alive
Content-Length: 40120
cf-request-id: 0aab29279200004e6e94867000000001
Last-Modified: Fri, 28 May 2021 01:36:32 GMT
Server: cloudflare
ETag: "60b04920-9cb8"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=b2hXOnjOto0EOf32PqxpTJlsUFq3n0PajKD1BTc1Fp%2Bky7Kf42I%2BpPiCMdhjrEIiHNGq97QFgkzRx5qhD9SdMD2tfDBVZngqDY8wF2zaFYaSrZ7yh2y7wRzRykKgbBMxHY4zOBf1syg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/octet-stream
Cache-Control: max-age=14400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
CF-RAY: 65f211528a304e6e-FRA

Redirect headers

Location: http://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3FF2
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEIvLh6oQJvuRbmH9zQedftA&google_cver=1&google_push=AYg5qPKSWZ0yY8KpUsGKIkmmivocscyWaBVGWdkNtAIBVWfq0Ub-B_GZWh_7_C02GBqsHpy1p2MIdU1kGbV...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPKSWZ0yY8KpUsGKIkmmivocscyWaBVGWdkNtAIBVWfq0Ub-B_GZWh_7_C02GBqsHpy1p2MIdU1kGbV0lR0aDQWscZHs8lXd6A

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPKSWZ0yY8KpUsGKIkmmivocscyWaBVGWdkNtAIBVWfq0Ub-B_GZWh_7_C02GBqsHpy1p2MIdU1kGbV0lR0aDQWscZHs8lXd6A

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPKSWZ0yY8KpUsGKIkmmivocscyWaBVGWdkNtAIBVWfq0Ub-B_GZWh_7_C02GBqsHpy1p2MIdU1kGbV0lR0aDQWscZHs8lXd6A
Date: Mon, 14 Jun 2021 08:07:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET adxRedirect
tracking.m6r.eu/sync/ Frame 3FF2 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3FF2
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEGukKY6A3TZO5EXsnYG2aEU&google_cver=1&google_push=AYg5qPJgNw8o8XjJEbJ-7I-IPMTLerlUSHmHceG9gA6QRHon79vmM2N4EXEPEB2wc73NE61z3jpqqeICXMA5o3EQvaSPkc6Lo5ZQ
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJgNw8o8XjJEbJ-7I-IPMTLerlUSHmHceG9gA6QRHon79vmM2N4EXEPEB2wc73NE61z3jpqqeICXMA5o3EQvaSPkc6Lo5ZQ&google_hm=E3HxcZlliJWfsBEkAar6Tg==

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJgNw8o8XjJEbJ-7I-IPMTLerlUSHmHceG9gA6QRHon79vmM2N4EXEPEB2wc73NE61z3jpqqeICXMA5o3EQvaSPkc6Lo5ZQ&google_hm=E3HxcZlliJWfsBEkAar6Tg==

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:52 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJgNw8o8XjJEbJ-7I-IPMTLerlUSHmHceG9gA6QRHon79vmM2N4EXEPEB2wc73NE61z3jpqqeICXMA5o3EQvaSPkc6Lo5ZQ&google_hm=E3HxcZlliJWfsBEkAar6Tg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 2k4cbilblv6n8mmfo5jgrgndqonq51tc

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3FF2
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEG...
https://sync.targeting.unrulymedia.com/csync/RX-e597f688-2b9a-41d2-9b23-b37212ca0db4-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPL6sqs6llqVo1qEzEqIo...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPL6sqs6llqVo1qEzEqIoLK7ovgaT0h4PJ2ztN4UUDodTm13mhFzVNY1KDy6uWSBInrCbmnbmadnRJDMBAcmuJMzdgw6heeGYQ&google_hm=A-WX9ogrmkHSmyOzchLKDbQ

170 B
188 B

28ms
27ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPL6sqs6llqVo1qEzEqIoLK7ovgaT0h4PJ2ztN4UUDodTm13mhFzVNY1KDy6uWSBInrCbmnbmadnRJDMBAcmuJMzdgw6heeGYQ&google_hm=A-WX9ogrmkHSmyOzchLKDbQ

Requested by

Host: 900ad9171b4789fb6aabe90cecb3aac7.safeframe.googlesyndication.com
URL: https://900ad9171b4789fb6aabe90cecb3aac7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPL6sqs6llqVo1qEzEqIoLK7ovgaT0h4PJ2ztN4UUDodTm13mhFzVNY1KDy6uWSBInrCbmnbmadnRJDMBAcmuJMzdgw6heeGYQ&google_hm=A-WX9ogrmkHSmyOzchLKDbQ
date: Mon, 14 Jun 2021 08:07:52 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXe597f6882b9a41d29b23b37212ca0db4003
content-type: text/html

GET

pixel
cm.g.doubleclick.net/ Frame 3FF2
Redirect Chain

https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESENHtERZOZKa9bmhORjIdw2U&google_cver=1&google_push=AYg5qPLnWJKQcnlCT0azml4pYcowRFRXFwBhmgJ9cpcu6iYHjNmfePXBIXLInr_QQXkfVpcfzgkbAY-nhvrmE_...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=R3NLZ3dyMXoyNQ==&google_push=AYg5qPLnWJKQcnlCT0azml4pYcowRFRXFwBhmgJ9cpcu6iYHjNmfePXBIXLInr_QQXkfVpcfzgkbAY-nhvrmE_4sgmLw9R...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=R3NLZ3dyMXoyNQ==&google_push=AYg5qPLnWJKQcnlCT0azml4pYcowRFRXFwBhmgJ9cpcu6iYHjNmfePXBIXLInr_QQXkfVpcfzgkbAY-nhvrmE_4sgmLw9R...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=R3NLZ3dyMXoyNQ==&google_push=AYg5qPLnWJKQcnlCT0azml4pYcowRFRXFwBhmgJ9cpcu6iYHjNmfePXBIXLInr_QQXkfVpcfzgkbAY-nhvrmE_4sgmLw9R...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=R3NLZ3dyMXoyNQ==&google_push=AYg5qPLnWJKQcnlCT0azml4pYcowRFRXFwBhmgJ9cpcu6iYHjNmfePXBIXLInr_QQXkfVpcfzgkbAY-nhvrmE_4sgmLw9R...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=R3NLZ3dyMXoyNQ==&google_push=AYg5qPLnWJKQcnlCT0azml4pYcowRFRXFwBhmgJ9cpcu6iYHjNmfePXBIXLInr_QQXkfVpcfzgkbAY-nhvrmE_4sgmLw9R...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=R3NLZ3dyMXoyNQ==&google_push=AYg5qPLnWJKQcnlCT0azml4pYcowRFRXFwBhmgJ9cpcu6iYHjNmfePXBIXLInr_QQXkfVpcfzgkbAY-nhvrmE_4sgmLw9R...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=R3NLZ3dyMXoyNQ==&google_push=AYg5qPLnWJKQcnlCT0azml4pYcowRFRXFwBhmgJ9cpcu6iYHjNmfePXBIXLInr_QQXkfVpcfzgkbAY-nhvrmE_4sgmLw9R...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=R3NLZ3dyMXoyNQ==&google_push=AYg5qPLnWJKQcnlCT0azml4pYcowRFRXFwBhmgJ9cpcu6iYHjNmfePXBIXLInr_QQXkfVpcfzgkbAY-nhvrmE_4sgmLw9R...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=R3NLZ3dyMXoyNQ==&google_push=AYg5qPLnWJKQcnlCT0azml4pYcowRFRXFwBhmgJ9cpcu6iYHjNmfePXBIXLInr_QQXkfVpcfzgkbAY-nhvrmE_4sgmLw9R...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=R3NLZ3dyMXoyNQ==&google_push=AYg5qPLnWJKQcnlCT0azml4pYcowRFRXFwBhmgJ9cpcu6iYHjNmfePXBIXLInr_QQXkfVpcfzgkbAY-nhvrmE_4sgmLw9R...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=R3NLZ3dyMXoyNQ==&google_push=AYg5qPLnWJKQcnlCT0azml4pYcowRFRXFwBhmgJ9cpcu6iYHjNmfePXBIXLInr_QQXkfVpcfzgkbAY-nhvrmE_4sgmLw9R...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=R3NLZ3dyMXoyNQ==&google_push=AYg5qPLnWJKQcnlCT0azml4pYcowRFRXFwBhmgJ9cpcu6iYHjNmfePXBIXLInr_QQXkfVpcfzgkbAY-nhvrmE_4sgmLw9R...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=R3NLZ3dyMXoyNQ==&google_push=AYg5qPLnWJKQcnlCT0azml4pYcowRFRXFwBhmgJ9cpcu6iYHjNmfePXBIXLInr_QQXkfVpcfzgkbAY-nhvrmE_4sgmLw9R...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=R3NLZ3dyMXoyNQ==&google_push=AYg5qPLnWJKQcnlCT0azml4pYcowRFRXFwBhmgJ9cpcu6iYHjNmfePXBIXLInr_QQXkfVpcfzgkbAY-nhvrmE_4sgmLw9R...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=R3NLZ3dyMXoyNQ==&google_push=AYg5qPLnWJKQcnlCT0azml4pYcowRFRXFwBhmgJ9cpcu6iYHjNmfePXBIXLInr_QQXkfVpcfzgkbAY-nhvrmE_4sgmLw9R...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=R3NLZ3dyMXoyNQ==&google_push=AYg5qPLnWJKQcnlCT0azml4pYcowRFRXFwBhmgJ9cpcu6iYHjNmfePXBIXLInr_QQXkfVpcfzgkbAY-nhvrmE_4sgmLw9R...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=R3NLZ3dyMXoyNQ==&google_push=AYg5qPLnWJKQcnlCT0azml4pYcowRFRXFwBhmgJ9cpcu6iYHjNmfePXBIXLInr_QQXkfVpcfzgkbAY-nhvrmE_4sgmLw9R...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=R3NLZ3dyMXoyNQ==&google_push=AYg5qPLnWJKQcnlCT0azml4pYcowRFRXFwBhmgJ9cpcu6iYHjNmfePXBIXLInr_QQXkfVpcfzgkbAY-nhvrmE_4sgmLw9R...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=R3NLZ3dyMXoyNQ==&google_push=AYg5qPLnWJKQcnlCT0azml4pYcowRFRXFwBhmgJ9cpcu6iYHjNmfePXBIXLInr_QQXkfVpcfzgkbAY-nhvrmE_4sgmLw9R...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=R3NLZ3dyMXoyNQ==&google_push=AYg5qPLnWJKQcnlCT0azml4pYcowRFRXFwBhmgJ9cpcu6iYHjNmfePXBIXLInr_QQXkfVpcfzgkbAY-nhvrmE_4sgmLw9R...

0
0

GET sync
rtb2-useast.e-volution.ai/ Frame 3FF2 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3FF2 0
59 B 15ms
14ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L1mwv9uHe6-BgTTW1-X4VanYLw0bCAMQPovpj_18ZOsd0rNiAhXm-ZRZHSrlCuIHo

Requested by

Host: 900ad9171b4789fb6aabe90cecb3aac7.safeframe.googlesyndication.com
URL: https://900ad9171b4789fb6aabe90cecb3aac7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 9D4C 62 KB
22 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd56c87dbd42ec5efef8e0fe40728cfa889cac7e9b80dc50b58c10063ae14d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "902 / 715 of 1000 / last-modified: 1623449396"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 21627
X-XSS-Protection: 0
Expires: Mon, 14 Jun 2021 08:07:52 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ Frame CB71 5 B
448 B 67ms
66ms XHR
application/json 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&cHJpY2VUeXBlPW5ldCZtaWQ9ODQ4NjYxJnRyYW5zYWN0aW9uSWQ9M2Y3MjU3ZjctNjE3OC00ZDdiLWI5YjAtYTUwYzVhODlmNjZj&pt=net&stid=d5bedbaa-1ab6-4928-903e-afa8e737064c&gdpr=0&gdpr_consent=undefined&fd=1&url=travelmiso.com

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame CB71 0
188 B 20ms
20ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=3.27.0&cb=1205621072
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://b.travelmiso.com
date: Mon, 14 Jun 2021 08:07:51 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame CB71 19 B
870 B 32ms
32ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:52 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.48:80
AN-X-Request-Uuid: 2eaecc37-64c2-4e95-b07e-c87eb6067a80
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://b.travelmiso.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ Frame CB71 5 B
448 B 63ms
62ms XHR
application/json 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H2 200 hb Show response
ice.360yield.com/ Frame CB71 4 KB
2 KB 93ms
93ms XHR
application/json 18.197.249.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%221921dc826fa8559%22%2C%22version%22%3A%227.1.0-JS-6.3.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22viralize.com%22%2C%22sid%22%3A%222633%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210b0ee79dab8ecd%22%2C%22pid%22%3A%2222340141%22%2C%22tid%22%3A%223f7257f7-6178-4d7b-b9b0-a50c5a89f66c%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.249.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-249-149.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a8d6995be3cb4438d004a01944f9b9196fba36576452819e2d7653c4c337ed75

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://b.travelmiso.com
date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 1915
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame CB71 19 B
871 B 16ms
16ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:52 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.232:80
AN-X-Request-Uuid: b2e130d6-a0bf-452c-b6b7-42c74f424973
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://b.travelmiso.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame CB71 19 B
870 B 46ms
46ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:52 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.77:80
AN-X-Request-Uuid: 1b581534-8693-4542-93d9-d6db19dc9937
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://b.travelmiso.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame CB71 24 B
971 B 20ms
20ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.27.0
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 6c8c3e0cd2af4ec71bc34a13b4ab01adce74e37e74c6c56551f65bad8bb4596a

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 14 Jun 2021 08:07:52 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://b.travelmiso.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 200 / Show response
adx.adform.net/adx/ Frame CB71 5 B
448 B 65ms
65ms XHR
application/json 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F017 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:52 GMT

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C216 62 KB
21 KB 15ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

896fed6cf068a0d1e73a60868a06def4f229223ab2f78856a90f7f81ad9157e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 882 of 1000 / last-modified: 1623449396"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21413
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:52 GMT

GET sdk
ads.aralego.com/ Frame 19C4 0
0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame DC9F 284 B
1 KB 25ms
24ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=270626&zone_id=1699154&size_id=15&p_pos=atf&gdpr=0&rp_schain=1.0,1!adpone.com,1992,1,,,&rf=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&tk_flint=adpnPbjs_lite_v3.26.0&x_source.tid=14ad4e73-87e5-4638-84ac-0deb29a66837&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5510984663034519
Requested by: Host: hb.adpone.com
URL: http://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 5b08f08e190daf864b7891ef9350843298244068a970bc95a464059a2b92e276

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:52 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://b.travelmiso.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame DC9F 0
323 B 19ms
19ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: http://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:51 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame DC9F 0
60 B 16ms
15ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: http://hb.adpone.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://b.travelmiso.com
date: Mon, 14 Jun 2021 08:07:51 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame DC9F 19 B
871 B 16ms
15ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: http://hb.adpone.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:52 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.153:80
AN-X-Request-Uuid: 1ec9438b-1e27-4a22-89c3-4e0d2cfb08d1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://b.travelmiso.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame DC9F 173 B
361 B 31ms
30ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=14ad4e73-87e5-4638-84ac-0deb29a66837&nocache=1623658072413&gdpr=0&x_gdpr_f=1&schain=1.0%2C1!adpone.com%2C1992%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1623658071956&auid=541066155
Requested by: Host: hb.adpone.com
URL: http://hb.adpone.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: afcbf8d122fb1a6c83565440f08f8bfd7db3670d07e5ee8f2f64e14b567f37b1

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
server: OXGW/16.208.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://b.travelmiso.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame CE53 3 KB
4 KB 40ms
22ms Image
image/png 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Mon, 14 Jun 2021 08:07:52 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 415690
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
cf-request-id: 0aab29217a00004db8ed259000000001
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kMMqv8sk8DqUNulArP53N8mu4FapqGUgYEgoa44qO8pWeS56VrgTnERJ9mPeLmrZGKPSrzl9B%2BaRtGg5GM4RCkxOHPFBZ1gGFYDraWhz%2FH54UZH4F7H6unH5ruUp%2BomdyztzCD6pWqdPrEYUT8U%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 65f21148ce454db8-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H/1.1 200
OK /
optimize.innity.com/ 43 B
452 B 310ms
309ms Image
image/gif 119.81.3.35
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://optimize.innity.com/?pubid=244&zoneid=87315&cb=1623658072421
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 119.81.3.35 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 23.03.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:52 GMT
Last-Modified: Mon, 14 Jun 2021 08:07:52 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK gen.js Show response
ads.themoneytizer.com/s/ Frame 753F 4 KB
2 KB 15ms
7ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.themoneytizer.com/s/gen.js?type=2
Requested by: Host: ap.lijit.com
URL: http://ap.lijit.com/www/delivery/fp?z=861814
Protocol: HTTP/1.1
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: b780c05b9b8e1f7acff640ef794ca777ffa43e5d4354a84eebf3dd98975f8675

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:45 GMT
Content-Encoding: gzip
Server: NetDNA-cache/2.2
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2127
Expires: Tue, 15 Jun 2021 08:07:45 GMT

GET
H/1.1 200
OK requestform.js Show response
ads.themoneytizer.com/s/ Frame 753F 47 KB
10 KB 17ms
9ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.themoneytizer.com/s/requestform.js?siteId=64680&formatId=2
Requested by: Host: ap.lijit.com
URL: http://ap.lijit.com/www/delivery/fp?z=861814
Protocol: HTTP/1.1
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 046c6b4309a00a98d8e0633a8bf4327ddd625081951bedfa0066d935a4c7d837

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:52 GMT
Content-Encoding: gzip
Server: NetDNA-cache/2.2
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9872
Expires: Tue, 15 Jun 2021 08:07:52 GMT

GET
H/1.1 200
OK Cookie set beacon Show response
gslbeacon.lijit.com/ Frame 142A 6 KB
3 KB 1182ms
17ms Document
text/html 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://gslbeacon.lijit.com/beacon?viewId=a_861814_45e99dcd2ffc4403ad5b1c68052cdd43&rand=7567&informer=13422783&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com&v=1.2
Requested by: Host: ap.lijit.com
URL: http://ap.lijit.com/www/delivery/fp?z=861814
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 480fad7667193af708ad5d4c70acdda757a34771b691e709cd2c9bdb337070ec

Request headers

Host: gslbeacon.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljt_reader=e6d1d55497521ebcd973323b; ctag=512:1623744470|561:1626250070|515:1626250070|563:1626250070|565:1623744470|520:1626250070|185:1623744470|203:1624867670|205:1623744470|541:1624867670|589:1626250070|462:1623744470; ljtrtb=eJyrVjI1MDBUslJKTLE0TLVMM7E0NjC2NDSxNEhONkxNTTMDIlMDI8tUpVoA7eMLUQ%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Server: nginx
Date: Mon, 14 Jun 2021 08:07:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxlkDESgDAIBP%2BS2kIIAeLXHP%2FumEnDWi7kYMPdpF3i2sPMoh9NF1p6%2BIfulXvFkMpyor%2Fj6pqrj%2FFzzvhVslYSMwVKCac08AAjr8zDKCcM4aO%2BL3iKLo765459hn2G%2BQPvR%2FLG1fh5AQUDWWs%3D;Path=/;Domain=.lijit.com;Expires=Tue, 14-Jun-2022 08:07:53 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrVjI1MDBUslJKTLE0TLVMM7E0NjC2NDSxNEhONkxNTTMDIlMDI8tUpVoA7eMLUQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Tue, 14-Jun-2022 08:07:53 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=e6d1d55497521ebcd973323b;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ctag=512:1623744470|561:1626250070|515:1626250070|563:1626250070|565:1623744470|520:1626250070|185:1623744470|203:1624867670|205:1623744470|541:1624867670|589:1626250070|462:1623744470;Path=/;Domain=.lijit.com;Expires=Wed, 14-Jul-2021 08:07:53 GMT;Max-Age=2592000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap5ams1

GET
H/1.1 200
OK containertag Show response
ap.lijit.com/ Frame 753F 24 KB
4 KB 20ms
18ms Script
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/containertag?containerId=18&zoneId=861814&v=2
Requested by: Host: ap.lijit.com
URL: http://ap.lijit.com/www/delivery/fp?z=861814
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: cabcc4a1bfabb1d7a956256c176988aa3dafdd1f78dd5e368ab025b8889e8aeb

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:52 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: raptor
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap6ams1
Content-Type: application/json
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET impression
vap6ams1.lijit.com/addelivery/ Frame 753F 0
0

GET fp
vap6ams1.lijit.com/data/ Frame 753F 0
0

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F309 0
0 18ms
17ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3BRCVw7HYITbMJmWgAe7zpW4C5KZlI1cseW651nAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMTI3NDQxNjM1MzY5MzU5OKABr-bm1gPIAQmpAn7GHqepULQ-4AIAqAMBqgT-AU_QZpo5a9JkuH4_rViVk1YI2zOaA0xciFUzungap_ogJFk_XhkG1prGbUm8nzN85hzlUnC7chj-n0nPzdwArrA7_isuwUIaVWrOM5084jNxPcBDw16BiLA2luePd14jMnSutMdj4ebkide8kVzlFESYAubV8XKDe6QadavY0lNbLs8KPZZnp-_hamYiV1grhq7UJLF5qsmbLzeGjOfsP5Q76TpGHGi8u6mb5_RAgJfoYVpKsBsK41S1mbYCaJp6phuRImzcNwvNblKtqllr_ujJCDdMVdBPwpB8NaTO-AFjcQORDNmFcWNAhnadh8ihJFybr7snrg5XOT9HwY_R4AQBgAbM94mB96m_zKEBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTEwMTQ3NDU5MzE2ODc0OTKACgP6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItMTI3NDQxNjM1MzY5MzU5OA&sigh=RLbmr5w1LP4
Requested by: Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET creative
tracking.m6r.eu/impression/ Frame F309 0
0

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame F309 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com
URL: https://d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 08:04:36 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8738 1 KB
749 B 6ms
5ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com
URL: https://d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 13 Jun 2021 09:02:58 GMT
expires: Mon, 14 Jun 2021 09:02:58 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 83094
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F309 122 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com
URL: https://d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:52 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame F309 13 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com
URL: https://d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:02:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 08:02:30 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame F309 0
0 14ms
13ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQopE1EQieTu9ax7A6LJD6M02-KYF3mKfmTEPRaaTcEKgclvFpdDLSXOs5WJPA7Xssh6yD9sL7WXKKmENvB7TZx2qv8Ww
Requested by: Host: d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com
URL: https://d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F309 22 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com
URL: https://d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 10:06:35 GMT

GET
H2 200 yap.js Show response
s.yimg.com/av/yap/ga/ Frame 3D1F 69 KB
22 KB 23ms
9ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/av/yap/ga/yap.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/mobile/production_flurryTag.html?adid=d3ba746a-82fb-4032-b01e-ccb4c304c69a&width=970&height=250&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 07:28:38 GMT
content-encoding: gzip
x-amz-meta-created-date: Thu, 14 Jun 2018 21:01:51 GMT
age: 2355
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1529010111289407
vary: Accept-Encoding,Origin
x-amz-request-id: TW6ZKV1S0XJF66DY
x-amz-id-2: dsLfVFLWXFuky+kUVPcL4CdgWc4UyqFy63IgIK8bAcl7jc5pLiagmSV4k9BTyguOVqXTNBsr6Lg=
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 20:24:03 GMT
server: ATS
etag: "dc33089f908605f46038b49337653924-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,stale-while-revalidate=30,max-age=3600
accept-ranges: bytes
x-amz-meta-x-ysws-access: public
x-amz-meta-mbst-etag: "YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-content-type-options: nosniff
expires: Fri, 22 Jun 2018 21:24:02 GMT

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F940 318 KB
112 KB 15ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:52 GMT

GET
H2 204 /
ads.viralize.tv/track/ Frame F4AD 0
39 B 18ms
17ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A7%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ebcce79bdd6998a593b5c3a9c3d841%3A0%3ANTU1OPkpEx5nemgF~wp9sc1%3A0%3A0~1%22%2C%22creativity_session_id%22%3A%220~1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22google_viewability_measurable%22%7D%5D
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 61E1 61 KB
21 KB 17ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 290 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:52 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7BDC 42 B
64 B 30ms
30ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1YztkbVhAoBhC2jX5ULIdLzRpeqnZIwvYYJJ9vWqsziVcPFfnKpNn6vRkNbQvpOnp6osXp2dRSvA19oNcWvxapB8xs3KTvVy5LsN4X7MJL-4FHXysghDVjBVfjdwJA73n6tr7if2z_2ct9B_aMdUH&sai=AMfl-YQ2f-hsu8JSk43JAwrkINPL5x5dsTtpjC6VPzP4IR4V3d-in8N9PlWFSAb99NOzS-DlRTKqCI8K9HODtnHnOhcqXVx0xtXuxpnAPhjP5pwbk0Gqvv_IXaKM0hQ&sig=Cg0ArKJSzJe9QUhCwjtSEAE&cid=CAASF-RolqwYuSXn6vPjmSBHB3vvF-fLPwPv&id=lidar2&mcvt=1161&p=0,0,250,250&mtos=1161,1161,1161,1161,1161&tos=1161,0,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3271745543&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1623658070814&dlt=280&rpt=584&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ace323fbc6b683616a99f0f08b6daf8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 7B48 62 KB
21 KB 15ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: nichools.com
URL: http://nichools.com/t.js?i=bdsfyu86g9gsdn1e02&cb=1433201623658072117

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd56c87dbd42ec5efef8e0fe40728cfa889cac7e9b80dc50b58c10063ae14d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 807 of 1000 / last-modified: 1623449396"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21627
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:52 GMT

GET
H/1.1 200
OK Cookie set async_usersync Show response
nichools.com/ Frame EE6F 9 KB
9 KB 70ms
70ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/async_usersync?i=bdsfyu86g9gsdn1e02&a=5a0c5fe6acd05e6588763d6a638269b91&cb=8051131623658072515
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=bdsfyu86g9gsdn1e02&cb=1433201623658072117
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 2a19a2212a1b385cfc8f7ce51f5b39fba14aa89bcf368032c73a31047eb611ae

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:52 GMT
Set-Cookie: SSID=95cf90cbc0fb0385358d23f590b8e93e307214b6; Path=/; Expires=Wed, 16 Jun 2021 08:07:52 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 a776ddd883fba0ca203b52822fb50572.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: 2GqEN0tfBPP2xzcFHKWhTslWRfAok7fDGquH_8tJs2e_bACrU25euw==

GET
H/1.1 200
OK Cookie set syncro Show response
nichools.com/ Frame DBF2 2 KB
1 KB 71ms
71ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/syncro?i=bdsfyu86g9gsdn1e02&a=a3470d651e2f2c2242e8d9613fe995515&cb=9188441623658072518
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=bdsfyu86g9gsdn1e02&cb=1433201623658072117
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 75ca39ef98b437ddf210f46ea88f8ccf1265e6457b2b129734978c4a7f4a0ee8

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Date: Mon, 14 Jun 2021 08:07:52 GMT
Set-Cookie: SSID=48dd05d58b406a3eb86b668d3293c9c2d7a81eed; Path=/; Expires=Wed, 16 Jun 2021 08:07:52 GMT; HttpOnly; SameSite=None
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 c2756f406c0dc2bb176f6e2181d7607e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: aFf9wW2LIRxbVfID22cggc5wMhzIMl3fwQblyhMIRehu-mVq08Va4w==

GET
H/1.1 200
OK Cookie set sync Show response
nichools.com/ Frame 9881 9 KB
9 KB 69ms
69ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/sync?i=bdsfyu86g9gsdn1e02&a=308c3bf9c94b1a8c9c7d0e8cf14e2b811&cb=3084121623658072520
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=bdsfyu86g9gsdn1e02&cb=1433201623658072117
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 2a19a2212a1b385cfc8f7ce51f5b39fba14aa89bcf368032c73a31047eb611ae

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:52 GMT
Set-Cookie: SSID=ac7bd70f91412be7407a28d5218461240b29e403; Path=/; Expires=Wed, 16 Jun 2021 08:07:52 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 40e8cff7eb9a18d9e3d7f191f1493514.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: Gb6VjI8bF66wBxfDTv0WtLFkL0nYO0d19Sr802uLkbo2UGvqUF3oBg==

GET
H/1.1 200
OK Cookie set usersync Show response
nichools.com/ Frame 067A 2 KB
1 KB 69ms
69ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/usersync?i=bdsfyu86g9gsdn1e02&a=3d82bab48f3e81ef9d78200b8f112b5f9&cb=1841901623658072521
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=bdsfyu86g9gsdn1e02&cb=1433201623658072117
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 54336ff1d5ed61951ed1a8355c27220d7411c7e71d8ba74400add71db28e9c36

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Date: Mon, 14 Jun 2021 08:07:52 GMT
Set-Cookie: SSID=97d0aefe40fe4565f5f8e9f64c94073e5b262840; Path=/; Expires=Wed, 16 Jun 2021 08:07:52 GMT; HttpOnly; SameSite=None
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 6c9f184c491eed5c51abd110e89bd97b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: PfWkdj1ya3XsRQ3JUquGucOk7eaumbY5T9kFQYU18DJ73rKDzum9mw==

GET
H/1.1 200
OK Cookie set stat Show response
nichools.com/ Frame D979 9 KB
9 KB 68ms
68ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/stat?i=bdsfyu86g9gsdn1e02&a=709b7e811fc940f8135818fd0d1c581f3&cb=6380811623658072522
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=bdsfyu86g9gsdn1e02&cb=1433201623658072117
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 2a19a2212a1b385cfc8f7ce51f5b39fba14aa89bcf368032c73a31047eb611ae

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:52 GMT
Set-Cookie: SSID=234f9ac34101d988322562438d806f8d0275f573; Path=/; Expires=Wed, 16 Jun 2021 08:07:52 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 08fee972d33a4bc475aad82a2fc199cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: cCp3t8KwwQcjTfIb4CTkWg9ZLNemikWeJUJfNZq915C0wYPgkL6_tw==

GET
H/1.1 200
OK Cookie set async_usersync Show response
nichools.com/ Frame 5CB4 9 KB
9 KB 69ms
69ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/async_usersync?i=bdsfyu86g9gsdn1e02&a=4515e380c4149cdb47fd7d16b9ee55da3&cb=6174071623658072524
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=bdsfyu86g9gsdn1e02&cb=1433201623658072117
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 2a19a2212a1b385cfc8f7ce51f5b39fba14aa89bcf368032c73a31047eb611ae

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:52 GMT
Set-Cookie: SSID=354a9a28e4703167e44e70a054f5d47ebc1ac1f4; Path=/; Expires=Wed, 16 Jun 2021 08:07:52 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 c2756f406c0dc2bb176f6e2181d7607e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: ssh-uC-d5GeTH4mWKEYGE6bLh_aVxaRfCEIHz326n9PgGWMvqGPc9A==

GET
H/1.1 200
OK Cookie set stat Show response
nichools.com/ Frame 77C3 9 KB
9 KB 138ms
77ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/stat?i=bdsfyu86g9gsdn1e02&a=ab6a3b2224aeb0b660adc3acede22dda1&cb=6925221623658072525
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=bdsfyu86g9gsdn1e02&cb=1433201623658072117
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 2a19a2212a1b385cfc8f7ce51f5b39fba14aa89bcf368032c73a31047eb611ae

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:52 GMT
Set-Cookie: SSID=88c125392239dd31b40a126dc027c50ae32ab5c2; Path=/; Expires=Wed, 16 Jun 2021 08:07:52 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 a776ddd883fba0ca203b52822fb50572.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: EABtQYhkwuUGBbB-vI0247oLcRgFHh7EW8pnDgIQf3kDyeW3B37xPg==

GET
H/1.1 200
OK Cookie set usync Show response
nichools.com/ Frame B080 9 KB
9 KB 146ms
84ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/usync?i=bdsfyu86g9gsdn1e02&a=59c79c030777b63a2ca73dfbc20d339e5&cb=2688121623658072527
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=bdsfyu86g9gsdn1e02&cb=1433201623658072117
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 2a19a2212a1b385cfc8f7ce51f5b39fba14aa89bcf368032c73a31047eb611ae

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:52 GMT
Set-Cookie: SSID=eccd6b3957e4540ecef7b07452e192898fb1a1b0; Path=/; Expires=Wed, 16 Jun 2021 08:07:52 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 c2756f406c0dc2bb176f6e2181d7607e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: v4d4cOiQwpwqjl7Ippd8zfhdGAEjpOdbb-Wk50H0QZvHOEucGb42dA==

GET
H/1.1 200
OK Cookie set stat Show response
nichools.com/ Frame 0EB1 2 KB
2 KB 170ms
109ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/stat?i=bdsfyu86g9gsdn1e02&a=85dc0a40cdabdf79cae78dee359d45d85&cb=1173681623658072528
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=bdsfyu86g9gsdn1e02&cb=1433201623658072117
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 2b75059c4cce36b91ba9bdcbe76e561df952706b3ee6af778e42696b39d76775

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Content-Length: 1680
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:52 GMT
Set-Cookie: SSID=e764077c8bcfb217d3b2e3ea2f3251cd10ab3af0; Path=/; Expires=Wed, 16 Jun 2021 08:07:52 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 40e8cff7eb9a18d9e3d7f191f1493514.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: 2pY_qCXku-HHnnvOZcAp2gqm9RH5aF5ICXoxGEvPmgYxA-DNrCpGog==

GET
H/1.1 200
OK Cookie set counter Show response
nichools.com/ Frame CC39 9 KB
9 KB 143ms
82ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/counter?i=bdsfyu86g9gsdn1e02&a=c291520dd1659ed52de4694ec3aafe769&cb=4287301623658072529
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=bdsfyu86g9gsdn1e02&cb=1433201623658072117
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 2a19a2212a1b385cfc8f7ce51f5b39fba14aa89bcf368032c73a31047eb611ae

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:52 GMT
Set-Cookie: SSID=2aedd164bb344e717fc7a617709a4b888ab459ff; Path=/; Expires=Wed, 16 Jun 2021 08:07:52 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 6c9f184c491eed5c51abd110e89bd97b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: YsWkQcK0ZEM4YPJ4bUIaCIA-Y8ZYeDVEURhZAHaB45QR-4SzcJiRbA==

GET
H/1.1 200
OK Cookie set stat Show response
nichools.com/ Frame 60E1 9 KB
9 KB 143ms
82ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/stat?i=bdsfyu86g9gsdn1e02&a=fd303e746d713aa876b41ea7a757f5771&cb=3044041623658072531
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=bdsfyu86g9gsdn1e02&cb=1433201623658072117
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 2a19a2212a1b385cfc8f7ce51f5b39fba14aa89bcf368032c73a31047eb611ae

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:52 GMT
Set-Cookie: SSID=96c2fb2804ab795fa0e1c44100e57c29e0f4f02b; Path=/; Expires=Wed, 16 Jun 2021 08:07:52 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 08fee972d33a4bc475aad82a2fc199cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: VLzPMmddTt5ltXIfuLjLmmGLT7iXmAgEWz3Kb-MHrfigCu3j_lZe1w==

GET
H/1.1 200
OK Cookie set syncro Show response
nichools.com/ Frame 1F61 9 KB
9 KB 165ms
104ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/syncro?i=bdsfyu86g9gsdn1e02&a=e86995c3ab7255d0309bc17b4d95628b5&cb=3797651623658072532
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=bdsfyu86g9gsdn1e02&cb=1433201623658072117
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 2a19a2212a1b385cfc8f7ce51f5b39fba14aa89bcf368032c73a31047eb611ae

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:52 GMT
Set-Cookie: SSID=61bf63dab2b60c308bc2c154ad2b44aab616debe; Path=/; Expires=Wed, 16 Jun 2021 08:07:52 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 c2756f406c0dc2bb176f6e2181d7607e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: oliiOEA9dTGKscoQax6BHAZLvn31-oRzahAJ03UHAg_Y2-dKXUy5Gg==

GET
H/1.1 200
OK Cookie set counter Show response
nichools.com/ Frame 39A6 9 KB
9 KB 216ms
80ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/counter?i=bdsfyu86g9gsdn1e02&a=3f44370d5e0a4599fd8739ecf35584f71&cb=9772811623658072534
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=bdsfyu86g9gsdn1e02&cb=1433201623658072117
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 2a19a2212a1b385cfc8f7ce51f5b39fba14aa89bcf368032c73a31047eb611ae

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:52 GMT
Set-Cookie: SSID=7fcf86c4bc5daa118e5e528cdb29cc4ecdf7ec94; Path=/; Expires=Wed, 16 Jun 2021 08:07:52 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 a776ddd883fba0ca203b52822fb50572.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: F4v3C9fJaoywA6H8Put-M3xIyrkRXykxUHngNhWKB22xVjPhBkIG6A==

GET
H/1.1 200
OK Cookie set sync Show response
nichools.com/ Frame 6D9F 9 KB
9 KB 219ms
78ms Document
text/html 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nichools.com/sync?i=bdsfyu86g9gsdn1e02&a=639b5843ddce7790664d1bb76d6f796c7&cb=5855691623658072535
Requested by: Host: nichools.com
URL: http://nichools.com/t.js?i=bdsfyu86g9gsdn1e02&cb=1433201623658072117
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: 2a19a2212a1b385cfc8f7ce51f5b39fba14aa89bcf368032c73a31047eb611ae

Request headers

Host: nichools.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 Jun 2021 08:07:52 GMT
Set-Cookie: SSID=9d3eed14d1643d5e3805b40a824f9fe338fa345f; Path=/; Expires=Wed, 16 Jun 2021 08:07:52 GMT; HttpOnly; SameSite=None
X-Cache: Miss from cloudfront
Via: 1.1 6c9f184c491eed5c51abd110e89bd97b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: fVOZ529L_CGbhclcOgJhpTeTzUjCXK0lwDt-MW0-f3WLKixxPEObjw==

GET
H2 200 cht_cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame D786 807 B
596 B 14ms
14ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: http://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678

Request headers

:method: GET
:authority: cdn.aralego.net
:scheme: https
:path: /ucfad/cookie/cht_cookieSyncIframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-type: text/html
last-modified: Tue, 11 Aug 2020 08:15:02 GMT
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 6898
cf-request-id: 0aab2921e900002b89da29d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FoP%2FGyUCpYFlWGIHQaDJkcWbDTYsFzcxSP3ozhffAC9FQNdCgU60epvX42gKzUifvtB6GAAQwQX57b5QplPPVVvm6%2Bo7HgMtoM9x0%2B5mIEhgUKgf51mIWPHSW6sYm8fS5%2BeySsgHosk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 65f211497e972b89-FRA
content-encoding: br

GET idsync
sync.aralego.com/ Frame A0FC 0
0

GET
H2 204 /
ads.viralize.tv/track/ Frame CB71 0
39 B 16ms
16ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A10%2C%22category%22%3A%22player_session%22%2C%22session_id%22%3A%2201ebcce79bdd7dc85520296cfcecfeb1%3A0%22%2C%22player_session_id%22%3A%220%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22activation%22%7D%5D
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 200 / Show response
ads.viralize.tv/t-bid-opportunity/ Frame CB71 0
83 B 20ms
19ms XHR
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/t-bid-opportunity/?t=badn&zid=AAC95piwLXRmBuZQ&sid=01ebcce79bdd7dc85520296cfcecfeb1&u=http%3A%2F%2Fb.travelmiso.com%2F&item=NTQwNs9nJm8x8tBB.3.wp3sc1&item=NTQyOBO98FjUSrAS.5.wp5sc1&item=NTQ3OExxtbZk4FXJ.6.wp6sc1&item=NTQwNs9nJm8x8tBB.2.wp2sc1&item=NTM2MrlOxTlfWrqK.0.wp0sc1&item=NTQ3OExxtbZk4FXJ.7.wp7sc1&item=NTQ3OExxtbZk4FXJ.8.wp8sc1&item=NTM4MAXAemnh4ynA.1.wp1sc1&item=NTQwNs9nJm8x8tBB.4.wp4sc1
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: http://b.travelmiso.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 json Show response
trc.taboola.com/travelmiso300x250gr-r19505065/trc/3/ Frame F676 5 KB
3 KB 90ms
88ms XHR
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/travelmiso300x250gr-r19505065/trc/3/json?tim=10%3A07%3A52.582&lti=deflated&data=%7B%22id%22%3A505%2C%22ii%22%3A%22%2Fusersync%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1623577571216%2C%22vi%22%3A1623658072581%2C%22cv%22%3A%2220210613-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fnichools.com%2Fusersync%3Fi%3Djvz1bqas4afbza0812345%26a%3Df806503c39db99c77ecab4df904769a71%26cb%3D8764801623658069159%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22qs%22%3A%22%3Fi%3Djvz1bqas4afbza0812345%26a%3Df806503c39db99c77ecab4df904769a71%26cb%3D8764801623658069159%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2219505065%22%2C%22orig_uip%22%3A%2219505065%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210613-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 160e1b9e8766f1155fdc6d4353fd53060102de2cddddc65a0806c3d1c9d3abff

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 70
date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
server: nginx
x-timer: S1623658073.589700,VS0,VE70
x-served-by: cache-hhn11522-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://nichools.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D6DF 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060901&jk=3518669369014361&bg=!LC-lL2vNAAY6sG-_OrA7ACkAdvg8WpgCAVEx0dEiW0hPoeh8TnTszRk4SyjSVWn_gAoRy59iP9_Q_wIAAAQzUgAAAJloAQcKAMFTca3cMSDpEHRQ37xa7PaIyj8wU5KsrkKZ7WWBO1qmjpPZ79HUZPpuzK02Wjca5K_VYSwrwGpJbVj4qzU6rWif6jFUxO7ZF5C9d-ovXrzYE5iNmJfnw7G5H4mPebhYpSfDYQMw5GYSr1c9z1pirBJUS7HaJ0qznY8zUe5-IzMAeX1LsEmrGdcJCOASoGFG4kyhI6IM6nz3663cylKtP1ktbpYMFJHEBs_UHiI4aqw8IKrXkda4-am7iKJqUEPqDaYomQK0JwFT8ZpFMCuEp63ujxGDgq6G5F75pbbKe3vrEfoBFLL20G_UFYdt-Z2xc1CBCQntbCO6cO_cvFIjFo-L64MR2OUYoR9HWGRPI9itc8ai_lLiQhdL9Jp3k6QC80K_E0NXeVUe6ggSiGGjX2oholY60KuvxVfy6gq9lgXMrju26uJQMHidtFzzmUZx0iJ8i0QommLyYwvR2XBmEhhSkjuQhF1X_6zNM11zXV9cFbG7JQ-gyLpMcTDdbY2ZQdAwjTv6xoafsPFqBICRAKbhZQqc174ktUhs98FFlPTVpMCa30qG_GnmdOar3Iq3xLqVOER-TVBEUQGOFI1lOx_pxE9a1_Bfezv6PMvLXNTFA0DqjlyPFNamvcIodLQPG61IEZhRqjb7qOB5A5COnJ-2l8tY0lb1NYIrgcMpN4oR72YjefNF9sMIG9O1S9hN2JNQCqG0ZIKhAPsnKbB1nHi7hJnUXKtg19_kFoXvHjI9FwCwIpi6ejAtbCpJDiBw98_ABR52hB_ByTR6L9D0OiC5uPRXEkASl-C_cDDQJF31jOwfuLYLW3X5bWbwGgXZ8uCR8GB82Z4CS4ZayduBUxmdy6AMMowEoDMO4yfD1sXWBuvR3myWdsC4kjhHFXGAUSYw6KZiFmsYZu0U456Y6TyZgJFj24TjeIGx30EXeEryF9Smc9U60glvOdnz2CxhWtxIvFcScsa1PrAhCf50QmOeumZfe1nkYUIAVhLUVg1h1wDoWfW-6PcxASpBF9HaUq9Q76ufH5borPaUGaftZsC7fyboA2wQJKsvoU8hU5PX10xu4bMdkIjdUOM5wDbxWIqf-kMk5FKWR3hXNeab-JPH818qtvyqaNsFldzeBVtocLBI40VX5zwtlRPhl01S0e4cYCjE_1-9UXuCRkl0f5yeXv3I9dYE1Q0

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 62B9 2 KB
2 KB 26ms
25ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1jdxebtrge6tfkgak9az0g4vby831prcj5dhbvhjr0rd6hpkt9fapse2nb1m9p1g86qjkt1yka2ektqfp2523371vwe6fzfb0eeesf12z6ztejwbw4gjgbzgsd7ax40mxag0fm3q8k1ex5fxjtk85azfw5c7azrzdh339d6b05p5tf4h1k6xxhhev45c8cpsrf3t59yjbgztvgjy6nhb9ypagj749jp75654a7k1d6zrzzgrdgsw1wev02qk4ascddj0g31fvj9d5bcsttqwv698tttag3cdzs9a709yesbmmczve4wbaf2rfb2fd0kbhp5pg9eq4ck24b1fa5akt5fz4xsptvygzjrfx91f9s7ttfyw4sqt7rv6k0t96&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfwJYVg7HYImTNZue7_UP54S48AKQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4NTU1MjgyMDMzNDU4oAHCrujdA8gBCakCfsYep6lQtD7gAgCoAwGqBP4BT9C43mIr6w8v0b0rcQEPNiQq4ribNYWq6uxXftWtAOaFBtI-gb0OIAS6J1XLswb5y75_zhxb209IDGmCKnFAr6AE8AoJuybz4YYUQotibqiLZO0Yp0gv8BPlEAuficaZXLdeAIPvWb1dwnsipQsO4kJbAxTDyDMYAJDkZpkL4jniVPrcFW6qA5TklOQAbuXpeHJW2HAmP0HRqQxfMfrFr47ltaBSY_JF9oBZvuXBgoU9zLTYXbOWtqWOgwzcSDeW6pTqDvV34-jI0pRzffytOTND0Mvut0FHixQef8LJNAdigW-OFXHl6bLPcKY2zSR6apz8Q1owc1nFuT58gF_gBAGABv6UqZKnj8n4_gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLECqAeKnLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNjA0MTczNjczNjIxMjU5M_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0bLc6SrNi_hgcOKB9GWljWgcHf_g%26client%3Dca-pub-7538555282033458%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1jdxebtrge6tfkgak9az0g4vby831prcj5dhbvhjr0rd6hpkt9fapse2nb1m9p1g86qjkt1yka2ektqfp2523371vwe6fzfb0eeesf12z6ztejwbw4gjgbzgsd7ax40mxag0fm3q8k1ex5fxjtk85azfw5c7azrzdh339d6b05p5tf4h1k6xxhhev45c8cpsrf3t59yjbgztvgjy6nhb9ypagj749jp75654a7k1d6zrzzgrdgsw1wev02qk4ascddj0g31fvj9d5bcsttqwv698tttag3cdzs9a709yesbmmczve4wbaf2rfb2fd0kbhp5pg9eq4ck24b1fa5akt5fz4xsptvygzjrfx91f9s7ttfyw4sqt7rv6k0t96&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfwJYVg7HYImTNZue7_UP54S48AKQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4NTU1MjgyMDMzNDU4oAHCrujdA8gBCakCfsYep6lQtD7gAgCoAwGqBP4BT9C43mIr6w8v0b0rcQEPNiQq4ribNYWq6uxXftWtAOaFBtI-gb0OIAS6J1XLswb5y75_zhxb209IDGmCKnFAr6AE8AoJuybz4YYUQotibqiLZO0Yp0gv8BPlEAuficaZXLdeAIPvWb1dwnsipQsO4kJbAxTDyDMYAJDkZpkL4jniVPrcFW6qA5TklOQAbuXpeHJW2HAmP0HRqQxfMfrFr47ltaBSY_JF9oBZvuXBgoU9zLTYXbOWtqWOgwzcSDeW6pTqDvV34-jI0pRzffytOTND0Mvut0FHixQef8LJNAdigW-OFXHl6bLPcKY2zSR6apz8Q1owc1nFuT58gF_gBAGABv6UqZKnj8n4_gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLECqAeKnLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNjA0MTczNjczNjIxMjU5M_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0bLc6SrNi_hgcOKB9GWljWgcHf_g%26client%3Dca-pub-7538555282033458%26adurl%3D

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Mon, 14 Jun 2021 09:07:52 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1854716
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
cf-request-id: 0aab29221100001f410181b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=u6R5ORoIcNArrx3aO00A%2Bb4JjR6%2FwodEopnZDttmftvVB4YJZGnsY9ZFCJVCupE%2Fr1FL7HfqymFH%2FTtDBk0iVGl9pkNgU7zp5XB0QKCk0rHoAkS42FBYM%2FDjQuabfZiC"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 65f21149b8e41f41-FRA
content-encoding: br

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 6961 38 KB
14 KB 61ms
60ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=27873
expires: Mon, 14 Jun 2021 15:52:25 GMT
date: Mon, 14 Jun 2021 08:07:52 GMT
vary: Accept-Encoding

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6CE3 42 B
64 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstc394iEvWPv00TrYgbULvxVLSgEK5qHdS-hdSSOhGFxFSWe9-QhOCdnUqT5KN2KJmKda2tBE3L_BafB5J20Lf9I9RVJJyW6SB-HLIssAE&sig=Cg0ArKJSzEV2_45YR2zGEAE&id=lidar2&mcvt=1173&p=0,0,250,300&mtos=1173,1173,1173,1173,1173&tos=1173,0,0,0,0&v=20210611&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2297083023&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1623658071167&dlt=0&rpt=323&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame BBD6 38 KB
14 KB 69ms
69ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=27873
expires: Mon, 14 Jun 2021 15:52:25 GMT
date: Mon, 14 Jun 2021 08:07:52 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK adponegeneral040.js Show response
s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/ Frame A22C 7 KB
8 KB 42ms
42ms Script
application/javascript 52.218.96.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/adponegeneral040.js
Requested by: Host: s3-eu-west-1.amazonaws.com
URL: https://s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/adponegeneral1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.96.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 28dbb07338d3da53dded0c412a60bc485bf9e4313cd660d147b6883fe1812ab2

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:53 GMT
Last-Modified: Sat, 09 May 2020 19:46:49 GMT
Server: AmazonS3
x-amz-request-id: GHAM7NZ0J62H9W1Q
ETag: "415057e7cb42c8722ffcad2c10947985"
Content-Type: application/javascript
x-amz-version-id: CX9eJEAtZXDaRBFa5IbF8xKYfTA4Hcr1
Accept-Ranges: bytes
Content-Length: 7463
x-amz-id-2: AfXlQri8/4EV8ZdyJPATtLF2uFqThc5kzSLfZT+Hh3MoU8NmKOy3N8HPu01TbnwpJ8/Rg8iOvnQ=

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame D2A4 38 KB
14 KB 78ms
77ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159249&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D53%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159249&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D53%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159249&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D53%26uid%3D

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=27873
expires: Mon, 14 Jun 2021 15:52:25 GMT
date: Mon, 14 Jun 2021 08:07:52 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame B7DA 38 KB
14 KB 70ms
69ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159249&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D53%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159249&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D53%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159249&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D53%26uid%3D

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=27873
expires: Mon, 14 Jun 2021 15:52:25 GMT
date: Mon, 14 Jun 2021 08:07:52 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK proxy_245522.js Show response
media.innity.net/adnetwork/house/pub_244/ 2 KB
1 KB 40ms
40ms Script
application/javascript 104.111.224.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://media.innity.net/adnetwork/house/pub_244/proxy_245522.js?ord=[timestamp]
Requested by: Host: cdn.innity.net
URL: http://cdn.innity.net/global.js
Protocol: HTTP/1.1
Server: 104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-224-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b84b9edcb05bf068439498cf79d321ac6612cda223ae06bd7f8165533ffd98ae

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 14 Jun 2021 08:07:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 09:14:17 GMT
Server: Apache
ETag: "961-5a56fe35a280f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 987
Expires: Mon, 14 Jun 2021 08:37:52 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D73 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060901&jk=2587445608800475&bg=!BAelB0PNAAY6sG-_OrA7ACkAdvg8WmyOZ2xCRvbjHBMEsCuMHQzdP3XUOJOcD7l4vKmzB-pZxBcZKAIAAARFUgAAAKloAQcKAGVPZAU6knklSY3bSYYDmbJEjjvXvxoecu78k5dEU1raNdZFMDpVB4cXHJL8UYyShZNOCUcfwFYHqpZo07I-pTPA3OQAb06T3rgEPeyHsCh5txAR2z1b0ibnlaqkoobF1OuJ9tiIY5kCnQCY1RaeIBijGWnk1ghTfDQskeFnMklHsjGqyhGIj3UYs3KZ_BAxNLMe_Qc20Dzb8YrUse3cIQRu55Tb63WJDMYuoy2Gykl6_j9wejBPjb-Ciq5FMWRQlcdaWOvCh2WXbPNvFMCZr5ksoe-Ur7kTjAVQAxjCVaNPpCV0LzX7CwGzs6eABt3rOMq5N5PqHzl9dW0I_sEdCQ54eHJZir3UIN3VuVlKR3-bIfXBYzq-E8xIwn-DS2L-53NMXim_cTltfNfzGxiD0XMwYbae6yGrDYqaU_AsPDrXrwGy_0p1SNNEnk6X21aQWIhziHrOO5fJOuatjs9bny57I5QBPaSw8EzR9AtRf94vn_Lx_npN9kwGslnQvdCVUf4WdpQvQoZGAqzf5leVpPZPCGTNAqajExsJm4kFC6ikfgTfukFKg70EbHfKlW-BtYvC5WMK24sempS_a8Oh2g4z9_FD7TJ2mJdyhKYzRUDzcAQNsO4uOuPKCdefw-AgX3vQR-rMK-MGI00NvELlhLOrZWD1a-27DmRl4BGS6ac2MNBsSTKuJ-b-TSMRD8PCBbGvlQP0PJkZfC_yyXTSbtCDHEu7j3pJuBuGoX1DhGhFLS4vccwbZtW6m31G1s_YxJxn3bRG02uFpbMahUWHk-UL0gJNzelKkSk2VkmIQj-rf705UDv0h9S-sP-CexFP4TcC9Nag6wsLdawi6OnXi56yuDTlMPwsMmNG2DrqCeKLyOB9HluZyD4mvyCzYaHsGjuS424WQ0ed4gqzYSiTrTQHWKp3ucrwx0TNO8wRK8UPvvCT-KEFDc2uL_VZRlEjtETQZJzpe61KtsjrjHbLFezsgpvgQvqIv2wFeYXOW53J7OUrQMO7WT_5IeRrHoXzqejWSaZ2YQ

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B4F5 42 B
64 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssGcmxaLS5g4VtcPnXyFqvxCG1LlNTyfYZVZf_o5yTrs9GHBNNp8fZQp3tMzHXtliEQc_l7wE8XEjXiQa8mmBCzVrdw_TlvZdwXZcVkxF0&sig=Cg0ArKJSzHSA9O6bxWXnEAE&id=lidar2&mcvt=1137&p=0,0,250,300&mtos=1137,1137,1137,1137,1137&tos=1137,0,0,0,0&v=20210611&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2386355533&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1623658070614&dlt=0&rpt=336&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame E149 83 KB
27 KB 46ms
16ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Jun 2021 08:07:52 GMT

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8AE7 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 15:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 15:49:47 GMT

GET
H/1.1 200
OK pxl.jpg
nichools.com/ 597 B
1 KB 70ms
69ms Image
image/jpeg 99.86.241.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nichools.com/pxl.jpg?i=bdsfyu86g9gsdn1e02&s=783&p=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&rstk=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&h=3521851623658072726
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 99.86.241.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-122.vie50.r.cloudfront.net
Software: /
Resource Hash: af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:52 GMT
Via: 1.1 c2756f406c0dc2bb176f6e2181d7607e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Cache: Miss from cloudfront
Content-Type: image/jpeg; charset=UTF-8
Connection: keep-alive
Content-Length: 597
X-Amz-Cf-Id: d_5XHuOlL9NHHPRlkk4eimS0Peq2qxAsUTDpByPFxpb4HNKp3xSV7w==

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 7514 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 15:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 15:49:47 GMT

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 3444 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 15:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 15:49:47 GMT

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame C19A 14 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 15:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 15:49:47 GMT

GET
DATA 200
OK truncated
/ Frame E89E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fef600b091732ce9e837b584ca783db834f7aeb1de508ad6531f128a41481c60

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame F940 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame F940 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F940 357 B
200 B 179ms
178ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3066686480369020&correlator=288694764208220&output=ldjh&impl=fif&eid=31061040%2C31061223%2C31061151%2C31061155%2C44740387&vrg=2021060801&ptt=17&sc=0&sfv=1-0-38&ecs=20210614&iu_parts=53015287%2Ctravelmiso.com_d_300x250_2_dc&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie=ID%3D79a2f6b1aefcf0ef%3AT%3D1623658069%3AS%3DALNI_MZoxHzK7RPU6Cg0jzzgpyfVQnW1Yg&cdm=b.travelmiso.com&bc=23&abxe=1&lmt=1623658072&dt=1623658072743&dlt=1623658072203&idt=535&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=619&adys=265&adks=572549779&ucis=ypoa7zmw0nwj&ifi=1&ifk=1259373216&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=http%3A%2F%2Fb.travelmiso.com%2Fads%2Fyl%2F300x250-btf.html&top=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=1203007611.1623658073&ga_sid=1623658073&ga_hid=540249718&ga_fc=false&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

cafe /

Resource Hash

2ced88ad33aa4738a9e30ca3e3b56e7519e6c187ec1810406a196db484d55c2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F940 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 259470dc65bff04462d0381a02499394d6f5185315bf450107b6fd34c10d1127

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame E3CE 58 KB
59 KB 46ms
45ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1j89pc4zfp7pm30ft351w97ma21panxv3cc4rd890p1cxj0fk1c5eqdbcqbdvza1g801rxnfebcbk64m70dbcdgxsrn1e36rceh2f9z71bw5sj1m00evnz8qqa9tbscb911gwtbz6sxmzy7z6zkrqw7ra57887n7g64v49fd10zpe1xxprjpbrys4mkxmhye38qj3esh4qwyrf5ggxz48z009w98vep0r25qgbyt2am84x2b080h6j37h2ab280t7zgtwd408ng1w2f1q8e9eryh9hgv37g2d30ragyp5q2a1a00h2kbhmffxqg3j8x977cbmppacyrpss496dpf53j0rearagywv3asgde5466xfpzw05xzkq4q8wtqe&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG5r7Vw7HYOSRBbuT7_UP5sG_-AeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04ODA0MzAzNzgxNjQxOTI1oAHCrujdA8gBCakCfsYep6lQtD7gAgCoAwGqBJkCT9CO9x-j7Xf60Mrc02sXWj3LnW4USrh-y_1o35utncZo_kg7pjwW9vccWy-1SxT58zlvqwGChL4JbKCmh-9GynvyWq60UuQhjjZErOenjfbM03g4K6Mo8SfV7km6Wju3TFtc_CwlHxe5CipjJZZRCTTNzhisOZhl1uwyQNao9ORGpT3nm1AiYcT-44UwoepOGR9c7NAbuVAdUhsj-BSPIiLrWwes0OfFo84oZhk4bduy56SxDj4eczpRU-6xF0pvWbsx6AunWv3SfYe-Iye68cuM3eVuwJUtoN4laI3FgoG07_g2AUN93QYFblbw3Mrsg3ef4tmoyfcmo10-lYPvz2l-pFyu27qvxH_I6hm-JuHOlumV7cqz5uTgBAGABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzgzMjc2NjM2MDU5NjUxOPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1cpuX8GbsUAm09Uur8NbdB7DegXQ%26client%3Dca-pub-8804303781641925%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1j89pc4zfp7pm30ft351w97ma21panxv3cc4rd890p1cxj0fk1c5eqdbcqbdvza1g801rxnfebcbk64m70dbcdgxsrn1e36rceh2f9z71bw5sj1m00evnz8qqa9tbscb911gwtbz6sxmzy7z6zkrqw7ra57887n7g64v49fd10zpe1xxprjpbrys4mkxmhye38qj3esh4qwyrf5ggxz48z009w98vep0r25qgbyt2am84x2b080h6j37h2ab280t7zgtwd408ng1w2f1q8e9eryh9hgv37g2d30ragyp5q2a1a00h2kbhmffxqg3j8x977cbmppacyrpss496dpf53j0rearagywv3asgde5466xfpzw05xzkq4q8wtqe&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG5r7Vw7HYOSRBbuT7_UP5sG_-AeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04ODA0MzAzNzgxNjQxOTI1oAHCrujdA8gBCakCfsYep6lQtD7gAgCoAwGqBJkCT9CO9x-j7Xf60Mrc02sXWj3LnW4USrh-y_1o35utncZo_kg7pjwW9vccWy-1SxT58zlvqwGChL4JbKCmh-9GynvyWq60UuQhjjZErOenjfbM03g4K6Mo8SfV7km6Wju3TFtc_CwlHxe5CipjJZZRCTTNzhisOZhl1uwyQNao9ORGpT3nm1AiYcT-44UwoepOGR9c7NAbuVAdUhsj-BSPIiLrWwes0OfFo84oZhk4bduy56SxDj4eczpRU-6xF0pvWbsx6AunWv3SfYe-Iye68cuM3eVuwJUtoN4laI3FgoG07_g2AUN93QYFblbw3Mrsg3ef4tmoyfcmo10-lYPvz2l-pFyu27qvxH_I6hm-JuHOlumV7cqz5uTgBAGABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzgzMjc2NjM2MDU5NjUxOPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1cpuX8GbsUAm09Uur8NbdB7DegXQ%26client%3Dca-pub-8804303781641925%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=XxVHlg==, md5=RCdMWH7YOCWDIhuwI9UcWg==
date: Mon, 14 Jun 2021 08:07:52 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7211325
cf-polished: origSize=59196
x-guploader-uploadid: ABg5-Uy4aivieyuBWrRiQC4_Ppn1uUsCErWp3PCNabOAR1DHIeajjF0MmTZg9JuSRGfocIdDxNZdYx3-JXnC-nTF81uHDLT_kw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58969
cf-request-id: 0aab2922cf00001f4134397000000001
last-modified: Tue, 16 Mar 2021 10:53:32 GMT
server: cloudflare
etag: "44274c587ed8382583221bb023d51c5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SUQocpgbxaQaL3%2Fz2v4SsfB%2BIVhqM6HG21MOdfBmMSV3htYAHEHtrvegSLsOSu2Zz7FDHKx%2BarZcvyyUNVBAp1mDveArw1PBCeAQ39d28jGwJbIVP%2B68m18k61TqUeHZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1615892011975494
content-type: text/css
expires: Tue, 22 Mar 2022 20:59:07 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 65f2114aead91f41-FRA
cf-bgj: minify

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame E3CE 36 KB
12 KB 82ms
81ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1j89pc4zfp7pm30ft351w97ma21panxv3cc4rd890p1cxj0fk1c5eqdbcqbdvza1g801rxnfebcbk64m70dbcdgxsrn1e36rceh2f9z71bw5sj1m00evnz8qqa9tbscb911gwtbz6sxmzy7z6zkrqw7ra57887n7g64v49fd10zpe1xxprjpbrys4mkxmhye38qj3esh4qwyrf5ggxz48z009w98vep0r25qgbyt2am84x2b080h6j37h2ab280t7zgtwd408ng1w2f1q8e9eryh9hgv37g2d30ragyp5q2a1a00h2kbhmffxqg3j8x977cbmppacyrpss496dpf53j0rearagywv3asgde5466xfpzw05xzkq4q8wtqe&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG5r7Vw7HYOSRBbuT7_UP5sG_-AeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04ODA0MzAzNzgxNjQxOTI1oAHCrujdA8gBCakCfsYep6lQtD7gAgCoAwGqBJkCT9CO9x-j7Xf60Mrc02sXWj3LnW4USrh-y_1o35utncZo_kg7pjwW9vccWy-1SxT58zlvqwGChL4JbKCmh-9GynvyWq60UuQhjjZErOenjfbM03g4K6Mo8SfV7km6Wju3TFtc_CwlHxe5CipjJZZRCTTNzhisOZhl1uwyQNao9ORGpT3nm1AiYcT-44UwoepOGR9c7NAbuVAdUhsj-BSPIiLrWwes0OfFo84oZhk4bduy56SxDj4eczpRU-6xF0pvWbsx6AunWv3SfYe-Iye68cuM3eVuwJUtoN4laI3FgoG07_g2AUN93QYFblbw3Mrsg3ef4tmoyfcmo10-lYPvz2l-pFyu27qvxH_I6hm-JuHOlumV7cqz5uTgBAGABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzgzMjc2NjM2MDU5NjUxOPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1cpuX8GbsUAm09Uur8NbdB7DegXQ%26client%3Dca-pub-8804303781641925%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a

Request headers

Referer: https://ad4m.at/ad/dr?ed=1j89pc4zfp7pm30ft351w97ma21panxv3cc4rd890p1cxj0fk1c5eqdbcqbdvza1g801rxnfebcbk64m70dbcdgxsrn1e36rceh2f9z71bw5sj1m00evnz8qqa9tbscb911gwtbz6sxmzy7z6zkrqw7ra57887n7g64v49fd10zpe1xxprjpbrys4mkxmhye38qj3esh4qwyrf5ggxz48z009w98vep0r25qgbyt2am84x2b080h6j37h2ab280t7zgtwd408ng1w2f1q8e9eryh9hgv37g2d30ragyp5q2a1a00h2kbhmffxqg3j8x977cbmppacyrpss496dpf53j0rearagywv3asgde5466xfpzw05xzkq4q8wtqe&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG5r7Vw7HYOSRBbuT7_UP5sG_-AeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04ODA0MzAzNzgxNjQxOTI1oAHCrujdA8gBCakCfsYep6lQtD7gAgCoAwGqBJkCT9CO9x-j7Xf60Mrc02sXWj3LnW4USrh-y_1o35utncZo_kg7pjwW9vccWy-1SxT58zlvqwGChL4JbKCmh-9GynvyWq60UuQhjjZErOenjfbM03g4K6Mo8SfV7km6Wju3TFtc_CwlHxe5CipjJZZRCTTNzhisOZhl1uwyQNao9ORGpT3nm1AiYcT-44UwoepOGR9c7NAbuVAdUhsj-BSPIiLrWwes0OfFo84oZhk4bduy56SxDj4eczpRU-6xF0pvWbsx6AunWv3SfYe-Iye68cuM3eVuwJUtoN4laI3FgoG07_g2AUN93QYFblbw3Mrsg3ef4tmoyfcmo10-lYPvz2l-pFyu27qvxH_I6hm-JuHOlumV7cqz5uTgBAGABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzgzMjc2NjM2MDU5NjUxOPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1cpuX8GbsUAm09Uur8NbdB7DegXQ%26client%3Dca-pub-8804303781641925%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=VHPQMw==, md5=O4FGM/ivTqRkLkRDXbVbMw==
date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 52915
x-guploader-uploadid: ABg5-UyHG-hOHMrblKFIYL7z0-xw-9pArwKph-VJrtcWULownBnqKUo-1GLHEGsXvwH8Zp6QorI5FIk9wmVPTpub1M4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aab2922cf00001f410ab60000000001
last-modified: Thu, 06 May 2021 17:25:03 GMT
server: cloudflare
etag: W/"3b814633f8af4ea4642e44435db55b33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QshxwpaNjWqVs5xRlI1nJLCJoIu1TItgQm%2Bcl7b49yDx4YwMyTZehTGb09rWI133Ozeoxmx%2FV8M9z17gkZdageT2xYli9ymCDlxDkFTcJWuMs2CBiTC3BPcO4F85jOf3"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620321903630655
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 12034
cf-ray: 65f2114aeadb1f41-FRA
expires: Sun, 13 Jun 2021 17:25:57 GMT

GET
H2 200 tfa-eid.20210613-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame F676 13 KB
5 KB 8ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210613-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/travelmiso300x250gr-r19505065/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad8575df16e6b0e4ea3838f3b3e18268e2604e710f3465baa7989eb60b44b8dd

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: kcEw51sMKRl2.h4sJoCLE20MhczULKlU
content-encoding: gzip
etag: "3714bdf8e4af48204faf595a5d695bfd"
age: 82
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 4868
x-amz-id-2: hosfr8aaoi/bz0MCx6cdSmHgzu3XsWLmqCwudNO/XJcyOFQadzNSztkfkuflksynqGtP9WxC7n0=
x-served-by: cache-hhn11522-HHN
last-modified: Sun, 13 Jun 2021 09:35:18 GMT
server: AmazonS3
x-timer: S1623658073.789779,VS0,VE0
date: Mon, 14 Jun 2021 08:07:52 GMT
vary: Accept-Encoding
x-amz-request-id: PZE1D0B04Q25XAZV
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 23
x-cache-hits: 806

GET
H2 200 sha256.20210613-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame F676 6 KB
3 KB 8ms
8ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210613-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/travelmiso300x250gr-r19505065/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43d92d16f3e77b23dd9f8c3eeb7e8dc7b6eb268a6cf5a0c8b54524b3f7dab2b4

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: jQvxEXSDIAT2aIkGsqcxQJ6AAStlwvsP
content-encoding: gzip
etag: "ceda57dedd07758d31c2acaff0cdb188"
age: 80
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2595
x-amz-id-2: Gto2CGwDJ7/gQdLd0yE3AgnVoH2ve4TpLHbXIvqb5DGlrI2RME7LoYu7ToRILfMiwKEuH8SA1Nc=
x-served-by: cache-hhn11522-HHN
last-modified: Sun, 13 Jun 2021 09:35:30 GMT
server: AmazonS3
x-timer: S1623658073.789917,VS0,VE0
date: Mon, 14 Jun 2021 08:07:52 GMT
vary: Accept-Encoding
x-amz-request-id: FV7PV1D10S7RK4MF
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 23
x-cache-hits: 732

GET
H2 200 userx.20210613-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame F676 23 KB
8 KB 8ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210613-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/travelmiso300x250gr-r19505065/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 823853f9b04c0dc0e7c6123806900acd039d13e0144a7596f3b582f13bccf9c0

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: BwIkvCb0Ghm3fpm4K8_buUhZ.LFluzgg
content-encoding: gzip
etag: "3afde2883f82a67f3f31c804cb1170a8"
age: 80
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7962
x-amz-id-2: jdpHohKl0pNLLSz75K6+HHjPq2iOsfpX2+7Otjfl27CKvZ72isUIwRRShfm553qXXKl87vNZjbg=
x-served-by: cache-hhn11522-HHN
last-modified: Sun, 13 Jun 2021 09:35:13 GMT
server: AmazonS3
x-timer: S1623658073.798590,VS0,VE0
date: Mon, 14 Jun 2021 08:07:52 GMT
vary: Accept-Encoding
x-amz-request-id: WYAPXBSQCHGASHWV
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 23
x-cache-hits: 240

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 753F
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=1512&partner_device_id=e6d1d55497521ebcd973323b&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=e6d1d55497521ebcd973323b&gdpr=1&gdpr_consent=

95 B
426 B

16ms
16ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=e6d1d55497521ebcd973323b&gdpr=1&gdpr_consent=

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/adsp/300x250.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Jetty(9.4.36.v20210114) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

Redirect headers

date: Mon, 14 Jun 2021 08:07:52 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=e6d1d55497521ebcd973323b&gdpr=1&gdpr_consent=
alt-svc: clear
content-length: 0

GET
H/1.1 204
No Content t.dhj Show response
pxdrop.lijit.com/1/d/ Frame 753F 0
225 B 59ms
18ms Script
text/plain 104.111.233.227
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pxdrop.lijit.com/1/d/t.dhj?dmn=b.travelmiso.com&GDPR_v2=
Requested by: Host: shoppinglifestyle.biz
URL: http://shoppinglifestyle.biz/go/?r=3&a=1
Protocol: HTTP/1.1
Server: 104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-227.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:52 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Mon, 14 Jun 2021 08:07:52 GMT

GET
H/1.1 200
OK ct
ap.lijit.com/data/ Frame 753F 43 B
206 B 16ms
15ms Image
image/gif 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/data/ct?tid=a_861814_45e99dcd2ffc4403ad5b1c68052cdd43&zoneid=861814&cid=18&geo=DE&all_tags=248%2C429%2C458%2C465%2C490%2C501%2C503%2C519%2C523%2C539%2C543%2C578%2C590%2C600&tss=372%2C374&fired_tags=519%2C590&count=2&status=8%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C8%2C8%2C8%2C8%2C1%2C32&elapsed_ms=378
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/adsp/300x250.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:52 GMT
Server: nginx
X-Sovrn-Pod: ad_ap6ams1
X-Powered-By: raptor
Content-Length: 43
Content-Type: image/gif

GET /
g.themoneytizer.net/g/ Frame 753F 0
0

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ Frame 753F 38 KB
16 KB 169ms
12ms Script
application/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
server: nginx
etag: "604b9fc7-981e"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 16267
expires: Tue, 15 Jun 2021 08:07:50 GMT

GET config.js
ww1097.smartadserver.com/ Frame 753F 0
0

GET /
c.tmyzer.com/c/ Frame 753F 0
0

GET
H2 200 sync Show response
gum.criteo.com/ Frame 753F 49 B
371 B 44ms
12ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=64680&formatId=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 14 Jun 2021 08:07:52 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1262
content-length: 165
expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ Frame 753F 4 KB
4 KB 4601ms
19ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=64680&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 8da935c18168ab5561137d875449b7b5b4e38ec854c5f3d2296823cf0b93a3f9

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:57 GMT
Last-Modified: Mon, 31 May 2021 09:07:48 GMT
Server: nginx/1.14.2
X-IPLB-Request-ID: 59F940AB:F0AC_91EFC0A6:01BB_60C70E5D_9F1A1D7F:209F0
ETag: "60b4a764-10b7"
X-IPLB-Instance: 30196
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 4279

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 5CF9 2 KB
818 B 1042ms
8ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1623658072820

Requested by

Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=64680&formatId=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2a897e3f18e6769&cb=1623658072820
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame BECC 2 KB
993 B 27ms
26ms Document
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=64680&formatId=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fd3541581c59a84decdd534633ceaef75aa30d7abb6e98826945e731f176ae0

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?env=mWeb&uc=2&zdid=1258&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: http://b.travelmiso.com
set-cookie: zc=80c9cd9e-4fc4-46be-4547-5903775409ef; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%AEt%3F%B2%AA%EF5%FE%B6%B4%E2%02%94%9Ey%98B%F5%CE%B4%7B%07%FE%04%FF%FD%25F%ED%BBK%F6%87%CC%3Aq%3A%15%F1%B0M%B8%D9f%22%FE%94y%E5%F1%9Cr%EAz5%14%3BW%5C%D7pl0%8E%CE%1C%25%E43%B2%27e_9%8A%3F%C7d%E1%BF%CF6%CF%F5%3E%81%B2%11%8A%B1%B2%CA%0E%E2%F9%B8%9D%40%DA%D7%92%8E%B5%A9R; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 0aab2922fb00004e2c16a76000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65f2114b2ed64e2c-FRA
content-encoding: br

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 753F 24 KB
9 KB 27ms
7ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=64680&formatId=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 21 Jun 2021 08:07:52 GMT

GET px.js
p.cpx.to/p// Frame 753F 0
0

GET notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame 753F 0
0

GET 186329-261067657875242.js
js-sec.indexww.com/ht/p/ Frame 753F 0
0

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid4_40/build_quantcast_noconsent/dist/ Frame 753F 534 KB
166 KB 31ms
14ms Script
application/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid4_40/build_quantcast_noconsent/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=64680&formatId=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 411e9bd403fd2ed39a7855c220b7213ae3a072d5c2133f5644d4df180ecdc2e0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
last-modified: Mon, 31 May 2021 09:43:32 GMT
server: nginx
etag: "60b4afc4-859f8"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 170011
expires: Tue, 15 Jun 2021 08:07:48 GMT

GET

1.gif
id5-sync.com/c/12/0/9/ Frame 753F
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=

0
0

GET
H2 204 /
ads.viralize.tv/track/ Frame CB71 0
39 B 16ms
16ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd7dc85520296cfcecfeb1%3A0%3ANTM2MrlOxTlfWrqK~wp0sc1%22%2C%22bid_opportunity_id%22%3A%22NTM2MrlOxTlfWrqK~wp0sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd7dc85520296cfcecfeb1%3A0%3ANTQwNs9nJm8x8tBB~wp3sc1%22%2C%22bid_opportunity_id%22%3A%22NTQwNs9nJm8x8tBB~wp3sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd7dc85520296cfcecfeb1%3A0%3ANTQyOBO98FjUSrAS~wp5sc1%22%2C%22bid_opportunity_id%22%3A%22NTQyOBO98FjUSrAS~wp5sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd7dc85520296cfcecfeb1%3A0%3ANTQ3OExxtbZk4FXJ~wp6sc1%22%2C%22bid_opportunity_id%22%3A%22NTQ3OExxtbZk4FXJ~wp6sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd7dc85520296cfcecfeb1%3A0%3ANTQwNs9nJm8x8tBB~wp2sc1%22%2C%22bid_opportunity_id%22%3A%22NTQwNs9nJm8x8tBB~wp2sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd7dc85520296cfcecfeb1%3A0%3ANTQ3OExxtbZk4FXJ~wp7sc1%22%2C%22bid_opportunity_id%22%3A%22NTQ3OExxtbZk4FXJ~wp7sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd7dc85520296cfcecfeb1%3A0%3ANTQ3OExxtbZk4FXJ~wp8sc1%22%2C%22bid_opportunity_id%22%3A%22NTQ3OExxtbZk4FXJ~wp8sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%5D
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 204 /
ads.viralize.tv/track/ Frame CB71 0
39 B 16ms
16ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd7dc85520296cfcecfeb1%3A0%3ANTM4MAXAemnh4ynA~wp1sc1%22%2C%22bid_opportunity_id%22%3A%22NTM4MAXAemnh4ynA~wp1sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd7dc85520296cfcecfeb1%3A0%3ANTQwNs9nJm8x8tBB~wp4sc1%22%2C%22bid_opportunity_id%22%3A%22NTQwNs9nJm8x8tBB~wp4sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%5D
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 3D1F 291 B
309 B 2060ms
55ms Script
application/javascript 212.82.100.146
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=d3ba746a-82fb-4032-b01e-ccb4c304c69a&apiKey=KDF27TK6KH2YJC7YV2Y3&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fcdn.aralego.net&caps=16&cb=JSONPCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

212.82.100.146 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

911ce74c632a59217dd42b1a3412e0701fc2468f44e0b99e9756d5cdf87479d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:54 GMT
content-encoding: gzip
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
strict-transport-security: max-age=31536000

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 61E1 318 KB
112 KB 16ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:52 GMT

GET sdk
ads.aralego.com/ Frame 5D24 0
0

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 7621 62 KB
21 KB 17ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/vls/728x90.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd56c87dbd42ec5efef8e0fe40728cfa889cac7e9b80dc50b58c10063ae14d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 875 of 1000 / last-modified: 1623449396"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21627
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:52 GMT

GET
H/1.1 200
OK ad-exchange.js Show response
gamma.cachefly.net/js/ Frame 7A63 8 KB
3 KB 32ms
31ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: http://gamma.cachefly.net/js/ad-exchange.js
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/gam/728x90.html
Protocol: HTTP/1.1
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 8bc47888d38c629485975fa1e1f57bf5166fd24880bebf2fdaa4ccd190313f47

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:52 GMT
Content-Encoding: gzip
X-CF3: H
CF4ttl: 604800.000
X-CF1: 16114:fC.fra2:co:1615366953:cacheN.fra2-01:H
Gamma-CDN: srv_178
Connection: keep-alive
Content-Length: 2563
x-cf-tsc: 1622029705
X-CF2: H
Last-Modified: Wed, 10 Mar 2021 07:30:07 GMT
Server: CFS 0215
X-CFF: B
ETag: W/"6048757f-1eed"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
CF4Age: 47111
Accept-Ranges: bytes
Expires: Tue, 15 Jun 2021 08:07:52 GMT

GET sdk
ads.aralego.com/ Frame 9888 0
0

GET
H/1.1 200
OK ad-exchange.js Show response
gamma.cachefly.net/js/ Frame 3347 8 KB
3 KB 29ms
29ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: http://gamma.cachefly.net/js/ad-exchange.js
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/gam/160x600.html
Protocol: HTTP/1.1
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 8bc47888d38c629485975fa1e1f57bf5166fd24880bebf2fdaa4ccd190313f47

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:52 GMT
Content-Encoding: gzip
X-CF3: H
CF4ttl: 604800.000
X-CF1: 16114:fB.fra2:co:1615366953:cacheN.fra2-01:H
Gamma-CDN: srv_178
Connection: keep-alive
Content-Length: 2563
x-cf-tsc: 1623240778
X-CF2: H
Last-Modified: Wed, 10 Mar 2021 07:30:07 GMT
Server: CFS 0215
X-CFF: B
ETag: W/"6048757f-1eed"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
CF4Age: 34140
Accept-Ranges: bytes
Expires: Tue, 15 Jun 2021 08:07:52 GMT

GET
H3-29 200 pubads_impl_2021061001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7B48 326 KB
114 KB 23ms
20ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ce69465fa2284194ab3ec822ee452307e2f4b4ab202499e24a06f8215b1ead1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Jun 2021 08:39:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116947
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:52 GMT

GET
H2

200

prebid.js Show response
hb.adpone.com/ Frame A22C
Redirect Chain

http://hb.adpone.com/prebid.js
https://hb.adpone.com/prebid.js

327 KB
94 KB

43ms
40ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid.js
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80ba016670fbff044c837f7a834165b168c368ab2de6ca75f5ebb34b9ee3be2f

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 32
content-type: application/javascript
x-amz-request-id: JD1K3TXXH20KB13N
x-amz-id-2: 6ZYQ/Eh6NlLvioTFOd07rgaIjcD7uVb4CY7nMmtbPY02jStkKtCLEd9zfZMy6pAAD9RlcGxVUo8=
last-modified: Thu, 08 Oct 2020 08:58:50 GMT
server: cloudflare
etag: W/"3f9f2be0df40c2f61ef943e7de1ea106"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8Ez%2FGT9Qr3LXPvXccCot1PdrX7GfYsekssE4910l1WXwJmVKrFvGBnysgu5D5RnXOtFxbt25WJp%2Bep%2FIpkk%2BkVrV9MyBPLntwydbjI6yPuCPH%2BQ5kCjMsUdU9KrLH7ft19B9ed5t"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: rBVPesXy_KxlMhmQGZiGrffT5fqVdJJ6
cache-control: max-age=14400
cf-request-id: 0aab29238b00001f4df2a4a000000001
cf-ray: 65f2114c19471f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:52 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=peSKSCuklJHzO7uaRBUsl4IacPPM3alPG0tmIfRjJLZo67vZ64i4qwAh8Fj43%2FCQFcVHU5c3MeogZjpwQyw4a47WpZ2KQhfhLiU1moUGKUdkwHzg4Y10z64xrdtdMuJ%2FARcvV2lG"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f2114b6f9b1772-FRA
cf-request-id: 0aab29232400001772520bb000000001
Expires: Mon, 14 Jun 2021 09:07:52 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 8A13 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 14 Jun 2021 07:44:49 GMT
expires: Tue, 14 Jun 2022 07:44:49 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1383
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EF95 783 B
533 B 16ms
16ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

22c4a5386f350a3ef5d543623d23c12d34516198344cbaa5d3d6254d80bbb6b7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jIpJf9LWpew9QjWXn4y5Zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

expires: Mon, 14 Jun 2021 08:07:52 GMT
date: Mon, 14 Jun 2021 08:07:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-jIpJf9LWpew9QjWXn4y5Zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 pubads_impl_2021061001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9D4C 326 KB
114 KB 17ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ce69465fa2284194ab3ec822ee452307e2f4b4ab202499e24a06f8215b1ead1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Jun 2021 08:39:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116947
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:52 GMT

GET
H3-29 200 pubads_impl_2021060901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C216 326 KB
114 KB 18ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dc0b6e4edbfc8d6d8446e112130624fd05d7b8a8cfe62839046fc733c8b19a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 08:43:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116890
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:52 GMT

GET
H/1.1 200
OK inndef_160x600.asp Show response
www.travelmiso.com/acta/friends/ Frame D05F 3 B
323 B 172ms
172ms Document
text/html 203.76.174.123
SG-8-TO-SG 8 to I...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.travelmiso.com/acta/friends/inndef_160x600.asp
Requested by: Host: media.innity.net
URL: http://media.innity.net/adnetwork/house/pub_244/proxy_245522.js?ord=[timestamp]
Protocol: HTTP/1.1
Server: 203.76.174.123 , Singapore, ASN45470 (SG-8-TO-SG 8 to Infinity Pte Ltd, SG),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e0dc0ad7ac4bba718029e4937736aa9610cf977cd2dd0c3bd468036e4e4f5fe4

Request headers

Host: www.travelmiso.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: _a3rd1567570933=0-9; ASPSESSIONIDQCSSCCAC=KCCFPFDDFMBOBIFGACPAKFEH; __gads=ID=79a2f6b1aefcf0ef:T=1623658069:S=ALNI_MZoxHzK7RPU6Cg0jzzgpyfVQnW1Yg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Cache-Control: private
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Date: Mon, 14 Jun 2021 08:07:51 GMT
Content-Length: 122

GET
H2 200 1197866058__Ku480GUE.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/ Frame F676 12 KB
12 KB 295ms
15ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/1197866058__Ku480GUE.jpg
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 161604fd22b1e31df5052000a351be29f510419f6829682e7cb798e8fe102bd3

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 14 Jun 2021 08:07:53 GMT
via: 1.1 varnish, 1.1 varnish
age: 2591615
edge-cache-tag: 541591015695170776024397436526347427068,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 37
expiration: expiry-date="Sun, 16 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/1197866058__Ku480GUE.jpg
content-length: 11822
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Thu, 15 Apr 2021 15:20:13 GMT
server: nginx
x-timer: S1623658073.211499,VS0,VE1
etag: "6c9e40e28422da5378844ca393be21b2"
x-served-by: cache-wdc5562-WDC, cache-dca17729-DCA, cache-fra19177-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
DATA 200
OK truncated
/ Frame F309 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: baeb26c8be045ff89f1353e3fc0477d605a949caad2a71c05365638d5515c21e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET google_pixel
ads.travelaudience.com/ Frame 42A8 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 42A8
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGYSYO9UczojEEqkw9Lozk8&google_cver=1&google_push=AYg5qPJ34vX5j9PWidbX8BHSDMbygtz6m4crqttaDOBf8TMAIP1HvBQVYKOwRGV6D5WcEmNRqvUPAIuct0XEF3E7MNsJaH2...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJ34vX5j9PWidbX8BHSDMbygtz6m4crqttaDOBf8TMAIP1HvBQVYKOwRGV6D5WcEmNRqvUPAIuct0XEF3E7MNsJaH20AoU&google_hm=NDA4NjExMjk3NTgyMTQwMjM...

170 B
188 B

16ms
15ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJ34vX5j9PWidbX8BHSDMbygtz6m4crqttaDOBf8TMAIP1HvBQVYKOwRGV6D5WcEmNRqvUPAIuct0XEF3E7MNsJaH20AoU&google_hm=NDA4NjExMjk3NTgyMTQwMjMzNw%3D%3D

Requested by

Host: fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com
URL: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 14 Jun 2021 08:07:53 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJ34vX5j9PWidbX8BHSDMbygtz6m4crqttaDOBf8TMAIP1HvBQVYKOwRGV6D5WcEmNRqvUPAIuct0XEF3E7MNsJaH20AoU&google_hm=NDA4NjExMjk3NTgyMTQwMjMzNw%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET /
c1.adform.net/serving/cookie/match/ Frame 42A8 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 42A8
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mRGGtz49Sv6MeEOQpHjsBQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mRGGtz49Sv6MeEOQpHjsBQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL7igDQZ57pVggSZ5C4g7WVPbGHn7qdT79iqBo7MwB5ZuT9oX-nIwxFuYjJBzo9XhALam--d_3ndMX7lk5fyfJZ124uDPe2

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mRGGtz49Sv6MeEOQpHjsBQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL7igDQZ57pVggSZ5C4g7WVPbGHn7qdT79iqBo7MwB5ZuT9oX-nIwxFuYjJBzo9XhALam--d_3ndMX7lk5fyfJZ124uDPe2
date: Mon, 14 Jun 2021 08:07:55 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 42A8
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGyHhvwUztHZ4k83EBB-8ms&google_cver=1&google_push=AYg5qPLWM3kqTRvPG3kc6o2IfB6QXbaVz6zK6FdblCwsW8adSxt2upPCfkuAv-hNSyJn_Xbpc51Dt32ux_MoKptiM...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLWM3kqTRvPG3kc6o2IfB6QXbaVz6zK6FdblCwsW8adSxt2upPCfkuAv-hNSyJn_Xbpc51Dt32ux_MoKptiM4irElCUtLER&google_hm=e6d1d55497521ebcd973323b

170 B
188 B

21ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLWM3kqTRvPG3kc6o2IfB6QXbaVz6zK6FdblCwsW8adSxt2upPCfkuAv-hNSyJn_Xbpc51Dt32ux_MoKptiM4irElCUtLER&google_hm=e6d1d55497521ebcd973323b

Requested by

Host: fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com
URL: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 14 Jun 2021 08:07:52 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLWM3kqTRvPG3kc6o2IfB6QXbaVz6zK6FdblCwsW8adSxt2upPCfkuAv-hNSyJn_Xbpc51Dt32ux_MoKptiM4irElCUtLER&google_hm=e6d1d55497521ebcd973323b
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 42A8
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEAE3l-Vc7y8ehp69CvNTmds&google_cver=1&google_push=AYg5qPJx6Rc7ET9Z3uROpyxvqZ7bPime4aHXdKdnyan-kEXca9zbEUdsuhiaPXhyRk5a6ZIwNtjaAt831TGtm8M9qwgbFb...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=kijbC8whSRKcSryB0HMHng&google_push=AYg5qPJx6Rc7ET9Z3uROpyxvqZ7bPime4aHXdKdnyan-kEXca9zbEUdsuhiaPXhyRk5a6ZIwNtjaAt831TGtm8M...

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=kijbC8whSRKcSryB0HMHng&google_push=AYg5qPJx6Rc7ET9Z3uROpyxvqZ7bPime4aHXdKdnyan-kEXca9zbEUdsuhiaPXhyRk5a6ZIwNtjaAt831TGtm8M9qwgbFbH5fS4

Requested by

Host: fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com
URL: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=kijbC8whSRKcSryB0HMHng&google_push=AYg5qPJx6Rc7ET9Z3uROpyxvqZ7bPime4aHXdKdnyan-kEXca9zbEUdsuhiaPXhyRk5a6ZIwNtjaAt831TGtm8M9qwgbFbH5fS4
date: Mon, 14 Jun 2021 08:07:52 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET

pixel
cm.g.doubleclick.net/ Frame 42A8
Redirect Chain

https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESENHtERZOZKa9bmhORjIdw2U&google_cver=1&google_push=AYg5qPI2SG-z3L1EkGMQPWbFSJyHtFX6kpwpeN2thq4_QYtJUs2EI2mLHvDGYl2z3zG8LjTPbUkLzzR7n-1l9s...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=UExtNkNZTDJxQg==&google_push=AYg5qPI2SG-z3L1EkGMQPWbFSJyHtFX6kpwpeN2thq4_QYtJUs2EI2mLHvDGYl2z3zG8LjTPbUkLzzR7n-1l9s8SYYzytU...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=UExtNkNZTDJxQg==&google_push=AYg5qPI2SG-z3L1EkGMQPWbFSJyHtFX6kpwpeN2thq4_QYtJUs2EI2mLHvDGYl2z3zG8LjTPbUkLzzR7n-1l9s8SYYzytU...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=UExtNkNZTDJxQg==&google_push=AYg5qPI2SG-z3L1EkGMQPWbFSJyHtFX6kpwpeN2thq4_QYtJUs2EI2mLHvDGYl2z3zG8LjTPbUkLzzR7n-1l9s8SYYzytU...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=UExtNkNZTDJxQg==&google_push=AYg5qPI2SG-z3L1EkGMQPWbFSJyHtFX6kpwpeN2thq4_QYtJUs2EI2mLHvDGYl2z3zG8LjTPbUkLzzR7n-1l9s8SYYzytU...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=UExtNkNZTDJxQg==&google_push=AYg5qPI2SG-z3L1EkGMQPWbFSJyHtFX6kpwpeN2thq4_QYtJUs2EI2mLHvDGYl2z3zG8LjTPbUkLzzR7n-1l9s8SYYzytU...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=UExtNkNZTDJxQg==&google_push=AYg5qPI2SG-z3L1EkGMQPWbFSJyHtFX6kpwpeN2thq4_QYtJUs2EI2mLHvDGYl2z3zG8LjTPbUkLzzR7n-1l9s8SYYzytU...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=UExtNkNZTDJxQg==&google_push=AYg5qPI2SG-z3L1EkGMQPWbFSJyHtFX6kpwpeN2thq4_QYtJUs2EI2mLHvDGYl2z3zG8LjTPbUkLzzR7n-1l9s8SYYzytU...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=UExtNkNZTDJxQg==&google_push=AYg5qPI2SG-z3L1EkGMQPWbFSJyHtFX6kpwpeN2thq4_QYtJUs2EI2mLHvDGYl2z3zG8LjTPbUkLzzR7n-1l9s8SYYzytU...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=UExtNkNZTDJxQg==&google_push=AYg5qPI2SG-z3L1EkGMQPWbFSJyHtFX6kpwpeN2thq4_QYtJUs2EI2mLHvDGYl2z3zG8LjTPbUkLzzR7n-1l9s8SYYzytU...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=UExtNkNZTDJxQg==&google_push=AYg5qPI2SG-z3L1EkGMQPWbFSJyHtFX6kpwpeN2thq4_QYtJUs2EI2mLHvDGYl2z3zG8LjTPbUkLzzR7n-1l9s8SYYzytU...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=UExtNkNZTDJxQg==&google_push=AYg5qPI2SG-z3L1EkGMQPWbFSJyHtFX6kpwpeN2thq4_QYtJUs2EI2mLHvDGYl2z3zG8LjTPbUkLzzR7n-1l9s8SYYzytU...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=UExtNkNZTDJxQg==&google_push=AYg5qPI2SG-z3L1EkGMQPWbFSJyHtFX6kpwpeN2thq4_QYtJUs2EI2mLHvDGYl2z3zG8LjTPbUkLzzR7n-1l9s8SYYzytU...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=UExtNkNZTDJxQg==&google_push=AYg5qPI2SG-z3L1EkGMQPWbFSJyHtFX6kpwpeN2thq4_QYtJUs2EI2mLHvDGYl2z3zG8LjTPbUkLzzR7n-1l9s8SYYzytU...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=UExtNkNZTDJxQg==&google_push=AYg5qPI2SG-z3L1EkGMQPWbFSJyHtFX6kpwpeN2thq4_QYtJUs2EI2mLHvDGYl2z3zG8LjTPbUkLzzR7n-1l9s8SYYzytU...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=UExtNkNZTDJxQg==&google_push=AYg5qPI2SG-z3L1EkGMQPWbFSJyHtFX6kpwpeN2thq4_QYtJUs2EI2mLHvDGYl2z3zG8LjTPbUkLzzR7n-1l9s8SYYzytU...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=UExtNkNZTDJxQg==&google_push=AYg5qPI2SG-z3L1EkGMQPWbFSJyHtFX6kpwpeN2thq4_QYtJUs2EI2mLHvDGYl2z3zG8LjTPbUkLzzR7n-1l9s8SYYzytU...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=UExtNkNZTDJxQg==&google_push=AYg5qPI2SG-z3L1EkGMQPWbFSJyHtFX6kpwpeN2thq4_QYtJUs2EI2mLHvDGYl2z3zG8LjTPbUkLzzR7n-1l9s8SYYzytU...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=UExtNkNZTDJxQg==&google_push=AYg5qPI2SG-z3L1EkGMQPWbFSJyHtFX6kpwpeN2thq4_QYtJUs2EI2mLHvDGYl2z3zG8LjTPbUkLzzR7n-1l9s8SYYzytU...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=UExtNkNZTDJxQg==&google_push=AYg5qPI2SG-z3L1EkGMQPWbFSJyHtFX6kpwpeN2thq4_QYtJUs2EI2mLHvDGYl2z3zG8LjTPbUkLzzR7n-1l9s8SYYzytU...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=UExtNkNZTDJxQg==&google_push=AYg5qPI2SG-z3L1EkGMQPWbFSJyHtFX6kpwpeN2thq4_QYtJUs2EI2mLHvDGYl2z3zG8LjTPbUkLzzR7n-1l9s8SYYzytU...

0
0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 42A8 0
12 B 18ms
14ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Id7U0OcYsPYcqIjxRTsFRnJXJ6sIs7NlmOKiQh-QxPUcE_l6sqZljuBdxsZnuRZVf9GfCA

Requested by

Host: fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com
URL: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame D786 61 KB
21 KB 15ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 126 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:52 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame EE6F
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

39ms
39ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: nichools.com
URL: http://nichools.com/async_usersync?i=bdsfyu86g9gsdn1e02&a=5a0c5fe6acd05e6588763d6a638269b91&cb=8051131623658072515
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 51
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JKtJVumq3UkelN1YIhuGqnVEgclxe4MOd3rvex9tXyUN8BBhsg%2FfO%2FU5Zq0WLhuQcEMQJ%2Bls88YFNsWzKbmfqmL7CLi2pe0JBb54Nk%2FXqf%2B17cBogyRsW%2B3gL25D5M4YoVK%2FteRx"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 0aab29243b00001f4d2ea42000000001
cf-ray: 65f2114d2bee1f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:52 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xEcdJxHyu4fbBzAv%2F3GCbe4RHj1PdRGRtiFh9MjIv%2BPs%2FK48oJ5GFpc7L90XPPp0oS9qN9oeAX6%2BAr%2BPHIUqSOLsj7gEK9T%2F7HWRmv7gocXlgoZL3VzxBGBC6dACuuRJBodOHYXa"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f2114c3e174e9d-FRA
cf-request-id: 0aab2923a300004e9d5604d000000001
Expires: Mon, 14 Jun 2021 09:07:52 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 9881
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

48ms
48ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: nichools.com
URL: http://nichools.com/sync?i=bdsfyu86g9gsdn1e02&a=308c3bf9c94b1a8c9c7d0e8cf14e2b811&cb=3084121623658072520
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 51
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=38OV90A9hox%2B04JqOqjtudYm45zu1cxYg9JecNImwdAH%2Fpw6FR5veGGIZzViEPHkwEYF3L%2F5yolqKUOpIASDkYJ1tanZBMHsp%2FcAbjE7VedwhLVDcVg7OUWVDugqLQLZ5LNbdqtt"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 0aab29245600001f4dd6930000000001
cf-ray: 65f2114d5c511f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:53 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6xes4qL%2B1cGtLiPCzpiUgm4jRPVGFO%2BoDPDPiFexB0zpvR7GtI7ltrn9ShPcrZBReCosWBBBlSY9ShOJUG7HF1P2KHBHT%2B0LIW4Yrw%2F0VekTC%2B%2FsrSC%2BEsCzfQJuQVEjilGOwLAX"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f2114c5e5e4e9d-FRA
cf-request-id: 0aab2923b500004e9d860a9000000001
Expires: Mon, 14 Jun 2021 09:07:53 GMT

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 93CB 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 15:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 15:49:47 GMT

GET
H/1.1

200
OK

fpi.js Show response
ap.lijit.com/www/delivery/ Frame DBF2
Redirect Chain

http://ap.lijit.com/www/delivery/fpi.js?z=742142&width=728&height=90
https://ap.lijit.com/www/delivery/fpi.js?z=742142&width=728&height=90

5 KB
3 KB

294ms
16ms

Script
text/javascript

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/delivery/fpi.js?z=742142&width=728&height=90
Requested by: Host: nichools.com
URL: http://nichools.com/syncro?i=bdsfyu86g9gsdn1e02&a=a3470d651e2f2c2242e8d9613fe995515&cb=9188441623658072518
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:54 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"60468d89-1540"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap6ams1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Location: https://ap.lijit.com/www/delivery/fpi.js?z=742142&width=728&height=90
Content-length: 0

GET
H/1.1 200
OK async.js Show response
cdn.adtrue.com/rtb/ Frame 067A 7 KB
3 KB 32ms
23ms Script
application/x-javascript 2606:4700:10::ac43:607
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.adtrue.com/rtb/async.js
Requested by: Host: nichools.com
URL: http://nichools.com/usersync?i=bdsfyu86g9gsdn1e02&a=3d82bab48f3e81ef9d78200b8f112b5f9&cb=1841901623658072521
Protocol: HTTP/1.1
Server: 2606:4700:10::ac43:607 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 16 Nov 2020 01:20:45 GMT
Server: cloudflare
Age: 4503018
ETag: W/"5fb1d3ed-1c9f"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f2114c7b38dfd3-FRA
cf-request-id: 0aab2923cf0000dfd3bc81f000000001
Expires: Mon, 18 Apr 2022 05:17:35 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame D979
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

56ms
55ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: nichools.com
URL: http://nichools.com/stat?i=bdsfyu86g9gsdn1e02&a=709b7e811fc940f8135818fd0d1c581f3&cb=6380811623658072522
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 51
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FOi%2FXfDuu7U5KChfuHU%2Fz3%2FYc4jg0zVbjpmF9Z3dnLbNVZZXVT1uwoeUhEUiPe4VhYvChOF4KWCWKp2ESchyjzMMF4pdpqc1vPROuPwxYDlL5FGcERtdUgUg62IVuKYLWfLIC24%2B"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 0aab29247e00001f4ddcb4d000000001
cf-ray: 65f2114d9d031f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:53 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BjsSJTRqLC4pz%2Bh%2BuQ%2B%2BpnZ0mfFwogsWQaiwNs7%2B17qfoyP2fsDaBIgnEYCOrynWHFhIMx%2B79lP9S6JvIyCP91C6fSSD%2B5gb0Ay3oXEQvQbFNgrcRAIkyEasHtTj9AesMs7iKgen"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f2114c7e704a73-FRA
cf-request-id: 0aab2923ce00004a734eb05000000001
Expires: Mon, 14 Jun 2021 09:07:53 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 5CB4
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

48ms
47ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: nichools.com
URL: http://nichools.com/async_usersync?i=bdsfyu86g9gsdn1e02&a=4515e380c4149cdb47fd7d16b9ee55da3&cb=6174071623658072524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 51
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=j6yeIJXTUnLMQ58uGfOhD%2BFQpDU0EXcuFv3njQ3Q4w8%2FantFJBHz%2BhwboQfWem4bUC%2FjLOX79pWSqWe%2F2WBPj82UoseY4y4f1LqetRWFeId52dQJ8yH4TSFVAX3xxET0mOOLJ6yn"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 0aab29247e00001f4d1035b000000001
cf-ray: 65f2114d9d061f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:53 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=P9myyKOnfeURJGtu6HfB3NyKNAcB%2FTetKL%2FtpRKwA%2Bm0lSYXzYMFw0PcuKWhL2MDBNN3vdQBFv8etf6xRIkTR18sfQaLzSK0oQ6v7%2FyWW6QWbkqtlJZtZ5ZPAwDUEdaKJFDuoUFo"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f2114c8e8c64af-FRA
cf-request-id: 0aab2923d4000064afe6907000000001
Expires: Mon, 14 Jun 2021 09:07:53 GMT

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DA4 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 15:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 15:49:47 GMT

GET
H3-29 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame E3CE 3 KB
4 KB 26ms
15ms Image
image/png 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Mon, 14 Jun 2021 08:07:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 415691
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
cf-request-id: 0aab29240400004ee50bbb5000000001
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YYOG7ejyZZkJVlYfKadqvgZOZLHKT5xdXMPir6xc%2BOcmIlWOQ30g5aHlK6eCapPqsktzzaJuzIu5ifMt2TkS0wsiZZTBio6XpZ62%2FEi1J4hSGC5bnVwxhaPRG2C9FvVoLC%2B74bnkotvAPCVJ3ik%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 65f2114cdb644ee5-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H/1.1 200
OK / Show response
tag.gammaplatform.com/adx/request/ Frame 7A63 3 KB
3 KB 180ms
179ms Script
application/x-javascript 54.255.154.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.gammaplatform.com/adx/request/?wid=1567569789&zid=1567570449&urf=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&zt=&cb=006655/
Requested by: Host: gamma.cachefly.net
URL: http://gamma.cachefly.net/js/ad-exchange.js
Protocol: HTTP/1.1
Server: 54.255.154.87 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-255-154-87.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: aeceffb8633257d1401a01c965a6377735455214421917ef1e0bf49026da51d9

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/x-javascript
server-time: 1.1(DD).1(B).1(W).1(CB).2
x-server: AdEx-App124
access-control-allow-credentials: true
x-robots-tag: noindex
transfer-encoding: chunked

GET
H/1.1 200
OK / Show response
tag.gammaplatform.com/adx/request/ Frame 3347 3 KB
3 KB 179ms
179ms Script
application/x-javascript 54.255.154.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.gammaplatform.com/adx/request/?wid=1567569789&zid=1567570861&urf=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&zt=&cb=531537/
Requested by: Host: gamma.cachefly.net
URL: http://gamma.cachefly.net/js/ad-exchange.js
Protocol: HTTP/1.1
Server: 54.255.154.87 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-255-154-87.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 44faf75dab50748b48f714469f2d27de7b630d35dab97db94cb410966adf358b

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/x-javascript
server-time: 1.1(DD).1(B).1(W).1(CB).2
x-server: AdEx-App128
access-control-allow-credentials: true
x-robots-tag: noindex
transfer-encoding: chunked

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 6961 3 KB
4 KB 1051ms
14ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=67728492&p=158212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: fd8fcdeee9ccab8b4b8529fb48311c2a6b14e535befd7a9f1b1f005f0e7e5146

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 77C3
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

44ms
44ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: nichools.com
URL: http://nichools.com/stat?i=bdsfyu86g9gsdn1e02&a=ab6a3b2224aeb0b660adc3acede22dda1&cb=6925221623658072525
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 51
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DPeUz0bWsJah4AgcBGZ1nUNtR6be9%2BHSHVPTw7rhboJhWTrvlzHym1aeXFGekeYZYyAlY57C0pBVC3m6g3ThK5Gx4CHviYVZAlCLLmcYir2A%2F6viineBobbGVQH0w0Hcb7teXiBZ"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 0aab29255100001f4df92ac000000001
cf-ray: 65f2114ed8341f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:53 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=scFSiCJ3EjQE41J2PM9VoZnDw0uXuCYEuREegZqKWEQf2FR2wMndfICltzusx3%2FrQe4f2KjEqiOYBPtau%2BdbY1S4kkoPpNsPZoNW9bJ9mCPuLcRRUR%2BFH%2By%2FwnCDPQTt9fSDk%2B4N"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f2114d0ecf64af-FRA
cf-request-id: 0aab292424000064afd19f4000000001
Expires: Mon, 14 Jun 2021 09:07:53 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame CC39
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

36ms
36ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: nichools.com
URL: http://nichools.com/counter?i=bdsfyu86g9gsdn1e02&a=c291520dd1659ed52de4694ec3aafe769&cb=4287301623658072529
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 51
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dLg1Sc8XRq1tq%2BRO3fS97inbX%2FVTx1PTWBJ5EDl0%2BSCLZLO0BDpbnH80Sn5fkmdqqbov41oNZ8de3I3%2FAXskZlNt4jZW4pKIBpIRXcCbkHuOqF5aUKNrl%2FLM5UDTlrMe5H9%2BJik8"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 0aab29257c00001f4d4a804000000001
cf-ray: 65f2114f28bc1f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:53 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6HhjEob2Lo62cN2OsG0IYckxIkQnGcWO3xhslGB2evODxIxLibR6Q2rAAd%2BR7ow%2BI9rpLD0cto6cBBKXsgjqhPx3qlNwu6pqtbd7%2BECX3FkEEOJUZIBDnOv%2B%2FhFcQI42nLsmYGHJ"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f2114d2ed664af-FRA
cf-request-id: 0aab292437000064af0a222000000001
Expires: Mon, 14 Jun 2021 09:07:53 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame B080
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

38ms
37ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: nichools.com
URL: http://nichools.com/usync?i=bdsfyu86g9gsdn1e02&a=59c79c030777b63a2ca73dfbc20d339e5&cb=2688121623658072527
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 51
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4ADugrQj1DhYHVyZf47vfIF3UrOk8qwi1ErUgKTleS7kQlvu7OZmFcNRIe1Y9%2Bl7HMp0H6T0T8zS%2BQfrilC5cUKHcCqk6laVZz%2BB6QlJytqiFpK3Fw7zBBequasmvkfd7e6nEXqb"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 0aab29258a00001f4de0a80000000001
cf-ray: 65f2114f48ea1f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:53 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nffdkV4WPwzWzykMgSqpQmjzYjIk6s708hdoJAyOoVNH%2F%2F4PH0BqGJauxVgo%2FjfLqnBtisyUi36Dclm1yFBK0xxF7Q%2FK%2BWXEQWAoAM0kDhqVkRRuI52IEI8TCZ1SHY%2BzaUT%2FYXrV"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f2114d4ee064af-FRA
cf-request-id: 0aab29244e000064afeca39000000001
Expires: Mon, 14 Jun 2021 09:07:53 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8738
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENWKUcfTRQxCazmxQ2j0NCs&google_cver=1&google_push=AYg5qPLW7ZUX1SynCkH6A6COcinNNrHTakCDY-IUOv_KJItMqeUiuPWbe8sJFyHEqcg1PPUBevvWBCGaCb9...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLW7ZUX1SynCkH6A6COcinNNrHTakCDY-IUOv_KJItMqeUiuPWbe8sJFyHEqcg1PPUBevvWBCGaCb98ikbX6_snsf4SHZVG5A&google_hm=E52eZsfURmeL3ye_YG...

170 B
188 B

18ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLW7ZUX1SynCkH6A6COcinNNrHTakCDY-IUOv_KJItMqeUiuPWbe8sJFyHEqcg1PPUBevvWBCGaCb98ikbX6_snsf4SHZVG5A&google_hm=E52eZsfURmeL3ye_YG7N9qs

Requested by

Host: d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com
URL: https://d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:52 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLW7ZUX1SynCkH6A6COcinNNrHTakCDY-IUOv_KJItMqeUiuPWbe8sJFyHEqcg1PPUBevvWBCGaCb98ikbX6_snsf4SHZVG5A&google_hm=E52eZsfURmeL3ye_YG7N9qs
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 8738 0
135 B 6359ms
19ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEITrvd_9oloOz7D08vHSNV8&google_cver=1&google_push=AYg5qPK0yD3Ga7Pjj83Aj3smP7cWX9J3slbpKKl3KiqRNu2yUhfx5IAJYzv2PisA6aUlEjRose1cYuPX4eWhURlf_5HX_S2Wj2Hq3A
Requested by: Host: d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com
URL: https://d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:59 GMT
via: 1.1 google
alt-svc: clear

GET /
dsp.adfarm1.adition.com/cookie/ Frame 8738 0
0

GET rub
px.adhigh.net/p/gm/ Frame 8738 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8738
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mRGGtz49Sv6MeEOQpHjsBQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mRGGtz49Sv6MeEOQpHjsBQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKxJ7FwwMeOCvqzkFGWvtgj6XEsC-HtBNqSAsj0dkQpXTLPdFbgBgpb4RYNHm1m1kVRdJXDN3G3d-aTJ4lqHCodWyo9tvxRVg

Requested by

Host: d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com
URL: https://d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mRGGtz49Sv6MeEOQpHjsBQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKxJ7FwwMeOCvqzkFGWvtgj6XEsC-HtBNqSAsj0dkQpXTLPdFbgBgpb4RYNHm1m1kVRdJXDN3G3d-aTJ4lqHCodWyo9tvxRVg
date: Mon, 14 Jun 2021 08:07:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET sync
ssbsync.smartadserver.com/api/ Frame 8738 0
0

GET sync
ups.analytics.yahoo.com/ups/58281/ Frame 8738 0
0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 8738 0
12 B 16ms
15ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ivf7mGyopANo4Jbr42hZXHmbZ2sTPJzMGptZu3EnNZCfG9-Z7wENfp9J6Nr9yIwW_5t139Cw

Requested by

Host: d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com
URL: https://d2afd3d55cd7decf48b4011081faa9cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 60E1
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

39ms
37ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: nichools.com
URL: http://nichools.com/stat?i=bdsfyu86g9gsdn1e02&a=fd303e746d713aa876b41ea7a757f5771&cb=3044041623658072531
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 51
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DTVZEnQix93KHHIoNV7Xvy4lRhNCQIguPSa03Rcbjy0qdWsOBCAxuKFzuCpRe2AzjDvEURiq%2FFlF1QLyj8DWH3duli%2Fmj38yYVAOzvs6J9TA%2BwpKoCKwduR61gmFEUbf7iqzAQoe"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 0aab29259600001f4dfe834000000001
cf-ray: 65f2114f591f1f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:53 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kHSpFgBmm3%2Fvgn2FfPbnqPnRRdsvgHnaeAeusOiea3GKkasWkcJp7020le6XQaPbZRrViiH5SfwRZ29k7Tbvg9tGMVbJ3PTw8dE42%2BeLI%2BrV5BikzZyMtVTFAOy01j5%2FEJ4n6hWw"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f2114d7c452c26-FRA
cf-request-id: 0aab29246700002c266781a000000001
Expires: Mon, 14 Jun 2021 09:07:53 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 1F61
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

39ms
37ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: nichools.com
URL: http://nichools.com/syncro?i=bdsfyu86g9gsdn1e02&a=e86995c3ab7255d0309bc17b4d95628b5&cb=3797651623658072532
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 51
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HuTllmydHigEQQz55lHySf9lPU24drUp%2BPi9OwEvtRas5y8VjKaieDDw9bDmmgWkPrbxj1tZAff7KdX2DKQx6C909ZgdyDbeWN3xsZFGDfaaMXyABMEpd%2Bj2%2FjLyjpiBYd1lyIga"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 0aab2925a700001f4d37948000000001
cf-ray: 65f2114f69501f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:53 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OynIfwUttPNcrC6XAUvf3ESeL3zlgGMnSnJIWVff1DP079A1gTdWeNAZWgm5DhgWIBmFR%2Fo1uXi%2FGcvRN3Gpj8EzaGIHo7%2FV4d8dEVHfJKydFmUVd8vlVXD8MmJpVgXI2nvcI1co"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f2114d8c6b2c26-FRA
cf-request-id: 0aab29247200002c2670a62000000001
Expires: Mon, 14 Jun 2021 09:07:53 GMT

GET
H/1.1 200
OK / Show response
ads.projectagoraservices.com/ Frame 0EB1 2 KB
1 KB 21ms
16ms Script
application/javascript 2a02:26f0:6c00::210:ba19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.projectagoraservices.com/?id=11484&uref=https%3A%2F%2Fwww.travelmiso.com%2F&schain=
Requested by: Host: nichools.com
URL: http://nichools.com/stat?i=bdsfyu86g9gsdn1e02&a=85dc0a40cdabdf79cae78dee359d45d85&cb=1173681623658072528
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9089af99a246004f0fb2c0b095de0290d019304dc85ae446acb4d57a6f52c37a

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:53 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: private, no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 909
Expires: Mon, 14 Jun 2021 08:07:53 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 21FC 42 B
64 B 16ms
15ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRCZhO6NSANv-rx9wT6yjNQ2T2eWlXxuo1kS_m0eVli5HCh4PTfx2Fz3LkYF6PLRQUVU9TX3pFNoHfHVGnxBkjSM--IvkHYg&sig=Cg0ArKJSzMzPww9cr1-kEAE&cid=CAASF-RogRiHOZLDf7B4KATgSBDJqIyn8hGy&id=lidar2&mcvt=1153&p=0,0,600,120&mtos=1153,1153,1153,1153,1153&tos=1153,0,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3266069665&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1623658071271&dlt=455&rpt=818&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://900ad9171b4789fb6aabe90cecb3aac7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ Frame 753F
Redirect Chain

http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js

1 KB
1 KB

26ms
6ms

Script
application/javascript

2600:9000:2156:d000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/adsp/300x250.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 07:15:55 GMT
content-encoding: gzip
age: 3119
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
etag: W/"9a93052877e57b42aeefaab6e7ec5f90"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: zhHdN0gJKuuPX5Mw0syp3pqenwS5XQcbdqBZFjAHhCw5o3hCZ0wCWw==

Redirect headers

Date: Mon, 14 Jun 2021 08:07:53 GMT
Via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: zuxOsJBeAyrq_CVf8oZV9tk0e_RiED6rW7RG7sl17Ss8llYXTcv5NA==

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame D7E7 2 KB
2 KB 20ms
19ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1j89pc4zfp7pm30ft351w97ma21panxv3cc4rd890p1cxj0fk1c5eqdbcqbdvza1g801rxnfebcbk64m70dbcdgxsrn1e36rceh2f9z71bw5sj1m00evnz8qqa9tbscb911gwtbz6sxmzy7z6zkrqw7ra57887n7g64v49fd10zpe1xxprjpbrys4mkxmhye38qj3esh4qwyrf5ggxz48z009w98vep0r25qgbyt2am84x2b080h6j37h2ab280t7zgtwd408ng1w2f1q8e9eryh9hgv37g2d30ragyp5q2a1a00h2kbhmffxqg3j8x977cbmppacyrpss496dpf53j0rearagywv3asgde5466xfpzw05xzkq4q8wtqe&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG5r7Vw7HYOSRBbuT7_UP5sG_-AeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04ODA0MzAzNzgxNjQxOTI1oAHCrujdA8gBCakCfsYep6lQtD7gAgCoAwGqBJkCT9CO9x-j7Xf60Mrc02sXWj3LnW4USrh-y_1o35utncZo_kg7pjwW9vccWy-1SxT58zlvqwGChL4JbKCmh-9GynvyWq60UuQhjjZErOenjfbM03g4K6Mo8SfV7km6Wju3TFtc_CwlHxe5CipjJZZRCTTNzhisOZhl1uwyQNao9ORGpT3nm1AiYcT-44UwoepOGR9c7NAbuVAdUhsj-BSPIiLrWwes0OfFo84oZhk4bduy56SxDj4eczpRU-6xF0pvWbsx6AunWv3SfYe-Iye68cuM3eVuwJUtoN4laI3FgoG07_g2AUN93QYFblbw3Mrsg3ef4tmoyfcmo10-lYPvz2l-pFyu27qvxH_I6hm-JuHOlumV7cqz5uTgBAGABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzgzMjc2NjM2MDU5NjUxOPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1cpuX8GbsUAm09Uur8NbdB7DegXQ%26client%3Dca-pub-8804303781641925%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1j89pc4zfp7pm30ft351w97ma21panxv3cc4rd890p1cxj0fk1c5eqdbcqbdvza1g801rxnfebcbk64m70dbcdgxsrn1e36rceh2f9z71bw5sj1m00evnz8qqa9tbscb911gwtbz6sxmzy7z6zkrqw7ra57887n7g64v49fd10zpe1xxprjpbrys4mkxmhye38qj3esh4qwyrf5ggxz48z009w98vep0r25qgbyt2am84x2b080h6j37h2ab280t7zgtwd408ng1w2f1q8e9eryh9hgv37g2d30ragyp5q2a1a00h2kbhmffxqg3j8x977cbmppacyrpss496dpf53j0rearagywv3asgde5466xfpzw05xzkq4q8wtqe&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG5r7Vw7HYOSRBbuT7_UP5sG_-AeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04ODA0MzAzNzgxNjQxOTI1oAHCrujdA8gBCakCfsYep6lQtD7gAgCoAwGqBJkCT9CO9x-j7Xf60Mrc02sXWj3LnW4USrh-y_1o35utncZo_kg7pjwW9vccWy-1SxT58zlvqwGChL4JbKCmh-9GynvyWq60UuQhjjZErOenjfbM03g4K6Mo8SfV7km6Wju3TFtc_CwlHxe5CipjJZZRCTTNzhisOZhl1uwyQNao9ORGpT3nm1AiYcT-44UwoepOGR9c7NAbuVAdUhsj-BSPIiLrWwes0OfFo84oZhk4bduy56SxDj4eczpRU-6xF0pvWbsx6AunWv3SfYe-Iye68cuM3eVuwJUtoN4laI3FgoG07_g2AUN93QYFblbw3Mrsg3ef4tmoyfcmo10-lYPvz2l-pFyu27qvxH_I6hm-JuHOlumV7cqz5uTgBAGABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNzgzMjc2NjM2MDU5NjUxOPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1cpuX8GbsUAm09Uur8NbdB7DegXQ%26client%3Dca-pub-8804303781641925%26adurl%3D

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Mon, 14 Jun 2021 09:07:53 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1854717
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
cf-request-id: 0aab2924aa00001f4146312000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hW2o80CRdNovFuEercbKZAciUHw8zx7Z21xAixR22%2Br99tGYpAXf3bJI04cmiPcBm9YecvRRSqiLkHsr5WOECiDDVSFEBBm9JZpqB6eR1%2F5YxkIGxduxCEqPlmvGa5oy"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 65f2114dd8781f41-FRA
content-encoding: br

GET
H3-29 200 pubads_impl_2021061001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7621 326 KB
114 KB 16ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ce69465fa2284194ab3ec822ee452307e2f4b4ab202499e24a06f8215b1ead1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Jun 2021 08:39:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116947
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:53 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 61E1 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 61E1 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 61E1 330 B
173 B 45ms
44ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1676373550020282&correlator=1432916652126926&output=ldjh&impl=fifs&eid=31061160%2C31061278%2C21068110%2C31061143&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cdm=cdn.aralego.net&bc=23&abxe=1&lmt=1597133702&dt=1623658073268&dlt=1623658072174&idt=1079&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=64515409&ucis=q7hl7pse6ddk&ifi=1&ifk=923963767&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2Fcht_cookieSyncIframe.html&ref=http%3A%2F%2Fb.travelmiso.com%2F&top=http%3A%2F%2Fb.travelmiso.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=471822058.1623658073&ga_sid=1623658073&ga_hid=1415962691&ga_fc=false&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a648beca6b46bb402b6c092ea46c43c279827d3ff2870dd3cb185dce7c46c68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
10c44f575d163661944f598149738c22.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 61E1 0
0 31ms
14ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://10c44f575d163661944f598149738c22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F940 0
0 17ms
16ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbE2aaMnuR_yi0lVO4LmhGHKTLEBRh6mX2d53UZnvDELRfD2sw8Up8L7tQdfligVTawOqubMMrFRtgYEDHa92p3zeixM63aYE7TSLC-KKrNtNNCWGd417OgK4FuKNb-aPG2a-4C2JDa6VevLS9f_6E9xoxsL-14mZI5aaareNkEzDJLFh6UnaOJH-GftEju0HpyvV8rg6IrAqDXXLBBBPXhL0mE4-604wzYihEVO1A8I_do6bJdgrMaerHzkHY4uzDS4cIiltfG2zKYffRY2kysOM2cgx5bpzKiJ3GKjcgcsUVsW4SL3VEXB38tSZC0OMNEak&sig=Cg0ArKJSzNxkIeqAaE2nEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 08:07:53 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F940 11 KB
8 KB 24ms
23ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11755e465085e3ba7ca94565ddfff969f9b07880eb39f55c9008a0078832f11b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8451
x-xss-protection: 0

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 39A6
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

40ms
40ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: nichools.com
URL: http://nichools.com/counter?i=bdsfyu86g9gsdn1e02&a=3f44370d5e0a4599fd8739ecf35584f71&cb=9772811623658072534
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 51
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IIoOixwCBOopeXIn6xJoXmRzV3I08HkXuBegOYU5uJXuzDnOvkcfhWig%2BRLWhPDESbwAr9J9BVWG4%2BSUYxDEPdIOFKzhJqU6GLPxFFtblFQh7INAyCoiQ6TXSFGvUTVt0GUJy34%2F"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 0aab2925c200001f4d2619b000000001
cf-ray: 65f2114f99a71f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:53 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DeIBE3iL4tWU43q%2FDGEr3rKum9SZ9d9fo3tqKIeUpptFXGXYo0HobY8cO2ycKWYBtnXqLe%2B7TZ9Vs9oDna1CALDZIQT6rjFv%2Bri1xmeiOA4ZT9ETvj52BbFAnxusW8%2F%2Fxe%2B5Et2D"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f2114e4e882c26-FRA
cf-request-id: 0aab2924e900002c2626306000000001
Expires: Mon, 14 Jun 2021 09:07:53 GMT

GET
H2

200

prebid_v4_21.js Show response
hb.adpone.com/ Frame 6D9F
Redirect Chain

http://hb.adpone.com/prebid_v4_21.js
https://hb.adpone.com/prebid_v4_21.js

302 KB
88 KB

45ms
45ms

Script
application/javascript

2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: nichools.com
URL: http://nichools.com/sync?i=bdsfyu86g9gsdn1e02&a=639b5843ddce7790664d1bb76d6f796c7&cb=5855691623658072535
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 51
content-type: application/javascript
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3jbdhA1ZfIjPPTPCFZN8xQoIfxajaVc2hS6HHEy6cGlqAU8nABqsHqTeYfjGiXCwRx0n6qOzBFOthTAO0HX5XxkoQO5%2Fi7czWKrlzzR9NKwkCmTpFwHarkMWPxet1I%2BEwqIVdwWt"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control: max-age=14400
cf-request-id: 0aab2925c300001f4d10a03000000001
cf-ray: 65f2114f99ab1f4d-FRA

Redirect headers

Date: Mon, 14 Jun 2021 08:07:53 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sG%2BOH4YuN5bc9bheEkXgagDX%2BApBbsdCH1ynX9ZEAjqqzcOKXkkAco5YjL8w%2B9TG6lyzmYQ%2BQJdOpXfVidXGspvBLqA%2BYOvFdxIZLkENIl9coW1qS%2B6yijOuOkUfUr707RVGY%2BU4"}],"group":"cf-nel","max_age":604800}
Location: https://hb.adpone.com/prebid_v4_21.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65f2114e5ebf2c26-FRA
cf-request-id: 0aab2924f700002c26662cb000000001
Expires: Mon, 14 Jun 2021 09:07:53 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7B48 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7B48 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7B48 49 KB
12 KB 298ms
296ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2243877010295504&correlator=1708403834981119&output=ldjh&impl=fifs&eid=31060783%2C31061290%2C31061429%2C21068767&vrg=2021061001&ptt=17&sc=0&sfv=1-0-38&ecs=20210614&iu_parts=21671350435%2C728x90-travelmiso.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3D79a2f6b1aefcf0ef%3AT%3D1623658069%3AS%3DALNI_MZoxHzK7RPU6Cg0jzzgpyfVQnW1Yg&cdm=b.travelmiso.com&bc=23&abxe=1&lmt=1623658073&dt=1623658073374&dlt=1623658072512&idt=840&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=48&adys=1465&adks=871169296&ucis=e4jjuim3vlj2&ifi=1&ifk=2568408050&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&ref=http%3A%2F%2Fb.travelmiso.com%2F&top=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=119990129.1623658073&ga_sid=1623658073&ga_hid=1829444426&ga_fc=false&fws=256&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06fb34e58d6baeb271ba30169bc33cb93fb1462d6c62d2bb21e45f580fae245f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11776
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://b.travelmiso.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
0deac86331ae1711dd89b6ea2af0c977.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7B48 0
0 45ms
13ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://0deac86331ae1711dd89b6ea2af0c977.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK /
optimize.innity.com/ 43 B
452 B 4374ms
334ms Image
image/gif 119.81.3.35
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://optimize.innity.com/?pubid=244&zoneid=87318&cb=1623658073390
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 119.81.3.35 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 23.03.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:57 GMT
Last-Modified: Mon, 14 Jun 2021 08:07:57 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E4A5 2 KB
2 KB 13ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=b.travelmiso.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=b.travelmiso.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1372
set-cookie: uid=010df281-e9b6-4f3a-aa96-104cbc5b8e8d; expires=Tue, 14 Jun 2022 08:07:53 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Mon, 14 Jun 2021 08:07:52 GMT
content-length: 1129

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9D4C 107 B
122 B 19ms
18ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9D4C 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9D4C 362 B
202 B 189ms
188ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3429539666802830&correlator=1681813508358068&output=ldjh&impl=fifs&eid=31061290%2C31061429%2C31061143%2C44740386&vrg=2021061001&ptt=17&sc=0&sfv=1-0-38&ecs=20210614&iu_parts=211003152%2Com_ron_dis_728X90_d_catchall_pp0.1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=4&cust_params=domain%3Dtravelmiso.com%26site_id%3D35808%26publisher_id%3D2633&cookie=ID%3D79a2f6b1aefcf0ef%3AT%3D1623658069%3AS%3DALNI_MZoxHzK7RPU6Cg0jzzgpyfVQnW1Yg&cdm=b.travelmiso.com&bc=23&abxe=1&dt=1623658073414&dlt=1623658072303&idt=1101&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=806&adys=1569&adks=3739715834&ucis=wt7i11n7xd2r&ifi=1&ifk=2165813388&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=http%3A%2F%2Fb.travelmiso.com%2F&loc=about%3Ablank&top=b.travelmiso.com&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1979938849.1623658073&ga_sid=1623658073&ga_hid=490309488&ga_fc=false&fws=256&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1124c34e83fa741fc253ba8ab61106b59b37933c97511f5516ae2af3f30d9836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
be3996d0bca8beb9cd8da83acd7aaf05.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9D4C 0
0 53ms
13ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://be3996d0bca8beb9cd8da83acd7aaf05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame C216 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame C216 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C216 330 B
172 B 42ms
42ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=375651994929777&correlator=1573909362336761&output=ldjh&impl=fifs&eid=31061223%2C31061289%2C31061428%2C31061181%2C31060890&vrg=2021060901&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cdm=cdn.aralego.net&bc=23&abxe=1&lmt=1597133702&dt=1623658073452&dlt=1623658072096&idt=1335&ea=0&frm=24&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=64515409&ucis=8fy4hp46r1gg&ifi=1&ifk=923963767&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2Fcht_cookieSyncIframe.html&ref=http%3A%2F%2Fb.travelmiso.com%2F&top=http%3A%2F%2Fb.travelmiso.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=1919781732.1623658073&ga_sid=1623658073&ga_hid=1452269895&ga_fc=false&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94037d3510bb60b9ff591a84e581909439972a01642316fc3b24766ae41571f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
137e47bb90cd282612c5fbee1934af8e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C216 0
0 28ms
13ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://137e47bb90cd282612c5fbee1934af8e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F017 42 B
64 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsveeya_1HZAi063Y_Di200bedh4wC3vV_PRg5g9RqFRcrUd6p3KeaX95pi5rULc20GflBvPtdXFLJh3rF1OeVeLEASsUBLMg-pOE4Ae79I&sig=Cg0ArKJSzHKoa6R0kew9EAE&id=lidar2&mcvt=1294&p=0,0,250,300&mtos=1294,1294,1294,1294,1294&tos=1294,0,0,0,0&v=20210611&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1866056204&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1623658071217&dlt=0&rpt=927&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame BECC
Redirect Chain

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=80c9cd9e-4fc4-46be-4547-5903775409ef&reqId=f164f8ed-cee6-49c2-75e7-6b34e8bd1965&...
https://mwzeom.zeotap.com/mw?adnxs_uid=8883497169871287413&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=80c9cd9e-4fc4-46be-4547-5903775409ef&reqId=f164f8ed-cee6-49c2-75e7-6b34e8bd1965&uc=2&zdid=1258

95 B
178 B

28ms
28ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?adnxs_uid=8883497169871287413&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=80c9cd9e-4fc4-46be-4547-5903775409ef&reqId=f164f8ed-cee6-49c2-75e7-6b34e8bd1965&uc=2&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 65f21150ee5f4e2c-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0aab29268d00004e2c0f25b000000001

Redirect headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:53 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.179:80
AN-X-Request-Uuid: 9a142725-2663-4238-ae25-e36d107dd669
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://mwzeom.zeotap.com/mw?adnxs_uid=8883497169871287413&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=80c9cd9e-4fc4-46be-4547-5903775409ef&reqId=f164f8ed-cee6-49c2-75e7-6b34e8bd1965&uc=2&zdid=1258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame BECC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=80c9cd9e-4fc4-46be-4547-5903775409ef&reqId=f164f8ed-cee6-49c2-75e7-6b34e8bd1965&uc=2&...
https://mwzeom.zeotap.com/mw?google_gid=CAESEFxODdkYE23GYzuWoKcP8gM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=80c9cd9e-4fc4-46be-4547-5903775409ef&reqId=f164f8ed-cee6-49c2-75e7-6b3...

95 B
188 B

28ms
26ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEFxODdkYE23GYzuWoKcP8gM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=80c9cd9e-4fc4-46be-4547-5903775409ef&reqId=f164f8ed-cee6-49c2-75e7-6b34e8bd1965&uc=2&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 65f21150ce1a4e2c-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0aab29267f00004e2c07b4e000000001

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEFxODdkYE23GYzuWoKcP8gM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=80c9cd9e-4fc4-46be-4547-5903775409ef&reqId=f164f8ed-cee6-49c2-75e7-6b34e8bd1965&uc=2&zdid=1258
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 450
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame BECC
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D80c9cd9e-4fc4-46be-4547-5903775409ef%26reqId%3Df164f8ed-cee6-49c2-75e7-6b34e8...
https://mwzeom.zeotap.com/mw?cid=83d60638-2dbc-4bd6-b11a-4844dbf331b7&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=80c9cd9e-4fc4-46be-4547-5903775409ef&reqId=f164f8ed-cee6-49c2-75e7-6b34e8bd1965&uc...

95 B
178 B

28ms
27ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=83d60638-2dbc-4bd6-b11a-4844dbf331b7&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=80c9cd9e-4fc4-46be-4547-5903775409ef&reqId=f164f8ed-cee6-49c2-75e7-6b34e8bd1965&uc=2&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 65f21150de514e2c-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0aab29268a00004e2c4b1db000000001

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:53 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=83d60638-2dbc-4bd6-b11a-4844dbf331b7&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=80c9cd9e-4fc4-46be-4547-5903775409ef&reqId=f164f8ed-cee6-49c2-75e7-6b34e8bd1965&uc=2&zdid=1258
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 449

GET

demconf.jpg
dpm.demdex.net/ Frame BECC
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=80c9cd9e-4fc4-46be-4547-5903775409ef&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=80c9cd9e-4fc4-46be-4547-5903775409ef&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...

0
0

GET g.pixel
aa.agkn.com/adscores/ Frame BECC 0
0

GET img
pixel.mathtag.com/sync/ Frame BECC 0
0

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame BECC 541 B
504 B 47ms
42ms Script
text/plain 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=80c9cd9e-4fc4-46be-4547-5903775409ef&reqId=f164f8ed-cee6-49c2-75e7-6b34e8bd1965&uc=2&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14a8d82187c281a879f8a3efdca98477a8ff0cbddfbf785552010e9843deb4f3

Request headers

Referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 65f2114f7a4e4e2c-FRA
date: Mon, 14 Jun 2021 08:07:53 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *
cf-request-id: 0aab2925af00004e2c10a28000000001

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F940 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:53 GMT

GET
H2 200 production_flurryTag.html Show response
cdn.aralego.net/ucfad/mobile/ Frame 9572 10 KB
2 KB 249ms
249ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/mobile/production_flurryTag.html?adid=d3ba746a-82fb-4032-b01e-ccb4c304c69a&width=728&height=90&click=
Requested by: Host: ads.aralego.com
URL: http://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9bbf2c828c70be6c37d14a29e850719276d371dd384d968c62c63a1f6e8ba2a

Request headers

:method: GET
:authority: cdn.aralego.net
:scheme: https
:path: /ucfad/mobile/production_flurryTag.html?adid=d3ba746a-82fb-4032-b01e-ccb4c304c69a&width=728&height=90&click=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-type: text/html
last-modified: Tue, 27 Apr 2021 04:01:41 GMT
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
cf-request-id: 0aab2925c600002b899d828000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Q%2FoosBU0rBNPhIntPWZ95Kh6axGaqx32k5ZSJENAz96QJjF9O840S496m4Th3GxolZCDJI16lMK7QOwZoMOx47jMzzzcL3pVwXuP8WOlqc05L0FnJccO6dceq5H6I3p4xXL%2BSlwXlZY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 65f2114fadb52b89-FRA
content-encoding: br

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6C1C 14 KB
6 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 15:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 15:49:47 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 5DCB 83 KB
27 KB 23ms
20ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player_banner.min.07f50ce3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Jun 2021 08:07:53 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
611 B 167ms
165ms XHR
application/json 104.22.53.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=11980319&u1=C9149D38EDC74FD4A9B992949CD6071D&java=1&security=2a995886&sc_snum=1&sess=8987a3&p=0&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=http%3A//shoppinglifestyle.biz/&u=http%3A//b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/&t=-&invisible=1&sc_rum_e_s=5202&sc_rum_e_e=5209&sc_rum_f_s=0&sc_rum_f_e=711&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.53.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 65f2114fc9a13322-CDG
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: http://b.travelmiso.com
access-control-allow-credentials: true
content-type: application/json
cf-request-id: 0aab2925e0000033221902f000000001
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D786 318 KB
112 KB 17ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:53 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame F4AD 83 KB
27 KB 19ms
18ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player_banner.min.07f50ce3.js?e=ops
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Jun 2021 08:07:53 GMT

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame A22C 173 B
357 B 33ms
33ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=8144a6a7-20ae-4e37-9335-9f365acc8532&nocache=1623658073640&gdpr=0&x_gdpr_f=1&schain=1.0%2C1!adpone.com%2C%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1623658072864&auid=541066156
Requested by: Host: hb.adpone.com
URL: http://hb.adpone.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 90c6a95468b92af6d955836a89f87986ecaccbac3214fb9f9050d90349185455

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
server: OXGW/16.208.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://b.travelmiso.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame A22C 284 B
1 KB 36ms
35ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=270626&zone_id=1699156&size_id=15&p_pos=atf&gdpr=0&rf=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&tk_flint=adpnPbjs_lite_v3.26.0&x_source.tid=8144a6a7-20ae-4e37-9335-9f365acc8532&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.923801250512323
Requested by: Host: hb.adpone.com
URL: http://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 3f4e9989750be22b370efe9473a3f5176f6898cec80686ec676c727e9c900e52

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:53 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://b.travelmiso.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A22C 19 B
870 B 19ms
19ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: http://hb.adpone.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:53 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.48:80
AN-X-Request-Uuid: 2c2f416e-5ca9-42a3-a3d0-3781cef02841
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://b.travelmiso.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame A22C 0
323 B 22ms
21ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: http://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:52 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame A22C 0
60 B 16ms
16ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: http://hb.adpone.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://b.travelmiso.com
date: Mon, 14 Jun 2021 08:07:52 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7D16 52 KB
17 KB 28ms
7ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: http://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgIgPNtEAoYASABKAEw1pychgY4AUABSAEQ1pychgYYAA..; uuid2=8883497169871287413
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 14 Jun 2021 04:37:10 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 14 Jun 2021 08:07:53 GMT
Age: 12644
X-Served-By: cache-lga21968-LGA, cache-hhn4083-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 2, 267941
X-Timer: S1623658074.674521,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame B9EA 38 KB
14 KB 28ms
28ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: hb.adpone.com
URL: http://hb.adpone.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=27872
expires: Mon, 14 Jun 2021 15:52:25 GMT
date: Mon, 14 Jun 2021 08:07:53 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 3866 281 B
554 B 523ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: http://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://b.travelmiso.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KPWC3D5X-5-77QP; rsid=1|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+eZLvlgeCkRh3C4WPGUmesEFiaAnqRSjT4sl0Fg1EK+hUVPp2REB9Ko2i2DakxOMWpH+S3NzCR; audit=1|hLZGFuTafB17wtkIMikiiUXCma7a0HRKwhEUNmcfvl+Z5tAjWNOSJP0fnRitWi1tOpgehnDOzcnMboWaW1ii7Uj7cHn9Lg9W
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 14 Jun 2021 08:07:54 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame A7A1 668 B
733 B 20ms
18ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by: Host: hb.adpone.com
URL: http://hb.adpone.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 689a7a6bca2c61bd44472a3fd3e8dea3a763bb7c38fd84c8fd0e76e4123a9118

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=1f8b4414-9964-0e4c-2312-957bb694f309|1623658070
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=1f8b4414-9964-0e4c-2312-957bb694f309|1623658070; Version=1; Expires=Tue, 14-Jun-2022 08:07:53 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1623658073|gekin0vNiygu; Version=1; Expires=Tue, 29-Jun-2021 08:07:53 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.208.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 14 Jun 2021 08:07:53 GMT
content-type: text/html
content-length: 421
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET impress
exchange.adtrue.com/delivery/ Frame A549 0
0

GET
H3-29 200 pav2_3.25.min.js Show response
projectagora.net/libs/ Frame 0EB1 22 KB
5 KB 19ms
19ms Script
application/javascript 2606:4700:3032::ac43:9028
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora.net/libs/pav2_3.25.min.js
Requested by: Host: ads.projectagoraservices.com
URL: http://ads.projectagoraservices.com/?id=11484&uref=https%3A%2F%2Fwww.travelmiso.com%2F&schain=
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9028 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2889eb05f073f7d5b57871d886412e1330441ccac21d149403e94ebf869fa813

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 2K73VPDJC2M5EPP1
x-amz-id-2: CAXezVOloR5BM7k6KcBaygn90D5HIA2WkbxqFeDoQB9fNX1vTwRmisOeTbHB80NM+rWixnWhezo=
last-modified: Wed, 05 May 2021 10:07:24 GMT
server: cloudflare
etag: W/"5ad9313a3f5ac0b5de3249cbac8ff4c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vcjF%2FRcr0IQecxGuEPDfJg6icOQ%2FbrdylNnqNdYRdgWS7ly16ly%2FSGtbuf5alo%2FmnjgJs1qdgrS1oOH2%2BKNWNDn3SPSz1f7qY8PPBOjJE%2FIFjKj%2FDg7DjMVaElCjntYp%2BH5ovcBtP%2FhEsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 0aab2926570000c2ea56b7b000000001
cf-ray: 65f211508f20c2ea-FRA

GET
H2 200 / Show response
ads.viralize.tv/t-bid-opportunity/ Frame CB71 0
83 B 17ms
17ms XHR
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/t-bid-opportunity/?t=badn&zid=AAC95piwLXRmBuZQ&sid=01ebcce79bdd7dc85520296cfcecfeb1&u=http%3A%2F%2Fb.travelmiso.com%2F&item=NTU2MyWcWwzWCsm9.9.wp9sc1
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: http://b.travelmiso.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET gmdef_728x90.asp
www.travelmiso.com/acta/friends/ Frame 32E8 0
0

GET
H/1.1

200
OK

recv
cm.gammaplatform.com/adx/ Frame 7A63
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ambient-digital&ttd_tpi=1
https://cm.gammaplatform.com/adx/recv?pid=5&uid=83d60638-2dbc-4bd6-b11a-4844dbf331b7

43 B
286 B

1052ms
177ms

Image
image/gif

52.220.229.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.gammaplatform.com/adx/recv?pid=5&uid=83d60638-2dbc-4bd6-b11a-4844dbf331b7

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/gam/728x90.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.220.229.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

lws: 122
date: Mon, 14 Jun 2021 08:07:54 GMT
content-encoding: gzip
time-ms: 0
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-encoding: utf-8
content-length: 51

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:53 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.gammaplatform.com/adx/recv?pid=5&uid=83d60638-2dbc-4bd6-b11a-4844dbf331b7
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 199

GET

match
ads.betweendigital.com/ Frame 7A63
Redirect Chain

https://x.bidswitch.net/sync?ssp=ambient
https://x.bidswitch.net/ul_cb/sync?ssp=ambient
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dambient%26expires%3D30%26user_group%3D%24%...

0
0

GET
H/1.1

200
OK

recv
cm.gammaplatform.com/adx/ Frame 7A63
Redirect Chain

https://gocm.c.appier.net/ambient
https://cm.gammaplatform.com/adx/recv?pid=10&uid=YdgTINPuB9GSMhzpWQ7HYA

43 B
286 B

1154ms
176ms

Image
image/gif

52.220.229.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.gammaplatform.com/adx/recv?pid=10&uid=YdgTINPuB9GSMhzpWQ7HYA

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/gam/728x90.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.220.229.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

lws: 123
date: Mon, 14 Jun 2021 08:07:55 GMT
content-encoding: gzip
time-ms: 0
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-encoding: utf-8
content-length: 51

Redirect headers

location: https://cm.gammaplatform.com/adx/recv?pid=10&uid=YdgTINPuB9GSMhzpWQ7HYA
date: Mon, 14 Jun 2021 08:07:53 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 98
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET send
cm.ambientdsp.com/cm/ Frame 7A63 0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 40FD 8 KB
3 KB 21ms
19ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D
Requested by: Host: tag.gammaplatform.com
URL: http://tag.gammaplatform.com/adx/request/?wid=1567569789&zid=1567570449&urf=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&zt=&cb=006655/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=110541
expires: Tue, 15 Jun 2021 14:50:14 GMT
date: Mon, 14 Jun 2021 08:07:53 GMT
vary: Accept-Encoding

GET send
cm.gammadsp.com/cm/ Frame 7A63 0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 050D 8 KB
3 KB 21ms
20ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159249&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D53%26uid%3D
Requested by: Host: tag.gammaplatform.com
URL: http://tag.gammaplatform.com/adx/request/?wid=1567569789&zid=1567570449&urf=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&zt=&cb=006655/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=159249&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D53%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=110541
expires: Tue, 15 Jun 2021 14:50:14 GMT
date: Mon, 14 Jun 2021 08:07:53 GMT
vary: Accept-Encoding

GET

sync
d.gammaplatform.com/ltm/ Frame 7A63
Redirect Chain

https://ad.crwdcntrl.net/5/c=13633/pe=y?https%3A%2F%2Fd.gammaplatform.com%2Fltm%2Fsync%3Fsegs%3D%24%7Baud_ids%7D
https://d.gammaplatform.com/ltm/sync?segs=476272,592030

0
0

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ Frame 7A63 2 KB
1 KB 5452ms
32ms Script
application/javascript 104.16.200.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=83432313f553532313f5435393&cid=954&p=1505449937&s=http://travelmiso.com/&x=gammassp&nci=&adtg=1567570449&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=1567569789&di=&mm=&os=&ua=&lat=&lon=
Requested by: Host: tag.gammaplatform.com
URL: http://tag.gammaplatform.com/adx/request/?wid=1567569789&zid=1567570449&urf=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&zt=&cb=006655/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Jun 2021 15:09:31 GMT
server: cloudflare
age: 7019
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 65f21172a968ee79-CDG
content-length: 1146
cf-request-id: 0aab293baa0000ee79651c5000000001
expires: Mon, 14 Jun 2021 10:07:59 GMT

GET
H2 200 tpid=ah74fsaf1fye
bcp.crwdcntrl.net/5/c=13633/tp=GMMA/ Frame 7A63 49 B
793 B 75ms
74ms Image
image/gif 54.194.226.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/c=13633/tp=GMMA/tpid=ah74fsaf1fye
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/gam/728x90.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:53 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.21.125
content-type: image/gif
content-length: 49
expires: 0

GET gmdef_160x600.asp
www.travelmiso.com/acta/friends/ Frame 5154 0
0

GET
H/1.1

200
OK

recv
cm.gammaplatform.com/adx/ Frame 3347
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ambient-digital&ttd_tpi=1
https://cm.gammaplatform.com/adx/recv?pid=5&uid=83d60638-2dbc-4bd6-b11a-4844dbf331b7

43 B
285 B

1225ms
174ms

Image
image/gif

52.220.229.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.gammaplatform.com/adx/recv?pid=5&uid=83d60638-2dbc-4bd6-b11a-4844dbf331b7

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/gam/160x600.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.220.229.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

lws: 38
date: Mon, 14 Jun 2021 08:07:55 GMT
content-encoding: gzip
time-ms: 0
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-encoding: utf-8
content-length: 51

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:53 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.gammaplatform.com/adx/recv?pid=5&uid=83d60638-2dbc-4bd6-b11a-4844dbf331b7
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 199

GET

recv
cm.gammaplatform.com/adx/ Frame 3347
Redirect Chain

https://x.bidswitch.net/sync?ssp=ambient
https://x.bidswitch.net/ul_cb/sync?ssp=ambient
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=ambient&bsw_param=522bc648-6ef3-4643-ac41-0c818a15ec45&google_hm=NTIyYmM2NDgtNmVmMy00NjQzLWFjNDEtMGM4MThhMTVlYzQ1
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECMTOMwof8wVSMXGW7vosyM&google_cver=1&ssp=ambient&bsw_param=522bc648-6ef3-4643-ac41-0c818a15ec45
https://cm.gammaplatform.com/adx/recv?pid=7&uid=522bc648-6ef3-4643-ac41-0c818a15ec45

0
0

GET
H/1.1

200
OK

recv
cm.gammaplatform.com/adx/ Frame 3347
Redirect Chain

https://gocm.c.appier.net/ambient
https://cm.gammaplatform.com/adx/recv?pid=10&uid=YdgTINPuB9GSMhzpWQ7HYA

43 B
286 B

1326ms
174ms

Image
image/gif

52.220.229.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.gammaplatform.com/adx/recv?pid=10&uid=YdgTINPuB9GSMhzpWQ7HYA

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/gam/160x600.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.220.229.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

lws: 224
date: Mon, 14 Jun 2021 08:07:55 GMT
content-encoding: gzip
time-ms: 0
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-encoding: utf-8
content-length: 51

Redirect headers

location: https://cm.gammaplatform.com/adx/recv?pid=10&uid=YdgTINPuB9GSMhzpWQ7HYA
date: Mon, 14 Jun 2021 08:07:53 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 98
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET send
cm.ambientdsp.com/cm/ Frame 3347 0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C78C 8 KB
3 KB 19ms
18ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D
Requested by: Host: tag.gammaplatform.com
URL: http://tag.gammaplatform.com/adx/request/?wid=1567569789&zid=1567570861&urf=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&zt=&cb=531537/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=158212&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D35%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=110541
expires: Tue, 15 Jun 2021 14:50:14 GMT
date: Mon, 14 Jun 2021 08:07:53 GMT
vary: Accept-Encoding

GET send
cm.gammadsp.com/cm/ Frame 3347 0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2D84 8 KB
3 KB 21ms
21ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159249&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D53%26uid%3D
Requested by: Host: tag.gammaplatform.com
URL: http://tag.gammaplatform.com/adx/request/?wid=1567569789&zid=1567570861&urf=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&zt=&cb=531537/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=159249&predirect=https%3A%2F%2Fcm.gammaplatform.com%2Fadx%2Frecv%3Fpid%3D53%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=110541
expires: Tue, 15 Jun 2021 14:50:14 GMT
date: Mon, 14 Jun 2021 08:07:53 GMT
vary: Accept-Encoding

GET

sync
d.gammaplatform.com/ltm/ Frame 3347
Redirect Chain

https://ad.crwdcntrl.net/5/c=13633/pe=y?https%3A%2F%2Fd.gammaplatform.com%2Fltm%2Fsync%3Fsegs%3D%24%7Baud_ids%7D
https://d.gammaplatform.com/ltm/sync?segs=476272,592030

0
0

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ Frame 3347 2 KB
1 KB 5464ms
47ms Script
application/javascript 104.16.200.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=83432313f553532313f5435393&cid=954&p=1505449937&s=http://travelmiso.com/&x=gammassp&nci=&adtg=1567570861&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=1567569789&di=&mm=&os=&ua=&lat=&lon=
Requested by: Host: tag.gammaplatform.com
URL: http://tag.gammaplatform.com/adx/request/?wid=1567569789&zid=1567570861&urf=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&zt=&cb=531537/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Jun 2021 15:09:31 GMT
server: cloudflare
age: 7019
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 65f21172a96aee79-CDG
content-length: 1146
cf-request-id: 0aab293bab0000ee7995945000000001
expires: Mon, 14 Jun 2021 10:07:59 GMT

GET
H2 200 tpid=bi3um3wldxkt
bcp.crwdcntrl.net/5/c=13633/tp=GMMA/ Frame 3347 49 B
792 B 149ms
148ms Image
image/gif 54.194.226.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/c=13633/tp=GMMA/tpid=bi3um3wldxkt
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/gam/160x600.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:53 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.3.231
content-type: image/gif
content-length: 49
expires: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/1197866058__Ku480GUE.jpg
Requested by: Host: nichools.com
URL: http://nichools.com/usersync?i=jvz1bqas4afbza0812345&a=f806503c39db99c77ecab4df904769a71&cb=8764801623658069159
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 161604fd22b1e31df5052000a351be29f510419f6829682e7cb798e8fe102bd3

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 14 Jun 2021 08:07:53 GMT
via: 1.1 varnish, 1.1 varnish
age: 2591616
edge-cache-tag: 541591015695170776024397436526347427068,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 37
expiration: expiry-date="Sun, 16 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/1197866058__Ku480GUE.jpg
content-length: 11822
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Thu, 15 Apr 2021 15:20:13 GMT
server: nginx
x-timer: S1623658074.725145,VS0,VE0
etag: "6c9e40e28422da5378844ca393be21b2"
x-served-by: cache-wdc5562-WDC, cache-dca17729-DCA, cache-fra19177-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H2 204 /
ads.viralize.tv/track/ Frame F4AD 0
39 B 17ms
17ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A7%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ebcce79bdd6998a593b5c3a9c3d841%3A0%3ANTU1OPkpEx5nemgF~wp9sc1%3A0%3A0~1%22%2C%22format%22%3A%22banner%22%2C%22loader%22%3A%22gpt%22%2C%22linear%22%3Afalse%2C%22content_type%22%3A%22%22%2C%22duration%22%3A0%2C%22adsystem%22%3A%22google%22%2C%22wrappers_count%22%3A0%2C%22creativity_id%22%3A%22%22%2C%22creativity_width%22%3A160%2C%22aspect_ratio%22%3A%22unknown%22%2C%22creativity_session_id%22%3A%220~1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22impression%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A7%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ebcce79bdd6998a593b5c3a9c3d841%3A0%3ANTU1OPkpEx5nemgF~wp9sc1%3A0%3A0~1%22%2C%22creativity_session_id%22%3A%220~1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22start%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A7%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ebcce79bdd6998a593b5c3a9c3d841%3A0%3ANTU1OPkpEx5nemgF~wp9sc1%3A0%3A0~1%22%2C%22creativity_session_id%22%3A%220~1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22viewable_start%22%7D%2C%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A7%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ebcce79bdd6998a593b5c3a9c3d841%3A0%3ANTU1OPkpEx5nemgF~wp9sc1%3A0%3A0~1%22%2C%22creativity_session_id%22%3A%220~1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22google_viewable%22%7D%5D
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1036555-5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4156
date: Mon, 14 Jun 2021 06:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 14 Jun 2021 08:58:37 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E89E 42 B
64 B 14ms
14ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst0porh3YDznOqSFWepozRxLhPWPJVxG87dY-W6nPyVVZHGefvnKESvwHKSLKKwsmY7IxkhwtFsZPpntQ1Zg3_76suiHosojA&sig=Cg0ArKJSzMMyekDE5OJ9EAE&cid=CAASF-Roij8nTjaOUq8rrBeRd8YVXuKxO_QB&id=lidar2&mcvt=1180&p=0,0,250,300&mtos=1180,1180,1180,1180,1180&tos=1180,0,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2714596404&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1623658071902&dlt=118&rpt=742&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb3cdc3b92d0f91e3ce5af579dd2d873.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9D4C 11 KB
8 KB 21ms
19ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021061001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

466a4f9875836ff48660effe0cd2145485255c9506b1d4ed1b98c90e3dbd4afe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8399
x-xss-protection: 0

GET
H2

200

match
euc-ice.360yield.com/ Frame F4AD
Redirect Chain

https://ib.adnxs.com/getuid?https://euc-ice.360yield.com/match?dsp_callback=0&external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA
https://euc-ice.360yield.com/match?dsp_callback=0&external_user_id=8883497169871287413&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA

43 B
424 B

3097ms
20ms

Image
image/gif

54.93.115.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euc-ice.360yield.com/match?dsp_callback=0&external_user_id=8883497169871287413&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.115.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Jun 2021 08:07:57 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:53 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.84:80
AN-X-Request-Uuid: 1f45cbf1-cc3a-41e2-aced-b2bb9427b0e9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://euc-ice.360yield.com/match?dsp_callback=0&external_user_id=8883497169871287413&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match
ad.360yield.com/ Frame F4AD
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=9228db0b-cc21-4912-9c4a-bc81d073079e&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_con...
https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=83d60638-2dbc-4bd6-b11a-4844dbf331b7&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA

43 B
446 B

135ms
135ms

Image
image/gif

18.197.249.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=83d60638-2dbc-4bd6-b11a-4844dbf331b7&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.249.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-249-149.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Jun 2021 08:07:54 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:53 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=83d60638-2dbc-4bd6-b11a-4844dbf331b7&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 345

GET /
track.adform.net/serving/cookie/match/ Frame F4AD 0
0

GET
H2

200

match
match.360yield.com/ Frame F4AD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=kijbC8whSRKcSryB0HMHng&google_cm&dsp_callback=0&publisher_dsp_id=340&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA
https://match.360yield.com/match?dsp_callback=0&publisher_dsp_id=340&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA&google_gid=CAESEAE3l-Vc7y8ehp69CvNTmds&google_cver=1

43 B
436 B

20ms
19ms

Image
image/gif

18.197.249.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?dsp_callback=0&publisher_dsp_id=340&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA&google_gid=CAESEAE3l-Vc7y8ehp69CvNTmds&google_cver=1
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.249.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-249-149.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Jun 2021 08:07:53 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.360yield.com/match?dsp_callback=0&publisher_dsp_id=340&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA&google_gid=CAESEAE3l-Vc7y8ehp69CvNTmds&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 391
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match
ad.360yield.com/ Frame F4AD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&google_hm=OTIyOGRiMGItY2MyMS00OTEyLTljNGEtYmM4MWQwNzMwNzll&dsp_callback=0&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX...
https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA&external_user_id=CAESEI7rwFYCGNcbUtj56SoMdZk&google_cver=1

43 B
436 B

40ms
37ms

Image
image/gif

18.197.249.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA&external_user_id=CAESEI7rwFYCGNcbUtj56SoMdZk&google_cver=1
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.249.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-249-149.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Jun 2021 08:07:53 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA&external_user_id=CAESEI7rwFYCGNcbUtj56SoMdZk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 393
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
track.adform.net/serving/cookie/match/ Frame 5DCB 0
0

GET
H2

200

match
match.360yield.com/ Frame 5DCB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=kijbC8whSRKcSryB0HMHng&google_cm&dsp_callback=0&publisher_dsp_id=340&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA
https://match.360yield.com/match?dsp_callback=0&publisher_dsp_id=340&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA&google_gid=CAESEAE3l-Vc7y8ehp69CvNTmds&google_cver=1

43 B
435 B

135ms
135ms

Image
image/gif

18.197.249.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?dsp_callback=0&publisher_dsp_id=340&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA&google_gid=CAESEAE3l-Vc7y8ehp69CvNTmds&google_cver=1
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.249.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-249-149.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Jun 2021 08:07:54 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.360yield.com/match?dsp_callback=0&publisher_dsp_id=340&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA&google_gid=CAESEAE3l-Vc7y8ehp69CvNTmds&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 391
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match
ad.360yield.com/ Frame 5DCB
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=9228db0b-cc21-4912-9c4a-bc81d073079e&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_con...
https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=83d60638-2dbc-4bd6-b11a-4844dbf331b7&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA

43 B
445 B

16ms
16ms

Image
image/gif

18.197.249.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=83d60638-2dbc-4bd6-b11a-4844dbf331b7&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.249.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-249-149.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Jun 2021 08:07:53 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:53 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=83d60638-2dbc-4bd6-b11a-4844dbf331b7&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 345

GET
H2

200

match
ad.360yield.com/ Frame 5DCB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&google_hm=OTIyOGRiMGItY2MyMS00OTEyLTljNGEtYmM4MWQwNzMwNzll&dsp_callback=0&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX...
https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA&external_user_id=CAESEI7rwFYCGNcbUtj56SoMdZk&google_cver=1

43 B
435 B

17ms
17ms

Image
image/gif

18.197.249.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA&external_user_id=CAESEI7rwFYCGNcbUtj56SoMdZk&google_cver=1
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.249.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-249-149.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Jun 2021 08:07:53 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA&external_user_id=CAESEI7rwFYCGNcbUtj56SoMdZk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 393
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

match
euc-ice.360yield.com/ Frame 5DCB
Redirect Chain

https://ib.adnxs.com/getuid?https://euc-ice.360yield.com/match?dsp_callback=0&external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA
https://euc-ice.360yield.com/match?dsp_callback=0&external_user_id=8883497169871287413&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOXiWDdO4Nk4wCLAAAENDX-AAAAyjAAA

0
0

GET
H/1.1 200
OK adidas_300x250.jpg
s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/ Frame 4D0E 26 KB
26 KB 38ms
37ms Image
image/jpeg 52.218.96.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/adidas_300x250.jpg
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.96.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9220e405bdd1ea5ff5743bf388356c015c8e4cd95e153984efa0e8aabb28ef8a

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:54 GMT
Last-Modified: Sun, 23 Sep 2018 17:44:28 GMT
Server: AmazonS3
x-amz-request-id: F0KBKZEMN6JBS6QN
ETag: "702b3e474e01427f8af949cf0c7fbd69"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 26619
x-amz-id-2: xCv75zbZ3YtJyvUyyKwHP+Kvdl79HF2Kew3KkwGKfeyaJvSlxQ3LH/qEUnG5GS5W+URz5I+eYXM=

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105281634000/ Frame 38EF 191 KB
55 KB 31ms
5ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 174533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55221
x-xss-protection: 0
server: sffe
date: Sat, 12 Jun 2021 07:39:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8af8bfef65693cad"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:39:00 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 38EF 12 KB
5 KB 42ms
16ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 154521
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4567
x-xss-protection: 0
server: sffe
date: Sat, 12 Jun 2021 13:12:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ca56b057322a8584"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 13:12:32 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 38EF 87 KB
27 KB 43ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 154521
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27321
x-xss-protection: 0
server: sffe
date: Sat, 12 Jun 2021 13:12:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3f2374642481d921"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 13:12:32 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 38EF 70 KB
16 KB 44ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1ba766fc90938edcf83a09e20470fe15a9fd042b6c84054f435a3356cc5951

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 157946
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16310
x-xss-protection: 0
server: sffe
date: Sat, 12 Jun 2021 12:15:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "158bd8931ca66e3a"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 12:15:27 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 38EF 4 KB
2 KB 44ms
18ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 160614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
server: sffe
date: Sat, 12 Jun 2021 11:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "514585efdf5d56f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 11:30:59 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 38EF 41 KB
13 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 178994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
server: sffe
date: Sat, 12 Jun 2021 06:24:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db4e8fd655d0c88e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 06:24:39 GMT

GET
DATA 200
OK truncated
/ Frame 38EF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc93d4192afa330c4bbabbeb6a5ae819c2328b2ec23a0603e5e3c7df8a9aef98

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 38EF 2 KB
2 KB 9ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Jun 2021 10:27:05 GMT
x-content-type-options: nosniff
server: cafe
age: 78048
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 14 Jun 2021 10:27:05 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 38EF 295 B
325 B 7ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Jun 2021 09:06:51 GMT
x-content-type-options: nosniff
server: cafe
age: 82862
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 14 Jun 2021 09:06:51 GMT

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame 38EF 0
0 23ms
13ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaTaVDwscJ9uf12BLdEk4e7LOA_moOG_5dCqVTj12ANhnMMX8mM4ntfV3gH6rz9vVRAy_h6USuBSCEYMZQAlBsv1smxvlA
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 38EF 0
0 21ms
19ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CT1MRWQ7HYNXSGfC8x_APrpKI6AKFzdSLY_6HjrfUDa2O-svOIhABINbmxVhglfrwgYwHoAGZ1rbdA8gBCakCfsYep6lQtD7gAgCoAwHIAwiqBJsCT9AuhfanY4fSUsyEi7GQZU6qzSYp_AtYNOIMWpPPtvkXjiHGn2LruwoNUhWwnl2TvLSFvZf8eNSrTkyju-a9c6QvoDkzv_pXjouhMVIbo7NbTNXaGCJWDaMSLh9eB8afLLVb5ahSx3d4LnFS_K7XVQnAUe-O2RQboY8WB1RxlELp_kNkggYU4ipVgKYjC3cvJ-gVt0aCEZMP_wDXleTmj-vu8FnGiiE4ugDPWxQNm3ZgqPro3G4A7Cj2wzUaCxFvzOhpnM-xhsDvqHgaGo95NFZY5YtYN3bx_2YNxDetVn8AyVInAaUjBfYtzgxGq4vm08Kzr8n3f3ygBaDT4KcfI-jRWDo3huGbsnQZvlXQXJkwsm5CYDuBS0oBHcAE0ezTm9ED4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8-pySKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwMQykvSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTg3NTQwNDAyMDY5NDE4MDaACgPICwHYEw3QFQGYFgGAFwGyFxoKGAgAEhRwdWItMjEyODc1NzE2NzgxMjY2Mw&sigh=SVrbt6GCcVM&template_id=419
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 fernseher_an.jpg
tpc.googlesyndication.com/sadbundle/6505420225234966752/ Frame 38EF 15 KB
15 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6505420225234966752/fernseher_an.jpg

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab4072907a0e12a225da7dcc96b0a4629d2a0703c1952f082e90b643eb400846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 16:28:00 GMT
x-content-type-options: nosniff
age: 142793
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15237
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 15:48:56 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 16:28:00 GMT

GET
H3-29 200 handy_an.jpg
tpc.googlesyndication.com/sadbundle/6505420225234966752/ Frame 38EF 9 KB
9 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6505420225234966752/handy_an.jpg

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55773916d20f9d9f80fd39516d69f2d215239c89635c0082a31ceaf253d2fcc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:59:39 GMT
x-content-type-options: nosniff
age: 162494
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9335
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 15:48:56 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 10:59:39 GMT

GET
H3-29 200 pizza_warm.jpg
tpc.googlesyndication.com/sadbundle/6505420225234966752/ Frame 38EF 27 KB
27 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6505420225234966752/pizza_warm.jpg

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff32338ef08300f70369e9122b7c10924ea2320bdf7b3e57035ce693b09947e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:49:02 GMT
x-content-type-options: nosniff
age: 173931
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27379
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 15:48:56 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:49:02 GMT

GET
H3-29 200 enviam_logo.png
tpc.googlesyndication.com/sadbundle/6505420225234966752/ Frame 38EF 2 KB
2 KB 11ms
10ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6505420225234966752/enviam_logo.png

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

567b64782a23de78e416ca58fb638ba29e0c2aced0307e989f7597988b72a717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:27:39 GMT
x-content-type-options: nosniff
age: 168014
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2090
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 15:48:56 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 09:27:39 GMT

GET
H3-29 200 Zu_hause_.png
tpc.googlesyndication.com/sadbundle/6505420225234966752/ Frame 38EF 3 KB
3 KB 13ms
12ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6505420225234966752/Zu_hause_.png

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2120c05d4b4f031b4124595912416e9aedea9b864b2eb3c21764a036e390896d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 04:50:30 GMT
x-content-type-options: nosniff
age: 184643
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2951
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 15:48:56 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 04:50:30 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7B48 11 KB
8 KB 21ms
20ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021061001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1e0b07bf79fa2916fd689254a9e0beb000f2248ab03f8227bf882724766d2ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8556
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7621 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7621 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=b.travelmiso.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7621 57 KB
12 KB 600ms
599ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3185902923495493&correlator=4470971709438523&output=ldjh&impl=fifs&eid=31061040%2C31061278%2C31061429%2C31060396&vrg=2021061001&ptt=17&sc=0&sfv=1-0-38&ecs=20210614&iu_parts=152344380%2Cca-pub-8804303781641925-tag%2Ctravelmiso.com_728X90&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&cookie=ID%3D79a2f6b1aefcf0ef%3AT%3D1623658069%3AS%3DALNI_MZoxHzK7RPU6Cg0jzzgpyfVQnW1Yg&cdm=b.travelmiso.com&bc=23&abxe=1&lmt=1595204518&dt=1623658073880&dlt=1623658072539&idt=1334&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=802&adys=1555&adks=2093945874&ucis=v7yfesagnh51&ifi=1&ifk=1575406150&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=http%3A%2F%2Fb.travelmiso.com%2Fads%2Fvls%2F728x90.html&ref=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&top=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=450257465.1623658074&ga_sid=1623658074&ga_hid=747810604&ga_fc=false&fws=256&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4da181f4c0345dd85b1c7160dd8612c61f7ba9cea55ae1c3a427c7fdb42c8524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12108
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://b.travelmiso.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
6e481b46b8e09a26efeef24eb43074bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7621 0
0 27ms
13ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://6e481b46b8e09a26efeef24eb43074bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 cmp
spl.zeotap.com/ Frame BECC 0
0 32ms
32ms Document
text/plain 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=80c9cd9e-4fc4-46be-4547-5903775409ef&reqId=f164f8ed-cee6-49c2-75e7-6b34e8bd1965&uc=2&zdid=1258&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=80c9cd9e-4fc4-46be-4547-5903775409ef&reqId=f164f8ed-cee6-49c2-75e7-6b34e8bd1965&uc=2&zdid=1258
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /cmp?env=mWeb&eventType=map&id_mid_4=80c9cd9e-4fc4-46be-4547-5903775409ef&reqId=f164f8ed-cee6-49c2-75e7-6b34e8bd1965&uc=2&zdid=1258&cmp=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=80c9cd9e-4fc4-46be-4547-5903775409ef; zsc=%AEt%3F%B2%AA%EF5%FE%B6%B4%E2%02%94%9Ey%98B%F5%CE%B4%7B%07%FE%04%FF%FD%25F%ED%BBK%F6%87%CC%3Aq%3A%15%F1%B0M%B8%D9f%22%FE%94y%E5%F1%9Cr%EAz5%14%3BW%5C%D7pl0%8E%CE%1C%25%E43%B2%27e_9%8A%3F%C7d%E1%BF%CF6%CF%F5%3E%81%B2%11%8A%B1%B2%CA%0E%E2%F9%B8%9D%40%DA%D7%92%8E%B5%A9R
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 0aab29272f00004e2c10142000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65f21151d8d44e2c-FRA

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9D4C 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:53 GMT

GET
H2 204 /
ads.viralize.tv/track/ Frame CB71 0
39 B 15ms
15ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22reason%22%3A%22ok%22%2C%22ver%22%3A1%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebcce79bdd7dc85520296cfcecfeb1%3A0%3ANTU2MyWcWwzWCsm9~wp9sc1%22%2C%22bid_opportunity_id%22%3A%22NTU2MyWcWwzWCsm9~wp9sc1%22%2C%22type%22%3A%22event%22%2C%22label%22%3A%22bid_rejected%22%7D%5D
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7B48 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:53 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 61E1 10 KB
8 KB 21ms
20ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8edd7ac53caad9a4452b862ddffb8928ea7c21d1b3e8938730e4d6b11633235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7901
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 293A 52 KB
17 KB 4735ms
6ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.adtrue.com
URL: http://cdn.adtrue.com/pb/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://nichools.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgIgPNtEAoYASABKAEw1pychgY4AUABSAEQ1pychgYYAA..; uuid2=8883497169871287413
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://nichools.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 14 Jun 2021 04:37:10 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 14 Jun 2021 08:07:58 GMT
Age: 12649
X-Served-By: cache-lga21968-LGA, cache-hhn4024-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 2, 267802
X-Timer: S1623658079.722018,VS0,VE0
Vary: Accept-Encoding

GET
H2

200

pixel;r=441888434;labels=Categories.;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Fb.travelmiso.com%2Fads%2Fadsp%2F300x250.html;uht=2;fpan=1;fpa=P0-536243873-1623658073996;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=...
pixel.quantserve.com/ Frame 753F
Redirect Chain

http://pixel.quantserve.com/pixel;r=441888434;labels=Categories.;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Fb.travelmiso.com%2Fads%2Fadsp%2F300x250.html;uht=2;fpan=1;fpa=P0-536243873-1623658073996;pbc...
https://pixel.quantserve.com/pixel;r=441888434;labels=Categories.;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Fb.travelmiso.com%2Fads%2Fadsp%2F300x250.html;uht=2;fpan=1;fpa=P0-536243873-1623658073996;pb...

35 B
371 B

10ms
9ms

Image
image/gif

2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=441888434;labels=Categories.;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Fb.travelmiso.com%2Fads%2Fadsp%2F300x250.html;uht=2;fpan=1;fpa=P0-536243873-1623658073996;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=travelmiso.com;je=0;sr=1600x1200x24;dst=1;et=1623658073996;tzo=-120;ogl=

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/adsp/300x250.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location: https://pixel.quantserve.com/pixel;r=441888434;labels=Categories.;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Fb.travelmiso.com%2Fads%2Fadsp%2F300x250.html;uht=2;fpan=1;fpa=P0-536243873-1623658073996;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=travelmiso.com;je=0;sr=1600x1200x24;dst=1;et=1623658073996;tzo=-120;ogl=
Date: Mon, 14 Jun 2021 08:07:54 GMT
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 0
Expires: Tue, 15 Jun 2021 08:07:54 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame D8AF 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 14 Jun 2021 07:44:49 GMT
expires: Tue, 14 Jun 2022 07:44:49 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 15A1 783 B
529 B 15ms
15ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2db24d6ebd644d446983c7911e0acc6610303f78ab4bc042102606f5560570e7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AvH+IcTfcyuwzmFmiUQmow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

expires: Mon, 14 Jun 2021 08:07:54 GMT
date: Mon, 14 Jun 2021 08:07:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-AvH+IcTfcyuwzmFmiUQmow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 5DCB 83 KB
27 KB 17ms
16ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:54 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Jun 2021 08:07:54 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C216 11 KB
8 KB 20ms
20ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94ca3284a88e3b9081ad32e543eb954afd0d197db80b65dd4e544e6f593cb709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8501
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame D786 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame D786 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D786 330 B
173 B 40ms
39ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3666711675431858&correlator=911253388510590&output=ldjh&impl=fifs&eid=31061290%2C31061143%2C21065725&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cdm=cdn.aralego.net&bc=23&abxe=1&lmt=1597133702&dt=1623658074088&dlt=1623658072670&idt=1411&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=64515409&ucis=blq1yjgw2fsp&ifi=1&ifk=923963767&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2Fcht_cookieSyncIframe.html&ref=http%3A%2F%2Fb.travelmiso.com%2F&top=http%3A%2F%2Fb.travelmiso.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=905946083.1623658074&ga_sid=1623658074&ga_hid=153259808&ga_fc=false&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdefff515a241bd60b22e9090c43bd37c4f3c1576c25c05eacb58cbc7a92ac6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
67eccd5a594d48ba737289a30cf3be06.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D786 0
0 75ms
14ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://67eccd5a594d48ba737289a30cf3be06.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame F4AD 83 KB
27 KB 22ms
22ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdn.ravenjs.com
URL: http://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:54 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Jun 2021 08:07:54 GMT

GET
H2 502 frame.html
ad4mat.net/ Frame AA72 0
0 40ms
26ms Document
text/html 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4mat.net/frame.html

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: ad4mat.net
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:54 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_ob_info=502:65f211535ad74db8:FRA; path=/; expires=Mon, 14-Jun-21 08:08:24 GMT cf_use_ob=443; path=/; expires=Mon, 14-Jun-21 08:08:24 GMT
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-ray: 65f211535ad74db8-FRA
server: cloudflare

POST
H2 204 bulk Show response
trc.taboola.com/travelmiso300x250gr-r19505065/log/3/ Frame F676 0
320 B 17ms
17ms XHR
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/travelmiso300x250gr-r19505065/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210613-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
via: 1.1 varnish
server: nginx
x-timer: S1623658074.122600,VS0,VE9
x-served-by: cache-hhn11522-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://nichools.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 visible Show response
trc.taboola.com/travelmiso300x250gr-r19505065/log/3/ Frame F676 0
56 B 17ms
15ms XHR
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/travelmiso300x250gr-r19505065/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210613-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
via: 1.1 varnish
server: nginx
x-timer: S1623658074.133808,VS0,VE9
x-served-by: cache-hhn11522-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://nichools.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H3-29 200 prebid.3-25.js Show response
projectagora.net/libs/prebidv3/ Frame 0EB1 360 KB
103 KB 43ms
41ms Script
application/javascript 2606:4700:3032::ac43:9028
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/pav2_3.25.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9028 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03736b108efeca49e24b0f35ff8b9ac3fb4468b6c64de144b1b441cba12f46e2

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 52
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 7STB6VJT6WDA3MWJ
x-amz-id-2: /ys6rJm0v963RwJLIz1Vw+5I2kXtWUdGVY1NXs1SPMPvxGECyDtJJ9CarnGLKSFrT9GII9o7it0=
last-modified: Wed, 05 May 2021 10:36:16 GMT
server: cloudflare
etag: W/"fa7fdd65f39d0e16a18830e016d93050"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XBMMP8bqcNm93shq0G0xk2dJeG%2F6cWpX4r50eeeSe0s%2BiLePngpk0Kl7EEz4swgcL5OcCTImWfkM9HyX3UgQiE6%2BuRDdbT5jIGGkkXkHhcV94rZ4v34f54USVit%2FMXmyOfY44YyFd9mspw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 0aab29282a0000c2ea9c926000000001
cf-ray: 65f211537d64c2ea-FRA

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 61E1 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:54 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame A8F0
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=185&cm=e6d1d55497521ebcd973323b&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=84&3pid=c:6184efc3edd6c0d61b897240ec403777

43 B
2 KB

18ms
18ms

Image
image/gif

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=84&3pid=c:6184efc3edd6c0d61b897240ec403777
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_739868_ad7ad49366ad48929c4d6e620fa75e51&rand=133&informer=13406526&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:54 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Mon, 14 Jun 2021 08:07:54 GMT
server: Aorta/2.4.14-20210304.4cf0ca0
access-control-allow-origin
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
Location: https://ce.lijit.com/merge?pid=84&3pid=c:6184efc3edd6c0d61b897240ec403777
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Aorta-Region: us-east-1
Connection: keep-alive
X-Aorta-Host: ip-10-42-22-46.ec2.internal
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame A8F0
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=e6d1d55497521ebcd973323b/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=5001&3pid=ad91e9f4930391490cc1eef6ef65029e&gdpr=1&gdpr_consent=

43 B
1 KB

242ms
15ms

Image
image/gif

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=ad91e9f4930391490cc1eef6ef65029e&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_739868_ad7ad49366ad48929c4d6e620fa75e51&rand=133&informer=13406526&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:54 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=ad91e9f4930391490cc1eef6ef65029e&gdpr=1&gdpr_consent=
cache-control: no-cache
x-server: 10.45.5.186
content-length: 0
expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame A8F0
Redirect Chain

https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

43 B
1 KB

233ms
15ms

Image
image/gif

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_739868_ad7ad49366ad48929c4d6e620fa75e51&rand=133&informer=13406526&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:54 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H2 200 generic
data.adsrvr.org/track/cmf/ Frame A8F0 70 B
264 B 40ms
29ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_739868_ad7ad49366ad48929c4d6e620fa75e51&rand=133&informer=13406526&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com%2F&v=1.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET cm
p.rfihub.com/ Frame A8F0 0
0

GET cksync.php
contextual.media.net/ Frame A8F0 0
0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame A8F0
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=87&3pid=2ccee64c-2781-47d7-be4b-d0d20e7c2b80

43 B
2 KB

1081ms
24ms

Image
image/gif

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=87&3pid=2ccee64c-2781-47d7-be4b-d0d20e7c2b80
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_739868_ad7ad49366ad48929c4d6e620fa75e51&rand=133&informer=13406526&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:59 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: //ce.lijit.com/merge?pid=87&3pid=2ccee64c-2781-47d7-be4b-d0d20e7c2b80
Date: Mon, 14 Jun 2021 08:07:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET cm-notify
creativecdn.com/ Frame A8F0 0
0

GET rtset
bh.contextweb.com/bh/ Frame A8F0 0
0

GET pixelSync
pixel-sync.sitescout.com/dmp/ Frame A8F0 0
0

GET getuid
secure.adnxs.com/ Frame A8F0 0
0

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame A8F0
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

0
0

101ms
30ms

Image
text/html

52.95.124.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_739868_ad7ad49366ad48929c4d6e620fa75e51&rand=133&informer=13406526&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:54 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame A8F0
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=ZTZkMWQ1NTQ5NzUyMWViY2Q5NzMzMjNi&gdpr=1

170 B
188 B

16ms
15ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=ZTZkMWQ1NTQ5NzUyMWViY2Q5NzMzMjNi&gdpr=1

Requested by

Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_739868_ad7ad49366ad48929c4d6e620fa75e51&rand=133&informer=13406526&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com%2F&v=1.2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-52-49-183-138.eu-west-1.compute.amazonaws.com

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 14 Jun 2021 08:07:54 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=ZTZkMWQ1NTQ5NzUyMWViY2Q5NzMzMjNi&gdpr=1
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame A8F0
Redirect Chain

https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=%3CPARTNER_UNIQUE_IDENTIFIER%3E?param=NTV_USER_ID&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=90&3pid=%3CPARTNER_UNIQUE_IDENTIFIER%3E?param=NTV_USER_ID&gdpr=1&gdpr_consent=

43 B
2 KB

34ms
16ms

Image
image/gif

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=90&3pid=%3CPARTNER_UNIQUE_IDENTIFIER%3E?param=NTV_USER_ID&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_739868_ad7ad49366ad48929c4d6e620fa75e51&rand=133&informer=13406526&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:55 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:55 GMT
server: nginx/1.12.1
location: https://ce.lijit.com/merge?pid=90&3pid=%3CPARTNER_UNIQUE_IDENTIFIER%3E?param=NTV_USER_ID&gdpr=1&gdpr_consent=
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame A8F0 43 B
145 B 2061ms
22ms Image
image/gif 35.156.245.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=fmx&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_739868_ad7ad49366ad48929c4d6e620fa75e51&rand=133&informer=13406526&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com%2F&v=1.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.245.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-245-144.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET tum
ums.acuityplatform.com/ Frame A8F0 0
0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame A8F0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=e6d1d55497521ebcd973323b&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=3&3pid=bc6a60c7-0e5b-4900-a142-504f6d2a72d2&gdpr=1&gdpr_consent=

43 B
2 KB

23ms
23ms

Image
image/gif

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=3&3pid=bc6a60c7-0e5b-4900-a142-504f6d2a72d2&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_739868_ad7ad49366ad48929c4d6e620fa75e51&rand=133&informer=13406526&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:55 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date: Mon, 14 Jun 2021 08:07:55 GMT
Server: MT3 3759 5f8f15b master zrh-pixel-x8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ce.lijit.com/merge?pid=3&3pid=bc6a60c7-0e5b-4900-a142-504f6d2a72d2&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 14 Jun 2021 08:07:54 GMT

GET
H/1.1 200
OK svr
match.prod.bidr.io/cookie-sync/ Frame A8F0 43 B
430 B 155ms
31ms Image
image/gif 52.49.183.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.183.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:55 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame A8F0 0
0

GET sv
px.owneriq.net/eucm/p/ Frame A8F0 0
0

GET
H2 200 p-CXt61zNBpKUt1.gif
pixel.quantserve.com/pixel/ Frame A8F0 35 B
210 B 26ms
10ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:56 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET sync.php
pixel-eu.rubiconproject.com/exchange/ Frame A8F0 0
0

GET lj_match
um.simpli.fi/ Frame A8F0 0
0

GET beacon
ap.lijit.com/dsp/google/cookiematch/ Frame A8F0 0
0

GET
H/1.1

200
OK

Cookie set merge Show response
ce.lijit.com/ Frame DC29
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=1&3pid=8051291501485621077&gdpr=1&gdpr_consent=

43 B
1 KB

269ms
15ms

Document
image/gif

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=1&3pid=8051291501485621077&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_739868_ad7ad49366ad48929c4d6e620fa75e51&rand=133&informer=13406526&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: ce.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://gslbeacon.lijit.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljt_reader=e6d1d55497521ebcd973323b; ctag=512:1623744470|561:1626250070|515:1626250070|563:1626250070|565:1623744470|520:1626250070|185:1623744470|203:1624867670|205:1623744470|541:1624867670|589:1626250070|462:1623744470; ljtrtbexp=eJxlkDESgDAIBP%2BS2kIIAeLXHP%2FumEnDWi7kYMPdpF3i2sPMoh9NF1p6%2BIfulXvFkMpyor%2Fj6pqrj%2FFzzvhVslYSMwVKCac08AAjr8zDKCcM4aO%2BL3iKLo765459hn2G%2BQPvR%2FLG1fh5AQUDWWs%3D; ljtrtb=eJyrVjI1MDBUslJKTLE0TLVMM7E0NjC2NDSxNEhONkxNTTMDIlMDI8tUpVoA7eMLUQ%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gslbeacon.lijit.com/

Response headers

Server: nginx
Date: Mon, 14 Jun 2021 08:07:54 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: _ljtrtb_1=8051291501485621077;Path=/;Domain=.lijit.com;Expires=Tue, 14-Jun-2022 08:07:54 GMT;Max-Age=31536000;Secure;SameSite=None ctag=512:1623744470|561:1626250070|515:1626250070|563:1626250070|565:1623744470|520:1626250070|185:1623744470|203:1624867670|205:1623744470|541:1624867670|589:1626250070|462:1623744470;Path=/;Domain=.lijit.com;Expires=Wed, 14-Jul-2021 08:07:54 GMT;Max-Age=2592000;Secure;SameSite=None ljtrtbexp=eJxlkDESgDAIBP%2BS2kIIAeLXHP%2FumEnDWi7kYMPdpF3i2sPMoh9NF1p6%2BIfulXvFkMpyor%2Fj6pqrj%2FFzzvhVslYSMwVKCac08AAjr8zDKCcM4aO%2BL3iKLo765459hn2G%2BQPvR%2FLG1fh5AQUDWWs%3D;Path=/;Domain=.lijit.com;Expires=Tue, 14-Jun-2022 08:07:54 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrVjI1MDBUslJKTLE0TLVMM7E0NjC2NDSxNEhONkxNTTMDIlMDI8tUpVoA7eMLUQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Tue, 14-Jun-2022 08:07:54 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=e6d1d55497521ebcd973323b;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap4ams1

Redirect headers

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=8051291501485621077; Domain=.turn.com; Expires=Sat, 11-Dec-2021 08:07:54 GMT; Path=/; Secure; SameSite=None
location: https://ce.lijit.com/merge?pid=1&3pid=8051291501485621077&gdpr=1&gdpr_consent=
content-length: 0
date: Mon, 14 Jun 2021 08:07:53 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6F7A 8 KB
3 KB 20ms
19ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_739868_ad7ad49366ad48929c4d6e620fa75e51&rand=133&informer=13406526&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com%2F&v=1.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gslbeacon.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES; KTPCACOOKIE=YES; KADUSERCOOKIE=991186B7-3E3D-4AFE-8C78-4390A478EC05; chkChromeAb67Sec=1; DPSync3=1624838400%3A197_219_201%7C1623715200%3A174; SyncRTB3=1624492800%3A63%7C1626220800%3A203%7C1624924800%3A35%7C1624233600%3A223%7C1624838400%3A13_7_56_161_3_71_8_220_21_54_22
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gslbeacon.lijit.com/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=110540
expires: Tue, 15 Jun 2021 14:50:14 GMT
date: Mon, 14 Jun 2021 08:07:54 GMT
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 412D 8 KB
3 KB 20ms
19ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_739868_ad7ad49366ad48929c4d6e620fa75e51&rand=133&informer=13406526&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com%2F&v=1.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gslbeacon.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES; KTPCACOOKIE=YES; KADUSERCOOKIE=991186B7-3E3D-4AFE-8C78-4390A478EC05; chkChromeAb67Sec=1; DPSync3=1624838400%3A197_219_201%7C1623715200%3A174; SyncRTB3=1624492800%3A63%7C1626220800%3A203%7C1624924800%3A35%7C1624233600%3A223%7C1624838400%3A13_7_56_161_3_71_8_220_21_54_22
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gslbeacon.lijit.com/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=110540
expires: Tue, 15 Jun 2021 14:50:14 GMT
date: Mon, 14 Jun 2021 08:07:54 GMT
vary: Accept-Encoding

GET 0608867b
rtb.gumgum.com/usync/ Frame 4636 0
0

GET
H2 200 cm Show response
us-u.openx.net/w/1.0/ Frame 32FE 606 B
688 B 17ms
17ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_739868_ad7ad49366ad48929c4d6e620fa75e51&rand=133&informer=13406526&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com%2F&v=1.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 166532d02956ec764fb06ae7ebeb913cfe7542f6b6e41bfe649e391ac122d80f

Request headers

:method: GET
:authority: us-u.openx.net
:scheme: https
:path: /w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gslbeacon.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=1f8b4414-9964-0e4c-2312-957bb694f309|1623658070; pd=v2|1623658073|gekin0vNiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gslbeacon.lijit.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=1f8b4414-9964-0e4c-2312-957bb694f309|1623658070; Version=1; Expires=Tue, 14-Jun-2022 08:07:54 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1623658073.1|kiiygevNgun0.mWgqsLommOns; Version=1; Expires=Tue, 29-Jun-2021 08:07:54 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.208.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 14 Jun 2021 08:07:54 GMT
content-type: text/html
content-length: 372
content-encoding: gzip
via: 1.1 google
alt-svc: clear

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=174259007&t=pageview&_s=1&dl=http%3A%2F%2Fb.travelmiso.com%2Ftravel%2Fathens-greece-travel-guide%2F2328%2F1%2F&dr=http%3A%2F%2Fshoppinglifestyle.biz%2F&ul=en-us&de=windows-1252&dt=-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=521283127&gjid=476296466&cid=389272746.1623658074&tid=UA-1036555-5&_gid=46462437.1623658074&_r=1&gtm=2ou690&z=2125359441

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://b.travelmiso.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C216 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:54 GMT

GET sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 142A 0
0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 142A
Redirect Chain

https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=%3CPARTNER_UNIQUE_IDENTIFIER%3E?param=NTV_USER_ID&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=90&3pid=%3CPARTNER_UNIQUE_IDENTIFIER%3E?param=NTV_USER_ID&gdpr=1&gdpr_consent=

43 B
2 KB

17ms
16ms

Image
image/gif

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=90&3pid=%3CPARTNER_UNIQUE_IDENTIFIER%3E?param=NTV_USER_ID&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_861814_45e99dcd2ffc4403ad5b1c68052cdd43&rand=7567&informer=13422783&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:55 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:55 GMT
server: nginx/1.12.1
location: https://ce.lijit.com/merge?pid=90&3pid=%3CPARTNER_UNIQUE_IDENTIFIER%3E?param=NTV_USER_ID&gdpr=1&gdpr_consent=
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET cksync.php
contextual.media.net/ Frame 142A 0
0

GET sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 142A 0
0

GET cm-notify
creativecdn.com/ Frame 142A 0
0

GET
H/1.1

200
OK

reporting
ap.lijit.com/dsp/google/ Frame 142A
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=ZTZkMWQ1NTQ5NzUyMWViY2Q5NzMzMjNi&gdpr=1
https://ap.lijit.com/dsp/google/reporting?gdpr=1

43 B
567 B

35ms
16ms

Image
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/dsp/google/reporting?gdpr=1
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_861814_45e99dcd2ffc4403ad5b1c68052cdd43&rand=7567&informer=13422783&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:54 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ap.lijit.com/dsp/google/reporting?gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET pixelSync
pixel-sync.sitescout.com/dmp/ Frame 142A 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 142A
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=ZTZkMWQ1NTQ5NzUyMWViY2Q5NzMzMjNi&gdpr=1

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=ZTZkMWQ1NTQ5NzUyMWViY2Q5NzMzMjNi&gdpr=1

Requested by

Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_861814_45e99dcd2ffc4403ad5b1c68052cdd43&rand=7567&informer=13422783&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com&v=1.2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 14 Jun 2021 08:07:54 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=ZTZkMWQ1NTQ5NzUyMWViY2Q5NzMzMjNi&gdpr=1
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 generic
data.adsrvr.org/track/cmf/ Frame 142A 70 B
264 B 41ms
28ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_861814_45e99dcd2ffc4403ad5b1c68052cdd43&rand=7567&informer=13422783&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com&v=1.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 142A
Redirect Chain

https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

43 B
2 KB

1471ms
15ms

Image
image/gif

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_861814_45e99dcd2ffc4403ad5b1c68052cdd43&rand=7567&informer=13422783&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:59 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:57 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 142A
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=185&cm=e6d1d55497521ebcd973323b&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=84&3pid=c:6184efc3edd6c0d61b897240ec403777

43 B
2 KB

30ms
15ms

Image
image/gif

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=84&3pid=c:6184efc3edd6c0d61b897240ec403777
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_861814_45e99dcd2ffc4403ad5b1c68052cdd43&rand=7567&informer=13422783&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:54 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Mon, 14 Jun 2021 08:07:54 GMT
server: Aorta/2.4.14-20210304.4cf0ca0
access-control-allow-origin
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
Location: https://ce.lijit.com/merge?pid=84&3pid=c:6184efc3edd6c0d61b897240ec403777
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Aorta-Region: us-east-1
Connection: keep-alive
X-Aorta-Host: ip-10-42-18-19.ec2.internal
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 142A
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=87&3pid=7f07c8e4-7823-48f6-ba73-6b015e3e3c24

43 B
2 KB

1102ms
22ms

Image
image/gif

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=87&3pid=7f07c8e4-7823-48f6-ba73-6b015e3e3c24
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_861814_45e99dcd2ffc4403ad5b1c68052cdd43&rand=7567&informer=13422783&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:59 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: //ce.lijit.com/merge?pid=87&3pid=7f07c8e4-7823-48f6-ba73-6b015e3e3c24
Date: Mon, 14 Jun 2021 08:07:58 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame 142A
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

0
0

96ms
30ms

Image
text/html

52.95.124.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_861814_45e99dcd2ffc4403ad5b1c68052cdd43&rand=7567&informer=13422783&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:54 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET rtset
bh.contextweb.com/bh/ Frame 142A 0
0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 142A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=e6d1d55497521ebcd973323b&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=3&3pid=378d60c7-0e5b-4900-b43a-57eb1871b927&gdpr=1&gdpr_consent=

43 B
2 KB

19ms
18ms

Image
image/gif

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=3&3pid=378d60c7-0e5b-4900-b43a-57eb1871b927&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_861814_45e99dcd2ffc4403ad5b1c68052cdd43&rand=7567&informer=13422783&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:55 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date: Mon, 14 Jun 2021 08:07:55 GMT
Server: MT3 3759 5f8f15b master zrh-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ce.lijit.com/merge?pid=3&3pid=378d60c7-0e5b-4900-b43a-57eb1871b927&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 14 Jun 2021 08:07:54 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 142A
Redirect Chain

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=9OhDcPK9FSbv6kN18-ENc6PgEn_v6kEl8-o41P6W

43 B
2 KB

15ms
15ms

Image
image/gif

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=9OhDcPK9FSbv6kN18-ENc6PgEn_v6kEl8-o41P6W
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_861814_45e99dcd2ffc4403ad5b1c68052cdd43&rand=7567&informer=13422783&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:54 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=9OhDcPK9FSbv6kN18-ENc6PgEn_v6kEl8-o41P6W
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 142A 43 B
145 B 1676ms
19ms Image
image/gif 35.156.245.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=fmx&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_861814_45e99dcd2ffc4403ad5b1c68052cdd43&rand=7567&informer=13422783&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com&v=1.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.245.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-245-144.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET lj_match
um.simpli.fi/ Frame 142A 0
0

GET getuid
secure.adnxs.com/ Frame 142A 0
0

GET svr
match.prod.bidr.io/cookie-sync/ Frame 142A 0
0

GET sv
px.owneriq.net/eucm/p/ Frame 142A 0
0

GET tum
ums.acuityplatform.com/ Frame 142A 0
0

GET cm
p.rfihub.com/ Frame 142A 0
0

GET 0608867b
rtb.gumgum.com/usync/ Frame 5726 0
0

GET
H2 200 cm Show response
us-u.openx.net/w/1.0/ Frame C2E0 739 B
822 B 193ms
19ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_861814_45e99dcd2ffc4403ad5b1c68052cdd43&rand=7567&informer=13422783&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com&v=1.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 902706a72c851cf767bcbe59bb0934d548f74f520e3c1dc10d9eb2b6e3a135c3

Request headers

:method: GET
:authority: us-u.openx.net
:scheme: https
:path: /w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gslbeacon.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=1f8b4414-9964-0e4c-2312-957bb694f309|1623658070; pd=v2|1623658073.1|kiiygevNgun0.mWgqsLommOns
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gslbeacon.lijit.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=1f8b4414-9964-0e4c-2312-957bb694f309|1623658070; Version=1; Expires=Tue, 14-Jun-2022 08:07:54 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1623658073.1|kiiygevNgun0.j8mWfcsHqGgqsLiSommOnsgi; Version=1; Expires=Tue, 29-Jun-2021 08:07:54 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.208.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 14 Jun 2021 08:07:54 GMT
content-type: text/html
content-length: 466
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 28D1 0
0

GET
H/1.1

200
OK

Cookie set merge Show response
ce.lijit.com/ Frame 136D
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=1&3pid=4159899948460801877&gdpr=1&gdpr_consent=

43 B
1 KB

293ms
15ms

Document
image/gif

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=1&3pid=4159899948460801877&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_861814_45e99dcd2ffc4403ad5b1c68052cdd43&rand=7567&informer=13422783&type=fpads&loc=http%3A%2F%2Fb.travelmiso.com&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: ce.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://gslbeacon.lijit.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljt_reader=e6d1d55497521ebcd973323b; ctag=512:1623744470|561:1626250070|515:1626250070|563:1626250070|565:1623744470|520:1626250070|185:1623744470|203:1624867670|205:1623744470|541:1624867670|589:1626250070|462:1623744470; ljtrtbexp=eJxlkDESgDAIBP%2BS2kIIAeLXHP%2FumEnDWi7kYMPdpF3i2sPMoh9NF1p6%2BIfulXvFkMpyor%2Fj6pqrj%2FFzzvhVslYSMwVKCac08AAjr8zDKCcM4aO%2BL3iKLo765459hn2G%2BQPvR%2FLG1fh5AQUDWWs%3D; ljtrtb=eJyrVjI1MDBUslJKTLE0TLVMM7E0NjC2NDSxNEhONkxNTTMDIlMDI8tUpVoA7eMLUQ%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gslbeacon.lijit.com/

Response headers

Server: nginx
Date: Mon, 14 Jun 2021 08:07:54 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: _ljtrtb_1=4159899948460801877;Path=/;Domain=.lijit.com;Expires=Tue, 14-Jun-2022 08:07:54 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=e6d1d55497521ebcd973323b;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxlkDESgDAIBP%2BS2kIIAeLXHP%2FumEnDWi7kYMPdpF3i2sPMoh9NF1p6%2BIfulXvFkMpyor%2Fj6pqrj%2FFzzvhVslYSMwVKCac08AAjr8zDKCcM4aO%2BL3iKLo765459hn2G%2BQPvR%2FLG1fh5AQUDWWs%3D;Path=/;Domain=.lijit.com;Expires=Tue, 14-Jun-2022 08:07:54 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrVjI1MDBUslJKTLE0TLVMM7E0NjC2NDSxNEhONkxNTTMDIlMDI8tUpVoA7eMLUQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Tue, 14-Jun-2022 08:07:54 GMT;Max-Age=31536000;Secure;SameSite=None ctag=512:1623744470|561:1626250070|515:1626250070|563:1626250070|565:1623744470|520:1626250070|185:1623744470|203:1624867670|205:1623744470|541:1624867670|589:1626250070|462:1623744470;Path=/;Domain=.lijit.com;Expires=Wed, 14-Jul-2021 08:07:54 GMT;Max-Age=2592000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap4ams1

Redirect headers

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=4159899948460801877; Domain=.turn.com; Expires=Sat, 11-Dec-2021 08:07:54 GMT; Path=/; Secure; SameSite=None
location: https://ce.lijit.com/merge?pid=1&3pid=4159899948460801877&gdpr=1&gdpr_consent=
content-length: 0
date: Mon, 14 Jun 2021 08:07:53 GMT

GET user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EE68 0
0

GET
H/1.1 200
OK ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
1 KB 29ms
22ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: http://ads.aralego.com/sdk
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:54 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 7100
Cf-Polished: origSize=1191
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0aab29289f00004aa984277000000001
Last-Modified: Fri, 16 Mar 2018 07:19:46 GMT
Server: cloudflare
ETag: W/"5aab7012-4a7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=r8jXQtLiIH1lpok7wD86GAYC3CW4RyEbms1LTDEwBraawqYqadrrWo%2FFbK1IzQXf7JQYFaPx%2FgjKhJmJdv8N8ee27zWFTQFj2V7KU0izkZsINjX9Ij0xnDhskMvhvhWBNTrPOU4UOnw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Access-Control-Allow-Credentials: true
CF-RAY: 65f211543d264aa9-FRA
Cf-Bgj: minify

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 77FF 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=356610498198349&bg=!JSalJmLNAAY6sG-_OrA7ACkAdvg8WnVVojOHFFweAw0BTyzeg7f1hupkqHfz-5GVP0n2SpEx03SLmgIAAARlUgAAASFoAQcKAGqmOPkRr0k9ffZRj7yYwHnBIYhUhl2GfbWyHQ7KgNSgpRajN2RyxrEch7JipS4_BXlHJqdcjZPW4bls915NW653KrplF1IK5DCCuV3bTt9JD5OZllO5XeDlWKfiSj_vIOzt3u1sCWlasbKhmQJ9xUpYt_xRrL0TdFRPLSS9mXvZYDy7kM6aL4ef6ISC4_RyRM1tcBq7ssZhdIldgcmasf8EK21G_al0VNmDsp37UJ-yjuQdMHfCyTv7F0kP-evFibZXo4eicZIymPAmU1_eiiAbtv5NwediuTUPf4JAwctvXVQFLOLRkgArsRSUhCVBoHaXl7OpQNDXnK7EeeY4HLQUO-jTy7OS-6-or22JqrAnfiQtVyYrT86b6D9NVK_-DpvE1rsBdafMXTORGUo66ZPdf2ylARsm4VCFbHFvDQLNeMC7GjO-uDXu1nLHfsFJzO1Q3V3IWabg9oTxwfa2PZhDc_mbFrALRKVxdqqLWFdX_vyQAWgCJhV6s4KJMHtpvM-0QlLSq1p8YgD5tYhQpkeAC0QGpioQOhcsm5OqLnRbL4bZY6bhcuctM920TL3rWD5DsLACDvitrVFXo9ggA-ZeGGF8oyFFtAOGH0ab7bfSoad3tEBCEq5WRpEqCS2UJx406OkoxjFMRaN-HoP6rEgmsFDqjjqdTnpsD9EDqC4HdlkTfo_orZoYbLAzJst85YotGsoUP56UdIVNqm1eBb6N5M4QYRp9riCK9oTmHrgZwv9l7GRbphIqBuKHw1JmjUcLKQOGnZfz5UCSZS8b7OskeDbrbmNfe8k4bAX8Yl7Pngn8uL5fxWbxJfZYXUOYTkDNGG2GnAWTtNLb9MZyBC9RUbzT7HjIuUaiueOBlqOf4RhRMN5Rx3tSmOtTiyGQNe_E5NS3ojHlA8dZEP37nNwcvO1LLzU7vx-GDe06De-1WcmWtO3FKK53XjOh15BsK9Z0y3ZSEbIxNufaq9EobxuQEvRXYctWsFYKNw

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame A7A1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=788c60c7-0e5b-4c00-a011-b0ef21b4beee

43 B
243 B

1049ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=788c60c7-0e5b-4c00-a011-b0ef21b4beee
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:56 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 14 Jun 2021 08:07:55 GMT
Server: MT3 3736 915c305 master zrh-pixel-x15
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=788c60c7-0e5b-4c00-a011-b0ef21b4beee
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 14 Jun 2021 08:07:54 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A7A1
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=5qgteOD9ey79qi194aFje7GgfHf9qi8t4aq8EvV5

43 B
106 B

38ms
18ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=5qgteOD9ey79qi194aFje7GgfHf9qi8t4aq8EvV5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=5qgteOD9ey79qi194aFje7GgfHf9qi8t4aq8EvV5
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET match
c1.adform.net/serving/cookie/ Frame A7A1 0
0

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame A7A1 70 B
264 B 30ms
29ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=cc277b4d-30e3-31bb-79c4-5d93d2b3c0f4&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame A7A1 170 B
188 B 17ms
16ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTA0OGE4ODctZjk5NC02ZjFmLTZjMjQtMDcyYTE4NTEwZTk0

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A7A1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECFTinX67OdAh2E7QJZI6Wc&google_cver=1

43 B
243 B

48ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECFTinX67OdAh2E7QJZI6Wc&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECFTinX67OdAh2E7QJZI6Wc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET async_usersync
ib.adnxs.com/ Frame 7D16 0
0

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8A13 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 15:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 15:49:47 GMT

GET showad.js
ads.pubmatic.com/AdServer/js/ Frame 65B9 0
0

GET showad.js
ads.pubmatic.com/AdServer/js/ Frame 5545 0
0

GET showad.js
ads.pubmatic.com/AdServer/js/ Frame 83B1 0
0

GET
H/1.1 200
OK f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame F676 254 B
1 KB 264ms
7ms Image
image/png 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: nichools.com
URL: http://nichools.com/usersync?i=jvz1bqas4afbza0812345&a=f806503c39db99c77ecab4df904769a71&cb=8764801623658069159
Protocol: HTTP/1.1
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
Via: 1.1 varnish
ETag: "dfa7b52c86e56bd67fa4002f6ed19854"
Age: 27096
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 254
x-amz-id-2: Olb+YyDQBKGh7cwueQ5LeIGsXnGNg1fxi90sFl9BDpDVxzFbv82yCyTcgo7/5nBaVt7MgHnSa+E=
X-Served-By: cache-hhn11557-HHN
Last-Modified: Wed, 24 Jun 2015 07:14:11 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
X-Timer: S1623658075.625586,VS0,VE0
Date: Mon, 14 Jun 2021 08:07:54 GMT
x-amz-request-id: 5QBDV5MFESKPZMG3
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Content-Type: image/png
abp: 23
X-Cache-Hits: 23782

GET showad.js
ads.pubmatic.com/AdServer/js/ Frame 8FEB 0
0

GET
H2 200 yap.js Show response
s.yimg.com/av/yap/ga/ Frame 9572 69 KB
22 KB 18ms
6ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/av/yap/ga/yap.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/mobile/production_flurryTag.html?adid=d3ba746a-82fb-4032-b01e-ccb4c304c69a&width=728&height=90&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Mon, 14 Jun 2021 07:17:46 GMT
content-encoding: gzip
x-amz-meta-created-date: Thu, 14 Jun 2018 21:01:51 GMT
age: 3009
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1529010111289407
vary: Accept-Encoding,Origin
x-amz-request-id: T70J71QY40SSM61E
x-amz-id-2: EA69afkUYrGtzWGH8rI2GtYYoH7JGlpRWytpgFMYRhhIOIlQfvIDKxYMQWahHGPI7LbTpka5HRU=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 20:24:03 GMT
server: ATS
etag: "dc33089f908605f46038b49337653924-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,stale-while-revalidate=30,max-age=3600
content-length: 21352
x-amz-meta-x-ysws-access: public
x-amz-meta-mbst-etag: "YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-content-type-options: nosniff
expires: Fri, 22 Jun 2018 21:24:02 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame E57B 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 14 Jun 2021 07:44:49 GMT
expires: Tue, 14 Jun 2022 07:44:49 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BC85 783 B
532 B 16ms
16ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

73e831fd3d3b17ca9d6a5bbf53272bb611230660fc5dcfd4f28e8ed6c2b2af69

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2jJYjFoMi28VwA85DvUulA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Mon, 14 Jun 2021 08:07:54 GMT
date: Mon, 14 Jun 2021 08:07:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-2jJYjFoMi28VwA85DvUulA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 6DE9 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 14 Jun 2021 07:44:49 GMT
expires: Tue, 14 Jun 2022 07:44:49 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0F83 783 B
531 B 16ms
16ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c46b6c29f61bf8300fcac81433c17ab3fa65638e28dcbe3a93cfe2a128162e02

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nVCXuICBoAh/x+RXGTu0Iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

expires: Mon, 14 Jun 2021 08:07:54 GMT
date: Mon, 14 Jun 2021 08:07:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-nVCXuICBoAh/x+RXGTu0Iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 53F0 975 B
1 KB 14ms
14ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: http://ads.aralego.com/sdk
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Referer: http://www.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:54 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 7100
Cf-Polished: origSize=1191
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0aab29295900004aa9b394d000000001
Last-Modified: Fri, 16 Mar 2018 07:19:46 GMT
Server: cloudflare
ETag: W/"5aab7012-4a7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XWZK1zWpPrkkD%2FvFuXP9Z0zwsgcQSBhXAdjIbShTaajkfKnu%2FKzwH43YwBFjfZsOVedNeMtM%2FPeIbA2WEalxunNjjgC9yq9iOSdZyn1wSF%2BzJH7lqtrvN7ENng3YmNOGptDOaO%2FXUP8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Access-Control-Allow-Credentials: true
CF-RAY: 65f211555fbe4aa9-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame 53F0 46 B
495 B 208ms
105ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?
Requested by: Host: ads.aralego.com
URL: http://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Falls Church, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 543968ad89b6ab2c57522dcc8d17bda9405637cac9c97e4686ace4156d422615

Request headers

Referer: http://www.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:54 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: http://www.travelmiso.com
access-control-allow-credentials: true
connection: close
content-length: 46

GET ad_request
ads.aralego.com/ Frame 53F0 0
0

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 38EF 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Jun 2021 10:27:05 GMT
x-content-type-options: nosniff
server: cafe
age: 78049
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 14 Jun 2021 10:27:05 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 38EF 295 B
328 B 8ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Jun 2021 09:06:51 GMT
x-content-type-options: nosniff
server: cafe
age: 82863
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 14 Jun 2021 09:06:51 GMT

GET
H3-29 200 fernseher_an.jpg
tpc.googlesyndication.com/sadbundle/6505420225234966752/ Frame 38EF 15 KB
15 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6505420225234966752/fernseher_an.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab4072907a0e12a225da7dcc96b0a4629d2a0703c1952f082e90b643eb400846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 16:28:00 GMT
x-content-type-options: nosniff
age: 142794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15237
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 15:48:56 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 16:28:00 GMT

GET
H3-29 200 handy_an.jpg
tpc.googlesyndication.com/sadbundle/6505420225234966752/ Frame 38EF 9 KB
9 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6505420225234966752/handy_an.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55773916d20f9d9f80fd39516d69f2d215239c89635c0082a31ceaf253d2fcc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:59:39 GMT
x-content-type-options: nosniff
age: 162495
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9335
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 15:48:56 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 10:59:39 GMT

GET
H3-29 200 pizza_warm.jpg
tpc.googlesyndication.com/sadbundle/6505420225234966752/ Frame 38EF 27 KB
27 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6505420225234966752/pizza_warm.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff32338ef08300f70369e9122b7c10924ea2320bdf7b3e57035ce693b09947e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:49:02 GMT
x-content-type-options: nosniff
age: 173932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27379
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 15:48:56 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:49:02 GMT

GET
H3-29 200 enviam_logo.png
tpc.googlesyndication.com/sadbundle/6505420225234966752/ Frame 38EF 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6505420225234966752/enviam_logo.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

567b64782a23de78e416ca58fb638ba29e0c2aced0307e989f7597988b72a717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:27:39 GMT
x-content-type-options: nosniff
age: 168015
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2090
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 15:48:56 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 09:27:39 GMT

GET
H3-29 200 Zu_hause_.png
tpc.googlesyndication.com/sadbundle/6505420225234966752/ Frame 38EF 3 KB
3 KB 9ms
9ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/6505420225234966752/Zu_hause_.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2120c05d4b4f031b4124595912416e9aedea9b864b2eb3c21764a036e390896d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 04:50:30 GMT
x-content-type-options: nosniff
age: 184644
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2951
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 15:48:56 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 04:50:30 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F940 42 B
64 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssk1P0zxw6okfvQTMblRqVFPQ2Uc4NhzDpRdfi1qCVYslXXwXy3bS3bBZW1VX6_CrC3FEtujl5mEDjHrQLhS25Mz54IegYtplj_rRW8udU&sig=Cg0ArKJSzGFg2MRyZOy1EAE&id=lidar2&mcvt=1105&p=0,0,250,300&mtos=1105,1105,1105,1105,1105&tos=1105,0,0,0,0&v=20210611&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=722326227&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1623658072206&dlt=0&rpt=1108&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame E425 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.aralego.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.aralego.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 14 Jun 2021 07:44:49 GMT
expires: Tue, 14 Jun 2022 07:44:49 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C648 783 B
532 B 16ms
16ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

261d720a626926c855216d0f5651c90b10b9b82401979cb953ad0909649e47c1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sFtQERsEI2fTD7VqNBuA3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.aralego.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.aralego.net/

Response headers

expires: Mon, 14 Jun 2021 08:07:54 GMT
date: Mon, 14 Jun 2021 08:07:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-sFtQERsEI2fTD7VqNBuA3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET match
c1.adform.net/serving/cookie/ Frame D105 0
0

GET pubmatic
d5p.de17a.com/getuid/ Frame CB0B 0
0

GET usersync.aspx
dis.criteo.com/dis/ Frame 7BCB 0
0

GET /
dsp.adfarm1.adition.com/cookie/ Frame 2282 0
0

GET
H/1.1 200
OK recv Show response
cm.gammaplatform.com/adx/ Frame BB71 43 B
285 B 207ms
174ms Document
image/gif 52.220.229.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.gammaplatform.com/adx/recv?pid=35&uid=991186B7-3E3D-4AFE-8C78-4390A478EC05

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.220.229.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: cm.gammaplatform.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _aGeoIp=DE|Berlin; _aUID=7bcn7xj80lkb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-encoding: gzip
accept-encoding: utf-8
lws: 42
content-type: image/gif
content-length: 51
time-ms: 0
date: Mon, 14 Jun 2021 08:07:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains

GET

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6961
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mRGGtz49Sv6MeEOQpHjsBQ%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

0
0

GET

SPug
image4.pubmatic.com/AdServer/ Frame 6961
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=95a460c7-0e5b-4800-9909-90151ab01fd1

0
0

GET

/
loada.exelator.com/load/ Frame 6961
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=991186B7-3E3D-4AFE-8C78-4390A478EC05
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25

0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6961
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTkxMTg2QjctM0UzRC00QUZFLThDNzgtNDM5MEE0NzhFQzA1&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
187 B

293ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:52 GMT
cache-control: no-store, no-cache, private
x-lat: amspug004:0:309
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6961
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPXcWS2GrXEQ0zknTOa7SAU&google_cver=1

42 B
283 B

293ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPXcWS2GrXEQ0zknTOa7SAU&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
cache-control: no-store, no-cache, private
x-lat: amspug003:0:384
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPXcWS2GrXEQ0zknTOa7SAU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET pubmatic
um.simpli.fi/ Frame 6961 0
0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6961
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:331760c7-0e5b-4800-832c-f1e5b1e9245a&gdpr=0&gdpr_consent=

42 B
495 B

3100ms
23ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:331760c7-0e5b-4800-832c-f1e5b1e9245a&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:58 GMT
cache-control: no-store, no-cache, private
x-lat: amspug019:0:363
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 14 Jun 2021 08:07:55 GMT
Server: MT3 3759 5f8f15b master zrh-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:331760c7-0e5b-4800-832c-f1e5b1e9245a&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 14 Jun 2021 08:07:54 GMT

GET match
c1.adform.net/serving/cookie/ Frame 6961 0
0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6961
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=83d60638-2dbc-4bd6-b11a-4844dbf331b7

42 B
295 B

3892ms
22ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=83d60638-2dbc-4bd6-b11a-4844dbf331b7
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:57 GMT
cache-control: no-store, no-cache, private
x-lat: amspug020:0:372
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=83d60638-2dbc-4bd6-b11a-4844dbf331b7
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET getuid
ib.adnxs.com/ Frame 6961 0
0

GET
H2 200 991186B7-3E3D-4AFE-8C78-4390A478EC05
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6961 43 B
837 B 98ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/991186B7-3E3D-4AFE-8C78-4390A478EC05?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:54 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET sync
ups.analytics.yahoo.com/ups/58292/ Frame 6961 0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6961
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=utQjILyBdXah1iMlvd1tI-3cci-h1iF1vdZLFNnI

42 B
579 B

295ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=utQjILyBdXah1iMlvd1tI-3cci-h1iF1vdZLFNnI
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:53 GMT
cache-control: no-store, no-cache, private
x-lat: amspug001:0:368
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=utQjILyBdXah1iMlvd1tI-3cci-h1iF1vdZLFNnI
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 6961 0
0

GET

adxcm.aspx
inv-nets.admixer.net/ Frame 6961
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpubmatic%26bsw_param...

0
0

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105281634000/ Frame A358 191 KB
54 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 174534
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55221
x-xss-protection: 0
server: sffe
date: Sat, 12 Jun 2021 07:39:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8af8bfef65693cad"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:39:00 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame A358 12 KB
4 KB 31ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 154522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4567
x-xss-protection: 0
server: sffe
date: Sat, 12 Jun 2021 13:12:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ca56b057322a8584"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 13:12:32 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame A358 87 KB
27 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 154522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27321
x-xss-protection: 0
server: sffe
date: Sat, 12 Jun 2021 13:12:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3f2374642481d921"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 13:12:32 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame A358 4 KB
2 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 160615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
server: sffe
date: Sat, 12 Jun 2021 11:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "514585efdf5d56f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 11:30:59 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame A358 41 KB
13 KB 31ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 178995
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
server: sffe
date: Sat, 12 Jun 2021 06:24:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db4e8fd655d0c88e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 06:24:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A358 3 KB
1 KB 33ms
14ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 07:16:10 GMT
server: ESF
date: Mon, 14 Jun 2021 08:07:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Jun 2021 08:07:54 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A358 295 B
328 B 6ms
5ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Jun 2021 09:06:51 GMT
x-content-type-options: nosniff
server: cafe
age: 82863
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 14 Jun 2021 09:06:51 GMT

GET
DATA 200
OK truncated
/ Frame A358 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 853de8a798505d5d2dad715b7b00f68f2408a6d0c2deccde4bbfdbd9496e0d4e

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A358 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/vls/728x90.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:51:05 GMT
x-content-type-options: nosniff
server: cafe
age: 19009
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2471
x-xss-protection: 0
expires: Tue, 15 Jun 2021 02:51:05 GMT

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame A358 0
0 19ms
13ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaScMNCLRXhyo_TGV_jkO9Lpjevqy6ueMwKvm_NmfGROENBzzwMk50GUnWXv8TAJjnNb9WZDPstD2fqqNDINzi1YrM3UKg
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/vls/728x90.html
Protocol: HTTP/1.1
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A358 0
0 18ms
18ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CnfvvWQ7HYMzqN8StrATy5qrIB_6-qKRj0_mVt9kN8b6piOAjEAEg_LXKJmCV-vCBjAegAbS84vsDyAEB4AIAqAMByAMKqgTuAU_QMJm45VJFkrKx21lAM3YLGk1j4OFF5KVIneH7-MIPA36s8K-LZ4HPFlGa5v4kgpOsMjZx9uPY5hcJkY1r-sYRC5fNbkngAs8ltDxJfahnzeqBJ_89-oGvGS1-5XtrqRa6xchAq_YoqMWDKl2RjGpNxXUNbdqiidzyCGdVW-P8NzKifaW2LJdH5BatuRBga1FN8b2Y6TuV8jTo2c1dvDsdt0gODdqXLp-8NV3ewsI95nO5GoMjSxTke6aWFxnKcuyMtWzq9_LlKY8ILnsuZq03O7fiOFZpbQ3qzasrl6if5CG5bIjLBAcR5WGQI23ABOHTyte-A-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAe0w50EqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEMOOBtIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzgzMjc2NjM2MDU5NjUxOIAKA8gLAdgTDNAVAZgWAYAXAbIXGgoYCAASFHB1Yi04ODA0MzAzNzgxNjQxOTI1&sigh=JJbw1Kk-olU
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/ads/vls/728x90.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7621 11 KB
8 KB 25ms
22ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021061001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a7fe2f0dbf60ea5bf42e89e731c4c0a313f5f2e09cbe4ca9d0b56b07cdf2b13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8433
x-xss-protection: 0

GET /
adx.adform.net/adx/ Frame 0EB1 0
0

POST prebid
ib.adnxs.com/ut/v3/ Frame 0EB1 0
0

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D786 10 KB
8 KB 20ms
19ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89d16ac1100479a0e6318e9dd266e5dce95bcb5d2130398efa042b0b1d8d0c0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7827
x-xss-protection: 0

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame F1C9 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.aralego.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.aralego.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 14 Jun 2021 07:44:49 GMT
expires: Tue, 14 Jun 2022 07:44:49 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6D2D 783 B
531 B 16ms
15ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cf72c9aa1ee96600d236aa2c9c76ba31dd7f79efa177c840fbca8ba05ebc1916

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mFl5CpaeMMghkP4/ZPwsOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.aralego.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.aralego.net/

Response headers

expires: Mon, 14 Jun 2021 08:07:54 GMT
date: Mon, 14 Jun 2021 08:07:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-mFl5CpaeMMghkP4/ZPwsOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3866 31 KB
10 KB 1033ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c2d5bb6cb24ce0e4275ae011a4e399c048f5b0b4f20cdb40c049b80bc65d1055

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Jun 2021 21:12:03 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=57040
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9303
Expires: Mon, 14 Jun 2021 23:58:35 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7621 17 KB
6 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:54 GMT

GET showad.js
ads.pubmatic.com/AdServer/js/ Frame D387 0
0

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 32FE 43 B
2 KB 24ms
15ms Image
image/gif 216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=76&3pid=a0c9a58d-da57-0bb6-3e78-eb35aa02ffa6&gdpr=1&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:54 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 32FE
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8051291501485621077&gdpr=1&gdpr_consent=&us_privacy=

43 B
106 B

16ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=8051291501485621077&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=8051291501485621077&gdpr=1&gdpr_consent=&us_privacy=
pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET dds
rtb.openx.net/sync/ Frame 32FE 0
0

GET
H2 200 58e01d09-a04f-a3f2-4813-4b662de40dbd
pr-bh.ybp.yahoo.com/sync/openx/ Frame 32FE 43 B
88 B 38ms
31ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/58e01d09-a04f-a3f2-4813-4b662de40dbd?gdpr=1

Requested by

Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:54 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 32FE
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=S0g1bC0G1LSHDv5

43 B
180 B

349ms
28ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=S0g1bC0G1LSHDv5
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:58 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:57 GMT
Server: PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-09aa64c92a07a6de3@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=S0g1bC0G1LSHDv5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 32FE
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=o...
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=openx
https://us-u.openx.net/w/1.0/sd?id=537072968&val=522bc648-6ef3-4643-ac41-0c818a15ec45

43 B
243 B

801ms
28ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=522bc648-6ef3-4643-ac41-0c818a15ec45
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:59 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=522bc648-6ef3-4643-ac41-0c818a15ec45
date: Mon, 14 Jun 2021 08:07:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET

adx
match.prod.bidr.io/cookie-sync/ Frame 32FE
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCZ0hVN0JqaDBBQURGNWVkV2JxZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

0
0

GET showad.js
ads.pubmatic.com/AdServer/js/ Frame 22AB 0
0

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 9572 291 B
487 B 144ms
49ms Script
application/javascript 212.82.100.146
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

212.82.100.146 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

911ce74c632a59217dd42b1a3412e0701fc2468f44e0b99e9756d5cdf87479d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:54 GMT
content-encoding: gzip
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
strict-transport-security: max-age=31536000

GET
H/1.1 200
OK sync Show response
ap.lijit.com/ Frame DBF2 87 KB
20 KB 18ms
18ms Script
text/javascript 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/sync
Requested by: Host: ap.lijit.com
URL: http://ap.lijit.com/www/delivery/fpi.js?z=742142&width=728&height=90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: bf7c9484fdc988e2ee44d62563d76afcd64cd75e1c9aae4c2fd195d9ba4fe649

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Mar 2021 20:48:41 GMT
Server: nginx
ETag: W/"60468da9-15bdc"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=86400, must-revalidate
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap6ams1
Expires: Tue, 15 Jun 2021 08:07:54 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D786 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:54 GMT

GET
H2 200 cht_cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 2924 807 B
866 B 56ms
42ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: http://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678

Request headers

:method: GET
:authority: cdn.aralego.net
:scheme: https
:path: /ucfad/cookie/cht_cookieSyncIframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.travelmiso.com/

Response headers

date: Mon, 14 Jun 2021 08:07:54 GMT
content-type: text/html
last-modified: Tue, 11 Aug 2020 08:15:02 GMT
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 6900
cf-request-id: 0aab292ae900004eeb7cbdb000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ISAmcN1sFZZdTniMr2IYvjs4lx2G20XkG43XI%2FxOSXkKxNIwjVER00nvm3u7PIDz%2F6wj6nND9O9s11GKHdta1GRsp%2B%2F0ccLyFadRVhrGebn5VlR9Fvqu6W6J90MDieBFqZLTxjzL7mo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 65f21157dc754eeb-FRA
content-encoding: br

GET idsync
sync.aralego.com/ Frame 53F0 0
0

GET
H2 502 frame.html
ad4mat.net/ Frame 488B 0
0 63ms
44ms Document
text/html 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4mat.net/frame.html

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: ad4mat.net
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:54 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_ob_info=502:65f21157de326377:FRA; path=/; expires=Mon, 14-Jun-21 08:08:24 GMT cf_use_ob=443; path=/; expires=Mon, 14-Jun-21 08:08:24 GMT
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-ray: 65f21157de326377-FRA
server: cloudflare

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame A358 21 KB
22 KB 26ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://b.travelmiso.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:40:44 GMT
x-content-type-options: nosniff
age: 174430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:40:44 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame A358 21 KB
21 KB 30ms
12ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://b.travelmiso.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:48:28 GMT
x-content-type-options: nosniff
age: 163166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 10:48:28 GMT

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame C2E0 43 B
2 KB 37ms
35ms Image
image/gif 216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=76&3pid=a0c9a58d-da57-0bb6-3e78-eb35aa02ffa6&gdpr=1&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:54 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET getuid
ib.adnxs.com/ Frame C2E0 0
0

GET
H2 204 current
openx2-match.dotomi.com/match/bounce/ Frame C2E0 0
104 B 108ms
64ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET pixelSync
pixel-sync.sitescout.com/dmp/ Frame C2E0 0
0

GET
H2 200 ox
match.justpremium.com/match/ Frame C2E0 43 B
324 B 296ms
14ms Image
image/gif 18.184.249.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.justpremium.com/match/ox?ex_uid=86a6b5bd-6752-0bd1-2bda-dba5d3c683ce
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.249.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:55 GMT
content-length: 43
content-type: image/gif

GET ny75r2x0
sync-tm.everesttech.net/upi/pid/ Frame C2E0 0
0

GET cm
green.erne.co/openx/ Frame C2E0 0
0

GET

rtb-h
sync.taboola.com/sg/mediaforcebidder-network/1/ Frame 55D1
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=758ffc3e-e354-41a7-8956-7ecad905cf1b

0
0

GET
H2 200 sd
u.openx.net/w/1.0/ Frame 55D1 43 B
106 B 49ms
16ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?id=543998486&val=558d1ebd-e19a-4d52-bb10-0dcd4d10e271-tuct7c093d8&gdpr=0&gdpr_consent=
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 55D1 0
239 B 847ms
27ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

GET

match
ads.betweendigital.com/ Frame 55D1
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1

0
0

GET
H2 200 101956
jadserve.postrelease.com/suid/ Frame 55D1 43 B
427 B 332ms
103ms Image
image/gif 54.197.13.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.13.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:55 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET rtset
bh.contextweb.com/bh/ Frame 55D1 0
0

GET
H2

204

/
sync.taboola.com/sg/adxxscod-network/1/rtb-h/ Frame 55D1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=DUYXnwoZShysbdXS1a1ToQ&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_...
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=558d1ebd-e19a-4d52-bb10-0dcd4d10e271-tuct7c093d8&ui=DUYXnwoZShysbdXS1a1ToQ

0
116 B

227ms
20ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=558d1ebd-e19a-4d52-bb10-0dcd4d10e271-tuct7c093d8&ui=DUYXnwoZShysbdXS1a1ToQ
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.10.199:10213
date: Mon, 14 Jun 2021 08:07:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14179

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=558d1ebd-e19a-4d52-bb10-0dcd4d10e271-tuct7c093d8&ui=DUYXnwoZShysbdXS1a1ToQ
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 340
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET getuidnb
ib.adnxs.com/ Frame 55D1 0
0

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 55D1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEMzrix53rmbWoqG6ZOjwkkQ&google_cver=1

0
285 B

532ms
15ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEMzrix53rmbWoqG6ZOjwkkQ&google_cver=1
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Mon, 14 Jun 2021 08:07:55 GMT
via: 1.1 varnish
server: nginx
x-timer: S1623658076.503342,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11551-HHN

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEMzrix53rmbWoqG6ZOjwkkQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 55D1 42 B
546 B 3724ms
22ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=558d1ebd-e19a-4d52-bb10-0dcd4d10e271-tuct7c093d8:$UID
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:57 GMT
cache-control: no-store, no-cache, private
x-lat: amspug015:0:370
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 55D1
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=9e5c3e08-c18f-4cbc-91b0-aefecc113c98-tuct7c093db

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=9e5c3e08-c18f-4cbc-91b0-aefecc113c98-tuct7c093db

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=9e5c3e08-c18f-4cbc-91b0-aefecc113c98-tuct7c093db
tbl-x-upstream: 10.40.0.134:10213
date: Mon, 14 Jun 2021 08:07:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14179

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 55D1
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=83d60638-2dbc-4bd6-b11a-4844dbf331b7

0
178 B

526ms
15ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=83d60638-2dbc-4bd6-b11a-4844dbf331b7
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Mon, 14 Jun 2021 08:07:55 GMT
via: 1.1 varnish
server: nginx
x-timer: S1623658076.503806,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11551-HHN

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=83d60638-2dbc-4bd6-b11a-4844dbf331b7
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 55D1 43 B
2 KB 46ms
15ms Image
image/gif 216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=558d1ebd-e19a-4d52-bb10-0dcd4d10e271-tuct7c093d8&us_privacy=&gdpr=0&gdpr_consent=
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:54 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET rtset
bh.contextweb.com/bh/ Frame 55D1 0
0

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 55D1 43 B
696 B 1310ms
17ms Image
image/gif 185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=558d1ebd-e19a-4d52-bb10-0dcd4d10e271-tuct7c093d8&gdpr=0&gdpr_consent=
Requested by: Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:55 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET put
e1.emxdgt.com/ Frame 55D1 0
0

GET usersync.aspx
dis.criteo.com/dis/ Frame 55D1 0
0

GET 9.gif
id5-sync.com/s/464/ Frame 55D1 0
0

GET

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 55D1
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=YdgTINPuB9GSMhzpWQ7HYA

0
0

GET cookiesync
bttrack.com/pixel/ Frame 55D1 0
0

GET

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 55D1
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=taboola&bds_param=522bc648-6ef3-4643-ac41-0c818a15ec45
https://x.bidswitch.net/sync?dsp_id=340&user_id=3f05d84b-e095-439a-961e-f4630917db66&expires=10&ssp=taboola&bsw_param=522bc648-6ef3-4643-ac41-0c818a15ec45
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=522bc648-6ef3-4643-ac41-0c818a15ec45

0
0

GET cds-pips.js
cdn.taboola.com/scripts/ Frame F676 0
0

GET
H3-29 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A358 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:51:05 GMT
x-content-type-options: nosniff
server: cafe
age: 19009
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2471
x-xss-protection: 0
expires: Tue, 15 Jun 2021 02:51:05 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A358 295 B
328 B 8ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Jun 2021 09:06:51 GMT
x-content-type-options: nosniff
server: cafe
age: 82863
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 14 Jun 2021 09:06:51 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 21AF 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 14 Jun 2021 07:44:49 GMT
expires: Tue, 14 Jun 2022 07:44:49 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 29D1 783 B
530 B 26ms
26ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

69281f3aa9817f5d6708f6eacd0c0be9d0aca214a9c9b683af53ada71ad2fc57

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oeGAhGsPkuh1/pSBvtjBjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://b.travelmiso.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://b.travelmiso.com/

Response headers

expires: Mon, 14 Jun 2021 08:07:54 GMT
date: Mon, 14 Jun 2021 08:07:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-oeGAhGsPkuh1/pSBvtjBjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 483A 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=3012122230113830&bg=!oKOlo-fNAAY6sG-_OrA7ACkAdvg8WngYhixHvq-np-OtV7pVMvcjAaT1dgCnU6an5sguN05pwYvnzwIAAAWCUgAAANxoAQcKAQ2QvXlW28tnH9MYoXJNbbv8Y16obJnCT-IRgVHsN04LIMfmsn9s4wQU5b2qj6YIdSu1W0CQL4ebLxPAvZoKfGUB19NJesPfeeME5LoZvjza51JDGalk4P3CKU-QdydgAb_Zm5_OSD0yweSAUx2bQCdxw4vusz3d2kpcCtnX-5zPf5sCpaP20QLRud9jsmWXalLHgoYeDLCLxTib2UiBAoX-Vp5QHcxWvGDIqoFzumpYbjwtm1IqUZJt9mvdSz23hrfXgMROQ8oy47S5UQNNWQbZLM_nk6ybSB5HqSUpciaSc4nCXUul4gDSxkIUWZvp37rqc-CuwS13lQpORiOTsVypbZQrof48NQW6P8Yxa5kChDaDIC20rGSWPMtcmh_Gd_6sKdtDxlJ43iqaMpCY6Svn0X9SXrV37s7tH8Po-YGHZYDmzx80foEgLQszQK0t8nlupQEsdEPw5ZDKuF_ySpVznMmuKLtNRuqLLRToJUgl8Mnl8AsAj24hAC_Fjv1mG83qN7ZeyUkl_qzNoullfJjvUzULds1TqrZHel9-Yvl1Rj3qEW9DGlRhFoIixp9RrzB1G2boTl9YHq9k_M9ti5L2HGFx4VTJE4qMV5A2M8I_oHk1Rt2tydO6qeHxwRJ1g5NS4TiYjFCgxY1I3N_j45UO02AxA-_rYPjs997olwMXv-lZlbZbbnIj6x7z8HvIvsfSDSahvlD4qlqulaegEMqnQmETY2DawSVruouIGcMMwgWyPnIB_hG6RX2vyGF3zXsn6otK0pG4GwrT6Md7E4Jq2_d1YzRsZx3DkT0sKF-4px-nFVE5bR2xqujwB6f8qkaGv-2mEv254ORcwvZOJyYKs_ar2w3CK8ixPv0g-v4KYXswH7bl3an7byJhMe8IOB4mnTaJ7G2sLdd61HOvM2Oj_sIps85g06Za_UQv5dRj__sTMFCIcr3mSJCnokP7M6C7VvFXhxKmp4FbgHtb-_316SDrGZVOb8yqPwJI6egHNQyMMJee9VzrO2vdtgMxEEONdjWRStC8ItTvB-UGrLDIXYv3j3lyrSlFcnHYEFghKFWOfoP4UdB5Feyqid3sLIMSbX8EJgOi50zhkSRx0k5z0TRfZKseZido1artqMKTnQj-TSmxtR3ncSYzUhe6Il8XiyfBsGQCoaeQDxv4-1EjEwEnN2icRDL1tu0LZJZi_Ty6nvf7RyoSCUUF8xBwrtp0fj9V

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame D8AF 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 15:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 15:49:47 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B96 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=3361641550234498&bg=!dXaldjLNAAY6sG-_OrA7ACkAdvg8WiG71lJxQ0nac8ilI9UAamvlivwLSg-zbzHdxEmm9mI0_XXjAwIAAAXuUgAAAM1oAQcKACCbF1bDnQxGBt-YOMMEWrC9v1SgnTx4FA5OithuMx3JFpkChwskNth6TVLZoYCyLVatNewQjYr3xNx9o122RXciPEzII3wUzQwOn1rmNDMvDJ5Aw_THSAOYg7MsO5mrq9bJVY5mmrF9uFPgni_O1GIibtnMqILWN14pjoDou7_6zOc55XYNUXJs7qbKevX4gENObFpAEYEyXWmpQytRIdvJ8q_QHm-Kq1BrZcIdy-nAxjhraJhKyLclpEPi72ZDAHu1Tw-yZEkvEyBMkxVzEIuoptYcshvvpnYNADJkTzDzO5tXI3OOsUMtoc9S0IlvGHMFwVsw5i4CxKuq9D4lHEQkxOdqlgt7znyjYBh8_WwSs2jxq9EP2ULOeGzbWe5snowSJ9PJciV_KSc_617sklzM232xohNkTda9r4tGJgN1_GLDzhW8v6hHlna8LZ87WXPMqqdhB7IKSzsNIbp8rZGT3eEhxeszEKzAbI-FRpdbTxXaJp7mznIZ0jXgbQh4eLC3qdYCmbOi9M0oE35eOFXza9SKwqUkb4pTS15km_gVsf4Isq6KEp2pIAV06kV0yGNwszAYnEuKsXpSQJKAfiK6QOue_K06mARKFeO8BMcwU7C_Y55PA4Jnbm3a-IJJPibQ60d-tNwA0Elav-jPMbtezgUN0zwEv-8Ax7EN1vmDD8xJvzmElsan8C8eZp85wEbvP5O0fR2DGqXs4hZ8qviCnWk5VquWR4-lwaNxVybbnQ8Ii0bSuaIBx9b30hV8Iy51rtB9zoVMPyJ0CoZgMUegJv4Tr5oIzsFTbAyoPkMdXxv9unl7QZrPW4dmgaUciZVZ4OMS3WXqkcY2g7G8WuOZoDGiYSi-4q5dHKzGgLbMChl87uW8kkxdTloriGVaQk80fFIOIh_6U48x

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adcfg Show response
ap.lijit.com/ Frame DBF2 158 B
550 B 21ms
19ms Script
application/x-javascript 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/adcfg?zoneid=742142&tid=ef1c5902da784ef8bd6b72246919b5e318ae51ec&mode=1&dmn=b.travelmiso.com
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 19f34b10c613a76e728a876a17c9c329f3bd6e3b822d2375e7b552a83aaf8a59

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:55 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 146

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0AF5 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=2845213270438478&bg=!y8ilyIzNAAY6sG-_OrA7ACkAdvg8WrY9AM41ubA3d4yTQzJmqP15eXETdM49dv3Kv9Jf8to4qCHQ4QIAAAYLUgAAAK1oAQcKAKXo4WhOx_2-veTPIl8ETR_D00m3K0d8dhvv8TQ66as4XBbtvCgu9bXjaZI-mbk-WNUJk02qWOY2BihpEQ14IpRLXYd8oBkE3vytQ9WacaL8YleuPvqeoigLwG64w2yevFYfNbsvGGdh-shQhIrO5tJDsXDRBvXwQvutSex-EymXQT_9YkDnPGgN7SxnWemGD5zxkcmLvvNEflb39RREx5Um5MGDsX-ZAqEomdcQzMk-UyYdr3Mg3po5RJuA2CyyxIOlXNBwXGeHxglQwpg7u7tb1sdaeTnLvDuEVhh0-N0ZtmqsY62LdMN7F-jHK54EXfxhFexmR69-GnEjtV0cxTGK4yadDbPysZq5qJhEJeOmViwzos4vKgk8YZFZiOi-6xT5akSfcdUOpZEuXWY0Q0GYV9Dm73HtGNfOuSQkaUCOQyNsqby11hUSI-XOhSzGMsjR3sxug6_IgOJQMmY11egtrrYSS03NlRG_uHW-diLIvqLRKTOPfOQLYl5M2_Xj_vqAGYOr4aCOYY1yin69SwUZckx0pkFQYhZCF2VvWdsH5kaF52fWZae1fJ5Nr1EJlRQm-scM9WfGXdP7a1rACJprE6qqSgNAyzmMkWdbLKsHs2jQi4xahTcG2HxIN1_cSgshCwknpPOPDsptCG_fZ9wFXhALYlx-W6K-R9S2-eoDPOX0lZmDE0qUFMPecIH_B5jkycV3-WCkh5PdDTPajQwYWAUGxOfV1WOThMUqEdbYom83Yz1BnWm9ZZKbejfSLPgxTz1Uj08tdTSzvIJ0D_EumBvMZWLDsLd0E_MaVNBV4guvV54r_K3sRtlWzuzCg8ymFAVpWvv0_AHmUDSqaCw7YMokAFU7UtVo7YiMQP6W7sLcXotfWmvwjbThN3xG0UFiY8jQubzKbEMtuLj88B9x2HIfhj5RLhpxTXO72DxtkeKTaBROtea1xXNCQO9KmG_PqKHgoQ3C9Ic5GZ0yUxsxXDUn7dyFdH6KbMhpA9jdlh3lnZtSTuSnohS_IuyIbvQQDcRP99iCwkWPe7FdF_lyQOAhK26iU3Q36nxGtYLJd6UexA2zyjDjUe7TUmyDWFgHHxH6ec0iYwVRxExEnSU2xEH7oPgKAGDh

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B4F5 0
20 B 45ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=3117270916098045&bg=!3t2l3ZnNAAY6sG-_OrA7ACkAdvg8WgHIHNiAIowROHgxXbOsIRLTt3xRIkvrMTpva7HIXfViYxxKfwIAAAQJUgAAAKtoAQcKAAZUvZBeZMOZAqTEkAjCmW2lfADHySJMbyazunigwh_-WNF_-0IrpdoyioSdvEpBB_pV-b_aMWFdfx_Cdj5JWqmDeOOB2iBC0dW5rEv_9uXe1AyyAT5WVCbErnFsFXoxQtyxJAZdp3yUSpEQI4RR6BmBDO7fWofyw9RntFrELBt_Sur5XF1_G2QJsfMHoJCb_EOv2866V0_TA3AqHO-X2Qya6e1S0UsTA0c1vlmfkArYaQHnvmEavkKzkad2X-XQnLiNktrjcqr_k22qWw_0HqYZPG89MBLhzdTSPMVuvKhvxVSRPXeyLY4w-9QTj-GUDfPcNXHzJrdb1tNGM3kP7zAUczF6-QyzKcLjel38V1S_iURWxTYlO4pWCuJZ0-8XaOOAsid84-yzmmm0Pbrzx0o_CwUkxCaHjqopjwgZXwxN9jm8QEpYHT5w1Xf-DyQ-n1ENvcl3bwRx4p-AMa-B8wxH3YDGPHKdLelXVBvRVfuVX3B1etNMLV7wacfK6oPcwwjhbftBmSpiEePHyPcybtmYVk9sJVBBpzHwZJ34dy7XZzYwAoLjscxvJuDupyVnKP5Ipo36qvUm5H5NxYc7CtAqPPjpNnUrvGdaU6mtqPe0RbB6PgRFNNQXikbJi98qvsbl6nkRvE4SjEjjNqkQDktrtpVNKXLiFaEbD3laSsyvYPs9IOyKCNMCE4SXY0aMlNj8a6nse7UpV39aXLl_dOGC3OazYaRlSQTnwnpx-RaS_LHcCiQifWGxqaxDc9QGW264CE-Aa1pkzfYI18AVJ6RVX_grAEGHOkjRSk4NUPTQSvon4ggXfdKVcriWf_VrMt9H7SqZIfQuHbDWocLMGOn9zsqNikfDwsp1EdClrQwt7ZgjnwweoVTMkfYUjKnr00-eMXiaqi2MiqyfjNA8

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B02 0
20 B 43ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=2964319579373393&bg=!hoWlhcHNAAY6sG-_OrA7ACkAdvg8WogvGNGELBpTXJHr1RYRp7IJOeM6VG_PNhoktyHPSEsAJ7oLpAIAAAPsUgAAAKxoAQcKACFhUndTxOfciJv16hQJWDsxuuk1pTyuDLuDNU2LAFuuqOOZAn_jkuKyOSMXt8u7Jqp5PK6UqKoA0ijRkENxOS3aSNoW9DRqQZUCxjKrxblEM0aBKBMGvvfPH9wFWzkHlX4tyBIgppUZjM1UB7QDwjCNjyjbpeESoZTUxkXkrpVJvG3rweWzbkmYij3SMYjpY7mc7UDxaZQlKwO60BFbEowqkMXnUCO2sDRJjLDnBIQaSb6KdbOXiyunvx5yFjwB_s78XHvCMy4g11SRjZOiTb6xTxgBcEcm5yKHMAm2qBmW0EKfbN0Mg9TMLJdTeYzpUZjZqdvjnypISmi6-r-dvm-DLYY2CH3QS2MteRDdmDIc2HqbsAypAll6YXrtLtws-hw_SGWAvcc-u-z0Fg87O2N7aj4XGc0o9t8S4JTc_w9Qbezq1n1Ysvaq8xy9BBJ5cS9uPHIbfbDKlWaSGxfD8pdiebT2PVnrOiBr7RO8EmOzWHIq1Bh6k2bM33-UmnrMovMelr-JX0Pn6zwz9ylFGgUYoRHxSdTfECuVU5edpwJdEn1gguu71xMolrk6D_0OZ6z85ftwGTsxt3p_bDEnowXPbRPnfjBTS0qq9E8HXpPorx6AX52GRT7td9ZAAGKnb9IqBw1ze01qzK2e9kmbTDarQ3Swqw-kzCHWj4sPfwtSUuPNcRkwycC8r20VZZANwzVrS_Cry9XxIP_VF4mFv4MuJyXpIxiqmK1llis_kA6jC0WduS_tMEYSBc9IvB6sPJoaOkBE_p0nL9ioWI7-pGiCb_9ZplkIkTEC0oN4ZLZ3erT5sfR8d6q6bs4vcN3-f6_VxxAPGs8gxahGUrQSn2tEkeGTLMhI1OwOz03TZ7Illa7C3DQWzTLeXHXk3m6VACJPLsw

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 20E4 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.aralego.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.aralego.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 14 Jun 2021 07:44:49 GMT
expires: Tue, 14 Jun 2022 07:44:49 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1386
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 298D 783 B
532 B 16ms
15ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

685c7f4144683862bb9d6396921d431276daf0ab84fbeee009c1faff576d740a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4xyvIvzBZOOLxjIXLKcaJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.aralego.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.aralego.net/

Response headers

expires: Mon, 14 Jun 2021 08:07:55 GMT
date: Mon, 14 Jun 2021 08:07:55 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-4xyvIvzBZOOLxjIXLKcaJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Verizon_Media.png
cdn.aralego.net/ucfad/house/ucf/ Frame 3C43 87 KB
87 KB 15ms
14ms Image
image/png 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aralego.net/ucfad/house/ucf/Verizon_Media.png
Requested by: Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/mobile/production_flurryTag.html?adid=d3ba746a-82fb-4032-b01e-ccb4c304c69a&width=728&height=90&click=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42818027891cd54585a88d6f81fc6b4bfdb7aa3424ee79d2e22a1cb35a0ea656

Request headers

Referer: https://cdn.aralego.net/ucfad/mobile/production_flurryTag.html?adid=d3ba746a-82fb-4032-b01e-ccb4c304c69a&width=728&height=90&click=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:55 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3302
content-length: 88802
cf-request-id: 0aab292bdc00004eeb31169000000001
last-modified: Tue, 27 Apr 2021 01:41:12 GMT
server: cloudflare
etag: "60876bb8-15ae2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=K7B4vWdKAi%2FG%2FlGpdpGkiVW2XzeY295sThLQ4m3Kj9%2FIpZmlLWn42P1%2Bex%2FLJ3v3PlUk3BKnwRR4iscwoCFzz%2FeGTVsNUcHSK8tdTzyNG3qEEo%2BO2Ru5eiwkwabmf2Oa0aVv24oUDi8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 65f21159592c4eeb-FRA

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 2924 62 KB
21 KB 15ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd56c87dbd42ec5efef8e0fe40728cfa889cac7e9b80dc50b58c10063ae14d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 849 of 1000 / last-modified: 1623449396"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21627
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:55 GMT

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame E57B 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 15:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 15:49:47 GMT

GET
H2 200 Verizon_Media.png
cdn.aralego.net/ucfad/house/ucf/ Frame 4556 87 KB
87 KB 14ms
13ms Image
image/png 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aralego.net/ucfad/house/ucf/Verizon_Media.png
Requested by: Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/mobile/production_flurryTag.html?adid=d3ba746a-82fb-4032-b01e-ccb4c304c69a&width=970&height=250&click=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42818027891cd54585a88d6f81fc6b4bfdb7aa3424ee79d2e22a1cb35a0ea656

Request headers

Referer: https://cdn.aralego.net/ucfad/mobile/production_flurryTag.html?adid=d3ba746a-82fb-4032-b01e-ccb4c304c69a&width=970&height=250&click=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:55 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3302
content-length: 88802
cf-request-id: 0aab292be400004eeb7b212000000001
last-modified: Tue, 27 Apr 2021 01:41:12 GMT
server: cloudflare
etag: "60876bb8-15ae2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5hno504iCfRuD0losX%2FplN%2BsYmPyFHftZglVgAGjfPOWQGMuGKNTavNJ4l77jdqbIYXs%2FPMbX2FogzI0XvvOclYfr9N6WuKKygadPMrv0v132j7ZmCHS1%2FPn6Uih7WBdxqWc5SfPYWQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 65f2115969574eeb-FRA

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DE9 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 15:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 15:49:47 GMT

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame E425 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 15:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 15:49:47 GMT

GET
H/1.1 200
OK addelivery Show response
ap.lijit.com/ Frame DBF2 261 B
2 KB 20ms
19ms Script
application/x-javascript 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/addelivery?zoneid=742142&tid=a_742142_a32a1598e08e472a8b4c2d31c6d98d8b&cb=undefined&mode=1&flv=0.0.0&ifr=true&od=b.travelmiso.com&time=08%3A07%3A55&fd=1&be=sf&loc=http%3A%2F%2Fb.travelmiso.com%2F&orig_loc=http%3A%2F%2Fb.travelmiso.com%2F&abf=true&dpz=false&cv=undefined&dop=0&ndw=1&spif=true&btid=a_739868_ad7ad49366ad48929c4d6e620fa75e51
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 42452edc7769e025acf8d0288e783fbbbb23e10b07f2cdb1706fb692e8c3d779

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 08:07:55 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 208

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E534 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=4073378915195881&bg=!CwilCEzNAAY6sG-_OrA7ACkAdvg8WtxIgO6hIphgN205jGx-z7hO6Rj5Sm3dDuX8zEmiYW7vNJhwBAIAAAPPUgAAAHVoAQcKANtSM2whPiOXCXTFbT6fMwk6FClorfuXJxV0yOsnTYpbHb5bJGXJ326odC5Q2ITkHXs6ear7TE8hZU5Ocs4DXZI3Mwak8ZRn6REwtZD8A9fZR8S4MWuuzyN6l3CLhnMYBk_eYAOP0-j74b7ZlOBkOAHsqCh5vEc9VdQRLsw3t_7yliDtlfZWq8WxAUCuTsy65fWtBzTDOYm3Gwk_tCjQjlewJjcN80NlSv3kn2xQqal7x4Euw9nK5xJgURojPAuLxsYsKz5tgz1rbZ6pRH8EUoe9A8OQsu-o3X7ollSZAndhOhhmX279lEZYNDuQ0q0Kz42-eRiIZOxcSVVFJ1aLfPSSgjL_1YP8BkPzlOSRIG4U0v3YBctTKU6VUOH22SMAquzYQAF_fqh0-EPkH5wWF3fHr_CNA2u4RF2P7KeQuf0eNf1TQ-cSo5Alq1uI_V1OTB8I7QZWRtKJg9BScDhcopk18V-Lsq2scCGPjhLBk5bEPj4jPdPdL29vMVeYqYxenwE4fLx2rlNcPLWubIJxDBxjeaTtaXb_T5Sg8_2fjfgxk20-WnuA6XvL4i2spyKyDX9nLsR4YKbHqxgF4S7fjudKHdNrPaXCj9dJe6J7xOXi9A7IzOnkDBSV07OuSt00qo43Tmv_98dcr_yBIzCQLS5U_QhzYj0RJEOtp_BFEfuVunriERPZcxr2yauhRxwaBDcZTPrlFAjs2i9Z80p-2-Iurk4etmY5KkWmNkzvMUI0PoIkqtl6UH5-qJK6CRg7o6XJN0uKDJ_DAWmDZsozHgnkYsLiwu9V1S02q3pfG2D28JGmR3pAI2IYD1-EG1xy6Z7fQQ7JNbpwpfCX93VoLuN1G7HDF0cgJp1cKHBT_nu20m54sPzbVx3OJjKGFpYgfbPe-9GGn9BsgGHcrJs4nUDggJAfxEHoOONDovuPSS0n7klExKm9JdI0ksQ2d638TwhbkaH3RjnVpqDpdNNFPGx8CGbIZKCskMbQJRYICb0ZMk2GHPc26TnOlvkWip-araYmfWUwiH8VRC4uxe5z-8sl_xY3iB1uBUlj5pJVR5PeN2dN6a1tVeLSKLnGKBGrx3E8vF9Qw0yFl7UIVtZrGN0fLQlNLmQ1V57-_kfHZge7zmL6pJ04

Requested by

Host: b.travelmiso.com
URL: http://b.travelmiso.com/travel/athens-greece-travel-guide/2328/1/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 08:07:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 pubads_impl_2021061001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2924 326 KB
114 KB 16ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ce69465fa2284194ab3ec822ee452307e2f4b4ab202499e24a06f8215b1ead1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Jun 2021 08:39:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116947
x-xss-protection: 0
expires: Mon, 14 Jun 2021 08:07:55 GMT

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame F1C9 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 15:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 15:49:47 GMT

GET
H/1.1 200
OK containertag Show response
ap.lijit.com/ Frame DBF2 24 KB
5 KB 3073ms
21ms Script
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/containertag?containerId=18&zoneId=742142&v=2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 92e23dae8f12942ae8e222b181bbac2866490eb5080f2ff4eb67491534f036a3

Request headers

Referer: http://nichools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 08:07:58 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: raptor
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap6ams1
Content-Type: application/json
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET impression
vap6ams1.lijit.com/addelivery/ Frame DBF2 0
0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame CB71 83 KB
27 KB 41ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player_banner.min.07f50ce3.js?e=ops
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: http://b.travelmiso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:07:55 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Jun 2021 08:07:55 GMT

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 21AF 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 15:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 15:49:47 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 2924 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2924 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 08:07:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2924 330 B
174 B 42ms
41ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1128932104074498&correlator=2989460109138181&output=ldjh&impl=fifs&eid=31061362%2C31061422%2C31061429%2C44742768&vrg=2021061001&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cdm=cdn.aralego.net&bc=23&abxe=1&lmt=1597133702&dt=1623658075477&dlt=1623658074969&idt=501&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=64515409&ucis=wr8g6z127uyu&ifi=1&ifk=923963767&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2Fcht_cookieSyncIframe.html&ref=http%3A%2F%2Fwww.travelmiso.com%2F&top=http%3A%2F%2Fwww.travelmiso.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=1961113997.1623658075&ga_sid=1623658075&ga_hid=572770237&ga_fc=false&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS