www.picktime.com Open in urlscan Pro
34.120.107.5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ec2-54-202-43-228.us-west-2.compute.amazonaws.com/x/d?c=24723051&l=988d5abe-4fdf-4d68-86e6-bb311ae32125&r=a00261c9-9a60-46a8-9128-01eff55a...
Effective URL:
https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
Submission: On September 28 via manual (September 28th 2022, 1:26:05 pm UTC) from FR — Scanned from US

Summary HTTP 104 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 24 IPs in 2 countries across 18 domains to perform 104 HTTP transactions. The main IP is 34.120.107.5, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.picktime.com. The Cisco Umbrella rank of the primary domain is 335554.
TLS certificate: Issued by GTS CA 1D4 on September 17th 2022. Valid for: 3 months.

This is the only time www.picktime.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.202.43.228 54.202.43.228	16509 (AMAZON-02) (AMAZON-02)
21	34.120.107.5 34.120.107.5	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
20	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81e::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80b::2004	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81d::200e	15169 (GOOGLE) (GOOGLE)
1	18.164.96.9 18.164.96.9	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
3	34.111.99.112 34.111.99.112	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::9d	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:400... 2607:f8b0:4006:81d::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
1	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:80f::2006	15169 (GOOGLE) (GOOGLE)
2	2600:141b:700... 2600:141b:7000:5a1::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	130.211.9.179 130.211.9.179	15169 (GOOGLE) (GOOGLE)
1	76.13.32.146 76.13.32.146	26101 (YAHOO-BF1) (YAHOO-BF1)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.117.228.201 34.117.228.201	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.19.221.177 52.19.221.177	16509 (AMAZON-02) (AMAZON-02)
104	24

1 54.202.43.228 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-202-43-228.us-west-2.compute.amazonaws.com

ec2-54-202-43-228.us-west-2.compute.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 34.120.107.5 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.107.120.34.bc.googleusercontent.com

www.picktime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2607:f8b0:4006:80e::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::200a (Rockville, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81e::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:824::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::200e (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-9.jfk50.r.cloudfront.net

serve.albacross.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81d::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.99.112 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 112.99.111.34.bc.googleusercontent.com

io.pushfarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:81d::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:80f::2006 (Rockville, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:7000:5a1::4469 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.9.179 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 179.9.211.130.bc.googleusercontent.com

sync.graph.bluecava.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.221.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-221-177.eu-west-1.compute.amazonaws.com

new-collect.albacross.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	401 KB
21	picktime.com www.picktime.com — Cisco Umbrella Rank: 335554	632 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 268	130 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 299	74 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	236 KB
3	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 468 tps.doubleverify.com — Cisco Umbrella Rank: 472	109 KB
3	pushfarm.com io.pushfarm.com — Cisco Umbrella Rank: 385866	365 B
3	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 76	2 KB
3	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 69	111 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 191	88 KB
2	albacross.com serve.albacross.com — Cisco Umbrella Rank: 59433 new-collect.albacross.com — Cisco Umbrella Rank: 47803	5 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 208	22 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1273	632 B
1	bluecava.com sync.graph.bluecava.com — Cisco Umbrella Rank: 2342	749 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	698 B
1	amazonaws.com 1 redirects ec2-54-202-43-228.us-west-2.compute.amazonaws.com	770 B
104	18

	Domain	Requested by
21	www.picktime.com	www.picktime.com
20	pagead2.googlesyndication.com	www.picktime.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
15	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
11	s0.2mdn.net	googleads.g.doubleclick.net s0.2mdn.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	io.pushfarm.com	www.picktime.com
3	lh3.googleusercontent.com	www.picktime.com
2	cdn.doubleverify.com	s0.2mdn.net www.picktime.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.gstatic.com	www.google.com googleads.g.doubleclick.net
2	www.google-analytics.com	www.picktime.com www.google-analytics.com
2	www.google.com	www.picktime.com tpc.googlesyndication.com
2	fonts.googleapis.com	www.picktime.com googleads.g.doubleclick.net
1	new-collect.albacross.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	cdnjs.cloudflare.com	s0.2mdn.net
1	sp.analytics.yahoo.com	googleads.g.doubleclick.net
1	sync.graph.bluecava.com	googleads.g.doubleclick.net
1	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	serve.albacross.com	www.picktime.com
1	ec2-54-202-43-228.us-west-2.compute.amazonaws.com	1 redirects
104	25

This site contains links to these domains. Also see Links.

Domain
www.halsagroup.co.uk

Subject Issuer	Validity	Valid
picktime.com GTS CA 1D4	`2022-09-17` - `2022-12-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.albacross.com Amazon	`2022-07-24` - `2023-08-22`	a year	crt.sh
gke.plansumo.com GTS CA 1D4	`2022-08-08` - `2022-11-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
*.bluecava.com R3	`2022-08-29` - `2022-11-27`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2023-02-01`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
Frame ID: 5DD0098085A1DE07CC856CBB0F2663BA
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20190131/zrt_lookup.html
Frame ID: 5CC5B9FD4663E7A17D260D47AF9A8393
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1363025071431070&output=html&adk=1812271804&adf=3025194257&lmt=1664371560&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.picktime.com%2F4675535a-96ef-44ef-b980-5e3063210c13&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664371559848&bpp=3&bdt=207&idt=259&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8310228453532&frm=20&pv=2&ga_vid=778070088.1664371560&ga_sid=1664371560&ga_hid=1978297106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44760911%2C44772928&oid=2&pvsid=3344133680304182&tmod=78497966&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=280
Frame ID: 26B3849F214304AA7B69B34389AD619E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1363025071431070&output=html&h=50&slotname=2387011145&adk=923108317&adf=1047655999&pi=t.ma~as.2387011145&w=320&lmt=1664371560&psa=0&format=320x50&url=https%3A%2F%2Fwww.picktime.com%2F4675535a-96ef-44ef-b980-5e3063210c13&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664371559851&bpp=1&bdt=211&idt=326&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8310228453532&frm=20&pv=1&ga_vid=778070088.1664371560&ga_sid=1664371560&ga_hid=1978297106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=644&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44760911%2C44772928&oid=2&pvsid=3344133680304182&tmod=78497966&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FnyZdaBdkq&p=https%3A//www.picktime.com&dtd=332
Frame ID: F56B908497AF96258F60B651EB89B11C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1363025071431070&output=html&h=90&slotname=8131605491&adk=2722224520&adf=859133316&pi=t.ma~as.8131605491&w=728&lmt=1664371560&psa=0&format=728x90&url=https%3A%2F%2Fwww.picktime.com%2F4675535a-96ef-44ef-b980-5e3063210c13&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664371559852&bpp=1&bdt=212&idt=344&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x50&nras=1&correlator=8310228453532&frm=20&pv=1&ga_vid=778070088.1664371560&ga_sid=1664371560&ga_hid=1978297106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44760911%2C44772928&oid=2&pvsid=3344133680304182&tmod=78497966&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Kx3tECIYkp&p=https%3A//www.picktime.com&dtd=348
Frame ID: F28DAD877A429AB2E2701D56137D678E
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: 2EE23D8922703D72AD5421467F0AEC9F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D5712276E3CC2650B2BA53857831E78E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16832671980124635136/index.html?e=69&leftOffset=0&topOffset=0&c=dwuwwDnRXl&t=1&renderingType=2&ev=01_247
Frame ID: 62BCABE38532ECF690CBFF029AEE633F
Requests: 15 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3094.js
Frame ID: 49D754482E28EC2FF8A9185397E1E897
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: B410391565A8E4D6DAFE0E791CA81287
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: 55EFACEA1AF5FC993C8EB1470A79247F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: 19031AB1EC4D45DFB41D59FD7D3C895B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DE893BAC4CFC158C1B268CD330A40A23
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 96F420FF255EDA92B78A9AE5BAD56CD4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Book an Appointment with Spinal Awareness Business Education Programme (Spinal Awareness Sessions) | Picktime

Page URL History Show full URLs

http://ec2-54-202-43-228.us-west-2.compute.amazonaws.com/x/d?c=24723051&l=988d5abe-4fdf-4d68-86e6-bb311ae32125&r=a00261c9-9a6... HTTP 302
https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13 Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

104
Requests

100 %
HTTPS

63 %
IPv6

18
Domains

25
Subdomains

24
IPs

2
Countries

1834 kB
Transfer

4775 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.halsagroup.co.uk/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ec2-54-202-43-228.us-west-2.compute.amazonaws.com/x/d?c=24723051&l=988d5abe-4fdf-4d68-86e6-bb311ae32125&r=a00261c9-9a60-46a8-9128-01eff55ac323 HTTP 302
https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

104 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 4675535a-96ef-44ef-b980-5e3063210c13 Show response
www.picktime.com/
Redirect Chain

http://ec2-54-202-43-228.us-west-2.compute.amazonaws.com/x/d?c=24723051&l=988d5abe-4fdf-4d68-86e6-bb311ae32125&r=a00261c9-9a60-46a8-9128-01eff55ac323
https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13

43 KB
13 KB

485ms
407ms

Document
text/html

34.120.107.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.107.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.107.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 809c94be09e23c5042ac84c783bf1fb5f63c3cd5001b3ab36088c0cefa35ed3f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: gzip
content-language: en-US
content-length: 12946
content-type: text/html;charset=utf-8
date: Wed, 28 Sep 2022 13:25:59 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: Google Frontend
vary: Accept-Encoding
via: 1.1 google
x-cloud-trace-context: a3273d2f5c54779ef85b66ea7bf8673e

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 178
Content-Type: text/html; charset=utf-8
Date: Wed, 28 Sep 2022 13:25:50 GMT
Location: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
57 KB 123ms
54ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bb95f54087278275abaf5505fc727483018aaa73eb90c2850a8c3cca5c533e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57610
x-xss-protection: 0
server: cafe
etag: 15886466126147055185
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 13:25:59 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 102ms
41ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700

Requested by

Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

355e5be3fe5a24203d02e3f20545718c7c35830b2ada4738fd6da98ef752a684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Sep 2022 13:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 12:54:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Sep 2022 13:25:59 GMT

GET
H2 200 fontello.css
www.picktime.com/fontello/css/ 8 KB
2 KB 61ms
59ms Stylesheet
text/css 34.120.107.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picktime.com/fontello/css/fontello.css?_=v22912v1
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.107.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.107.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: feffd365fb662b68c40b9a54d4d7bc8b7f1bcae30fa6e80e54197c82833a2ead

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:25:59 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
etag: "gW3-Wg"
content-type: text/css
x-cloud-trace-context: 2576102a90c5aed54dee0be56feae743
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Sep 2022 13:35:59 GMT

GET
H2 200 style.css
www.picktime.com/icomoon/ 1018 B
553 B 63ms
61ms Stylesheet
text/css 34.120.107.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picktime.com/icomoon/style.css?_=v22912v1
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.107.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.107.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 84ab93e86786e52d827b04bb83dd9533b1839206992e0185a617367f9da3b7e6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:25:59 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
etag: "gW3-Wg"
content-type: text/css
x-cloud-trace-context: bb223efa9e0ae82b274ed3a843bc2d4f
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Sep 2022 13:35:59 GMT

GET
H2 200 bookingPage.css
www.picktime.com/assets2/ 184 KB
38 KB 67ms
65ms Stylesheet
text/css 34.120.107.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picktime.com/assets2/bookingPage.css?_=v22912v1
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.107.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.107.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: d14f6f52c7d720265185f52120cc679bcdc6360b7b29e898e02af7f633acb9cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:25:59 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
etag: "gW3-Wg"
content-type: text/css
x-cloud-trace-context: 2576102a90c5aed54dee0be56feae743
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Sep 2022 13:35:59 GMT

GET
H2 200 KMMgJ5Jzy5Lz0M85XzeQmt97Au_HHKhUB4wWvtyRlHCPT6VYbts-xfYjlwdXVwbn3s5T6abtPOcPwGWoCZqEqpF9c71dYJGibcc
lh3.googleusercontent.com/ 37 KB
37 KB 318ms
255ms Image
image/png 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/KMMgJ5Jzy5Lz0M85XzeQmt97Au_HHKhUB4wWvtyRlHCPT6VYbts-xfYjlwdXVwbn3s5T6abtPOcPwGWoCZqEqpF9c71dYJGibcc

Requested by

Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

96a1c284f9cd8286f0c484460d15b3602e9bf60c0e5cf7d28540bec90edd86b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:25:59 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37379
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 28 Sep 2022 12:36:37 GMT

GET
H2 200 picktime-logo-128.png
www.picktime.com/images/ 2 KB
2 KB 81ms
81ms Image
image/png 34.120.107.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picktime.com/images/picktime-logo-128.png
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.107.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.107.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 3399248ce348e6ff9962b1a05df0056dfbc5fded9d36e2c2f3b8af8b7abf0562

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:25:59 GMT
via: 1.1 google
server: Google Frontend
etag: "gW3-Wg"
content-type: image/png
x-cloud-trace-context: 5685ed7e59d8abf3b352b8a70d3e095a
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Sep 2022 13:35:59 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 906 B
988 B 106ms
44ms Script
text/javascript 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=captchaLoad&render=explicit

Requested by

Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f1df454f2a3ab81dcb66a077dcda45520dbf382fbb6ccc18b20c5cbed52cbfa3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 575
x-xss-protection: 1; mode=block
expires: Wed, 28 Sep 2022 13:25:59 GMT

GET
H2 200 io.js Show response
www.picktime.com/assets2/ 61 KB
22 KB 68ms
67ms Script
application/javascript 34.120.107.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picktime.com/assets2/io.js
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.107.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.107.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e8a20c846e57c97ef4c323e8dc48e882ace5d76a8e838d362008935ae6424b75

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:25:59 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
etag: "gW3-Wg"
content-type: application/javascript
x-cloud-trace-context: 286e84ed746f55331b940d646db963e4
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Sep 2022 13:35:59 GMT

GET
H2 200 utils.js Show response
www.picktime.com/js/libphonenumber/build/ 230 KB
68 KB 81ms
80ms Script
application/javascript 34.120.107.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picktime.com/js/libphonenumber/build/utils.js?_=v22912v1
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.107.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.107.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 865fa8e124c4d36be6ea3a6f6a1c429a6411670d9256d6819e79d335c5b38264

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:25:59 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
etag: "gW3-Wg"
content-type: application/javascript
x-cloud-trace-context: 286e84ed746f55331b940d646db963e4
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Sep 2022 13:35:59 GMT

GET
H2 200 bookingPage.js Show response
www.picktime.com/assets2/ 968 KB
321 KB 98ms
98ms Script
application/javascript 34.120.107.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picktime.com/assets2/bookingPage.js?_=v22912v1
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.107.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.107.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: d24f614171936b7116a6bb6fd8a572de83194bb28f5500e49d70a4308db18451

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:25:59 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
etag: "gW3-Wg"
content-type: application/javascript
x-cloud-trace-context: caa53f3a3c077aea7cc737c3021b8f83
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Sep 2022 13:35:59 GMT

GET
H2 200 BpS7Wso16bZ9U3vXI5xwW1bVAMGy9vZ85v9GgD-szHI4FzPBRBsfq2gV1k1ufE1YTheEDg6S307rVH8Jo0vpoYk=s1000
lh3.googleusercontent.com/ 70 KB
70 KB 278ms
273ms Image
image/png 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/BpS7Wso16bZ9U3vXI5xwW1bVAMGy9vZ85v9GgD-szHI4FzPBRBsfq2gV1k1ufE1YTheEDg6S307rVH8Jo0vpoYk=s1000

Requested by

Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f33dece7d8820f4730f58a928d7a54562952be26c47d8c85b195912e877aa1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:00 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71903
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 28 Sep 2022 12:36:39 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 96ms
31ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.picktime.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 09:47:31 GMT
x-content-type-options: nosniff
age: 99508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 09:47:31 GMT

GET
H3 200 fontello.woff2
www.picktime.com/fontello/font/ 29 KB
29 KB 66ms
63ms Font
font/woff2 34.120.107.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picktime.com/fontello/font/fontello.woff2?97870095
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/fontello/css/fontello.css?_=v22912v1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.107.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.107.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 2b50baa7b4a50c50aef3a0242d5483e3c05c22a91268f1b737624aa937f7d101

Request headers

Referer: https://www.picktime.com/fontello/css/fontello.css?_=v22912v1
Origin: https://www.picktime.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:25:59 GMT
via: 1.1 google
server: Google Frontend
etag: "gW3-Wg"
content-type: font/woff2
x-cloud-trace-context: fa481c80c1dc2072348920fed1191274
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Sep 2022 13:35:59 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 39ms
27ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.picktime.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 21:45:17 GMT
x-content-type-options: nosniff
age: 142842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 21:45:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 89ms
26ms Script
text/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 12:34:58 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 3061
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Wed, 28 Sep 2022 14:34:58 GMT

GET
H/1.1 200
OK track.js Show response
serve.albacross.com/ 10 KB
5 KB 104ms
28ms Script
application/javascript 18.164.96.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://serve.albacross.com/track.js
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-9.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38fbe56978cc73ba5a5f8c85b360f71aca125c2cd850a3cd6c3683385e388702

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 13:24:57 GMT
Content-Encoding: gzip
Via: 1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
Last-Modified: Thu, 08 Apr 2021 13:13:21 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P5
Age: 63
ETag: W/"b769e9b4f23be6c9bab7c715fdf2526a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Cache-Control: max-age=120
Connection: keep-alive
X-Amz-Cf-Id: 5rfx2SiIrrqO6Jgs6nbPV0ulOxiUpO3d4Jnzq8excZWWDGzja48E-Q==

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ 389 KB
156 KB 91ms
26ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaLoad&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bec7e5a49219ef10544321dbd44f27849644f20623c16f05baeeeaa73e3b9332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.picktime.com/
Origin: https://www.picktime.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158844
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 12:00:25 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/ 347 KB
123 KB 115ms
60ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

decb5244666ae1d41e794fa3708671009f8f3bab893f588227f96eee68196cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125480
x-xss-protection: 0
server: cafe
etag: 12599545198129163646
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 13:25:59 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220922/r20190131/ Frame 5CC5 10 KB
5 KB 102ms
25ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220922/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.picktime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 27141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 05:53:38 GMT
etag: 9671129459699598864
expires: Wed, 12 Oct 2022 05:53:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
io.pushfarm.com/socket.io/ 99 B
328 B 140ms
57ms XHR
text/plain 34.111.99.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://io.pushfarm.com/socket.io/?token=09db9431-fef0-4123-83fb-f104634653e2&EIO=3&transport=polling&t=OE4Heum
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/assets2/io.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.99.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.99.111.34.bc.googleusercontent.com
Software: /
Resource Hash: affc7894c2800876b7c0be16cd89bbaf1c8a70e2afc26f8498131d7001578b03

Request headers

Accept: */*
Referer: https://www.picktime.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.picktime.com
date: Wed, 28 Sep 2022 13:26:00 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99
content-type: text/plain; charset=UTF-8

GET
H3 200 ring.gif
www.picktime.com/img/ 23 KB
23 KB 57ms
57ms Image
image/gif 34.120.107.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picktime.com/img/ring.gif
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/assets2/bookingPage.css?_=v22912v1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.107.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.107.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 08e5de388797d3432be5aeb94d79bcfd0b3a1da5adf492c4860b44dd6e71c1dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/assets2/bookingPage.css?_=v22912v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:00 GMT
via: 1.1 google
server: Google Frontend
etag: "gW3-Wg"
content-type: image/gif
x-cloud-trace-context: 9375e69ce83ca24a85dea9c02938ad05
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Sep 2022 13:36:00 GMT

GET
H3 200 bookingTemplate Show response
www.picktime.com/templates/app-v2/ 98 KB
98 KB 113ms
112ms XHR
text/html 34.120.107.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picktime.com/templates/app-v2/bookingTemplate?_=1664371559988
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/assets2/bookingPage.js?_=v22912v1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.107.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.107.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 954c4696a947fe0c18142796697bb739d58afe3091bec6cfddc86c7659734f26

Request headers

Accept: */*
Referer: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
browserId: 09db9431-fef0-4123-83fb-f104634653e2
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cloud-trace-context: 346f2e7d756f6e49e5120c5069752d48
date: Wed, 28 Sep 2022 13:26:00 GMT
via: 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100268
content-type: text/html

GET
H3 200 alert Show response
www.picktime.com/book/ 331 B
244 B 156ms
156ms XHR
application/json 34.120.107.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picktime.com/book/alert?accountKey=4675535a-96ef-44ef-b980-5e3063210c13&_=1664371559990
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/assets2/bookingPage.js?_=v22912v1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.107.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.107.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 8bc1731ee29c610500798986deb2d9a4aa78e1f16b140fb605cb7ecd9e25718f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
browserId: 09db9431-fef0-4123-83fb-f104634653e2
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 28 Sep 2022 13:26:00 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
vary: Accept-Encoding
content-type: application/json;charset=iso-8859-1
x-cloud-trace-context: 667d4a0320e8f3b69ceafa0b0e50cdcb
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 226

GET
H3 200 elipsis.svg
www.picktime.com/img/ 2 KB
461 B 63ms
63ms Image
image/svg+xml 34.120.107.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picktime.com/img/elipsis.svg
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.107.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.107.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: df681261b8d3255ec2cabd1714cd776e63ad043c8d40ab29c65fd30e4c5d779d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:00 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
etag: "gW3-Wg"
content-type: image/svg+xml
x-cloud-trace-context: 5ffc49e2bc39e06d6dc6d749515ea969
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Sep 2022 13:36:00 GMT

GET
H3 200 elipsis-pt.svg
www.picktime.com/img/ 2 KB
472 B 61ms
60ms Image
image/svg+xml 34.120.107.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picktime.com/img/elipsis-pt.svg
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.107.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.107.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e234f8d8637215046b5c9fb89b9234ebc850c5df7661ebc19afa7cd5a6aef476

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:00 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
etag: "gW3-Wg"
content-type: image/svg+xml
x-cloud-trace-context: 631b0f6da3fc2fcd88f7197be367ac6a
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Sep 2022 13:36:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 93ms
40ms XHR
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1978297106&t=pageview&_s=1&dl=https%3A%2F%2Fwww.picktime.com%2F4675535a-96ef-44ef-b980-5e3063210c13&ul=en-us&de=UTF-8&dt=Book%20an%20Appointment%20with%20Spinal%20Awareness%20Business%20Education%20Programme%20(Spinal%20Awareness%20Sessions)%20%7C%20Picktime&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1518431982&gjid=189076552&cid=778070088.1664371560&tid=UA-92294358-1&_gid=1389264797.1664371560&_r=1&_slc=1&z=1206455466

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.picktime.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 13:26:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.picktime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
698 B 110ms
44ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.picktime.com&callback=_gfp_s_&client=ca-pub-1363025071431070&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9477514418894f35bcfd22d2c23278a79ba0033cc7a81e0d0794292332850d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 131ms
59ms Script
application/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.picktime.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 85ms
85ms Image
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.picktime.com%2F4675535a-96ef-44ef-b980-5e3063210c13&tn=DIV&cls=block-page&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 13:26:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 85ms
85ms Image
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.picktime.com%2F4675535a-96ef-44ef-b980-5e3063210c13&tn=DIV&cls=block-page&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 13:26:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 26B3 0
19 B 173ms
117ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1363025071431070&output=html&adk=1812271804&adf=3025194257&lmt=1664371560&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.picktime.com%2F4675535a-96ef-44ef-b980-5e3063210c13&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664371559848&bpp=3&bdt=207&idt=259&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8310228453532&frm=20&pv=2&ga_vid=778070088.1664371560&ga_sid=1664371560&ga_hid=1978297106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44760911%2C44772928&oid=2&pvsid=3344133680304182&tmod=78497966&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=280

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.picktime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 13:26:00 GMT
expires: Wed, 28 Sep 2022 13:26:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F56B 100 KB
31 KB 594ms
590ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1363025071431070&output=html&h=50&slotname=2387011145&adk=923108317&adf=1047655999&pi=t.ma~as.2387011145&w=320&lmt=1664371560&psa=0&format=320x50&url=https%3A%2F%2Fwww.picktime.com%2F4675535a-96ef-44ef-b980-5e3063210c13&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664371559851&bpp=1&bdt=211&idt=326&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8310228453532&frm=20&pv=1&ga_vid=778070088.1664371560&ga_sid=1664371560&ga_hid=1978297106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=644&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44760911%2C44772928&oid=2&pvsid=3344133680304182&tmod=78497966&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FnyZdaBdkq&p=https%3A//www.picktime.com&dtd=332

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35e8a5f25f17b2db1fbf6c05e4abf226dcaf2e73e91ed4e849ecbd87077de518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.picktime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32092
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 13:26:00 GMT
expires: Wed, 28 Sep 2022 13:26:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
io.pushfarm.com/socket.io/ 4 B
19 B 113ms
56ms XHR
text/plain 34.111.99.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://io.pushfarm.com/socket.io/?token=09db9431-fef0-4123-83fb-f104634653e2&EIO=3&transport=polling&t=OE4Hexx&sid=020B_VkMKmoI7bRwBhgR
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/assets2/io.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.99.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.99.111.34.bc.googleusercontent.com
Software: /
Resource Hash: 3bce01fc760abe6234cbedd2b7cad5d697e7b8b380397c7d80afe13513253e33

Request headers

Accept: */*
Referer: https://www.picktime.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.picktime.com
date: Wed, 28 Sep 2022 13:26:00 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
content-type: text/plain; charset=UTF-8

GET
H3 200 getClassesForCurrentLocation Show response
www.picktime.com/book/ 46 B
82 B 139ms
138ms XHR
application/json 34.120.107.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picktime.com/book/getClassesForCurrentLocation?_=1664371560192&locationId=ef7b2e41-826e-47e3-8894-36e0301de97a&accountKey=4675535a-96ef-44ef-b980-5e3063210c13
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/assets2/bookingPage.js?_=v22912v1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.107.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.107.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: cf551dc78f8567ed1aff2029c34c7fbe050be3530e5f468c9f28545211bc1adf

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
browserId: 09db9431-fef0-4123-83fb-f104634653e2
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 28 Sep 2022 13:26:00 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
vary: Accept-Encoding
content-type: application/json;charset=iso-8859-1
x-cloud-trace-context: d133fac170d0aa6a8da132f3db36e9f9
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
440 B 110ms
39ms XHR
text/plain 2607:f8b0:4004:c17::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-92294358-1&cid=778070088.1664371560&jid=1518431982&gjid=189076552&_gid=1389264797.1664371560&_u=IEBAAAAAAAAAAC~&z=990018005

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.picktime.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Sep 2022 13:26:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.picktime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F28D 92 KB
37 KB 955ms
955ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1363025071431070&output=html&h=90&slotname=8131605491&adk=2722224520&adf=859133316&pi=t.ma~as.8131605491&w=728&lmt=1664371560&psa=0&format=728x90&url=https%3A%2F%2Fwww.picktime.com%2F4675535a-96ef-44ef-b980-5e3063210c13&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664371559852&bpp=1&bdt=212&idt=344&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x50&nras=1&correlator=8310228453532&frm=20&pv=1&ga_vid=778070088.1664371560&ga_sid=1664371560&ga_hid=1978297106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44760911%2C44772928&oid=2&pvsid=3344133680304182&tmod=78497966&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Kx3tECIYkp&p=https%3A//www.picktime.com&dtd=348

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

292b9e68543f0d3b735ca28ad4d3f428fc2c8b529bec9b58e8b04dd6b323c07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.picktime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 38144
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 13:26:01 GMT
expires: Wed, 28 Sep 2022 13:26:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 getClassesForCurrentLocation Show response
www.picktime.com/book/ 46 B
82 B 164ms
164ms XHR
application/json 34.120.107.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picktime.com/book/getClassesForCurrentLocation?_=1664371560204&locationId=ef7b2e41-826e-47e3-8894-36e0301de97a&accountKey=4675535a-96ef-44ef-b980-5e3063210c13
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/assets2/bookingPage.js?_=v22912v1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.107.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.107.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: cf551dc78f8567ed1aff2029c34c7fbe050be3530e5f468c9f28545211bc1adf

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
browserId: 09db9431-fef0-4123-83fb-f104634653e2
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 28 Sep 2022 13:26:00 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
vary: Accept-Encoding
content-type: application/json;charset=iso-8859-1
x-cloud-trace-context: c10407ddc9cba7162c0a7a6752a652d1
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64

GET
H3 200 / Show response
io.pushfarm.com/socket.io/ 3 B
18 B 155ms
154ms XHR
text/plain 34.111.99.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://io.pushfarm.com/socket.io/?token=09db9431-fef0-4123-83fb-f104634653e2&EIO=3&transport=polling&t=OE4Hezm&sid=020B_VkMKmoI7bRwBhgR
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/assets2/io.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.99.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.99.111.34.bc.googleusercontent.com
Software: /
Resource Hash: 62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0

Request headers

Accept: */*
Referer: https://www.picktime.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.picktime.com
date: Wed, 28 Sep 2022 13:26:00 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
content-type: text/plain; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 78ms
26ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.picktime.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 01:15:02 GMT
x-content-type-options: nosniff
age: 130258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12956
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:54:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 01:15:02 GMT

GET
H3 200 WWPp4y92qj0TZe8FcCZqdoFEVo6cbOyTGzgWWhjPjLdYVVXiuj1gvZZGyEkIyjXnYkslHMGC7ZYwNUOWFfbyVQ8=s50
lh3.googleusercontent.com/ 4 KB
4 KB 269ms
211ms Image
image/png 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/WWPp4y92qj0TZe8FcCZqdoFEVo6cbOyTGzgWWhjPjLdYVVXiuj1gvZZGyEkIyjXnYkslHMGC7ZYwNUOWFfbyVQ8=s50

Requested by

Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2ce543a45bcea22169848a952e2260b86827637379b6fc36ba2626d735bfa5ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:00 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3603
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 28 Sep 2022 12:36:47 GMT

GET
H3 200 picktime-logo-leftnav-footer.png
www.picktime.com/images/ 3 KB
3 KB 64ms
61ms Image
image/png 34.120.107.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picktime.com/images/picktime-logo-leftnav-footer.png
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.107.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.107.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 20a201f0a52091548b9fc3a9822f03e11170f24309c8584591c8a8e881591006

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:00 GMT
via: 1.1 google
server: Google Frontend
etag: "gW3-Wg"
content-type: image/png
x-cloud-trace-context: 16c31fa120ba53c5f8f207b6f7301eb3
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Sep 2022 13:36:00 GMT

GET
H3 200 fb-signin-button.png
www.picktime.com/img/login/ 3 KB
3 KB 69ms
67ms Image
image/png 34.120.107.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picktime.com/img/login/fb-signin-button.png
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.107.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.107.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: ea489b2a498db417e456f0dc3f5265cb44d446d406c30908566349f94d381152

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:00 GMT
via: 1.1 google
server: Google Frontend
etag: "gW3-Wg"
content-type: image/png
x-cloud-trace-context: fb96d4c49339f8473fb5ee20a87aaf06
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Sep 2022 13:36:00 GMT

GET
H3 200 google-signin-button.png
www.picktime.com/img/login/ 3 KB
3 KB 65ms
63ms Image
image/png 34.120.107.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picktime.com/img/login/google-signin-button.png
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.107.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.107.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 2a37188b53807f02f55622e617af10f3a0e5d53754a4655e85e3e53548803433

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:00 GMT
via: 1.1 google
server: Google Frontend
etag: "gW3-Wg"
content-type: image/png
x-cloud-trace-context: 7db8b666ccca65a9c43142d82d1158ca
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Sep 2022 13:36:00 GMT

GET
H3 200 fb-signup-button.png
www.picktime.com/img/login/ 3 KB
3 KB 66ms
65ms Image
image/png 34.120.107.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picktime.com/img/login/fb-signup-button.png
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.107.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.107.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e75f8674a689512cbef30b988e90f1e7a1ca321c6408617f694ee261fde8173d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:00 GMT
via: 1.1 google
server: Google Frontend
etag: "gW3-Wg"
content-type: image/png
x-cloud-trace-context: 1d4c72c5a3f5da74eb7963170ed2faab
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Sep 2022 13:36:00 GMT

GET
H3 200 google-signup-button.png
www.picktime.com/img/login/ 2 KB
2 KB 67ms
65ms Image
image/png 34.120.107.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picktime.com/img/login/google-signup-button.png
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.107.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.107.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 4f2ae3528e93d578e8eb49417cbd6ccc97426901b22f135bb7738a5d968639cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:00 GMT
via: 1.1 google
server: Google Frontend
etag: "gW3-Wg"
content-type: image/png
x-cloud-trace-context: eeeb9505531ae45e0c60810d1accb0df
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Sep 2022 13:36:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F56B 8 KB
895 B 96ms
42ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1363025071431070&output=html&h=50&slotname=2387011145&adk=923108317&adf=1047655999&pi=t.ma~as.2387011145&w=320&lmt=1664371560&psa=0&format=320x50&url=https%3A%2F%2Fwww.picktime.com%2F4675535a-96ef-44ef-b980-5e3063210c13&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664371559851&bpp=1&bdt=211&idt=326&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8310228453532&frm=20&pv=1&ga_vid=778070088.1664371560&ga_sid=1664371560&ga_hid=1978297106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=644&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44760911%2C44772928&oid=2&pvsid=3344133680304182&tmod=78497966&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FnyZdaBdkq&p=https%3A//www.picktime.com&dtd=332

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Sep 2022 13:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 13:05:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Sep 2022 13:26:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame F56B 2 KB
983 B 107ms
33ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:17:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 13:17:26 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame F56B 23 KB
10 KB 99ms
25ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:17:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 13:17:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame F56B 3 KB
1 KB 102ms
33ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 606
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 13:15:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame F56B 17 KB
7 KB 103ms
29ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 13:13:08 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F56B 0
0 68ms
68ms Fetch
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzeRiaEs0Y6KkDo6Lrr4PnI236A_E_MHSbNaYnNmrEGQQASDbvrZ-YMnujovApIwQoAGSmeCxAcgBCagDAcgDywSqBIYCT9D1V3aEJU6AMT-j2K3wcpzj2DUgUBWwBQEnmWD2hXl_GyXUv0ZtIXnuRFGwjsxPWOfBlGwgR0DUFq-Jb8bEqJUrp3Tzj-uhtcq7bAX0TXJXHmVShzbjes1yKtfScms3iS7jxVRqZc1H-qHC8SVTpal8J9k3_nGdg-XDfPdqyenJDPV02tTnKxd_WAmjc2-urO8zEPs23dmVYAZLgtEMe3svPe4p1-A68GiMIPn05546LIG-eTTwht9a2pmdjru4Z2gJsZ_ztAxpErQKnMC6VrpLOhDcZsDLYVI4c3dDJn8FWYFY9P9aK_wO7RcISX9rgrqsZtt-8tGE8GFI58hryY_nHoR-ZsAEiIHMo4AEkgUECAQYAZIFBAgFGASgBi6AB9bmn84CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ_6EU0ggPCIBhEAEYHzICigI6AoBAgAoByAsBmAzthb-N_gO4E4ME2BMO0BUBmBYBgBcBshccChoIABIUcHViLTEzNjMwMjUwNzE0MzEwNzAYAA&sigh=NWX-bEECbY4&uach_m=[UACH]&template_id=515

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1363025071431070&output=html&h=50&slotname=2387011145&adk=923108317&adf=1047655999&pi=t.ma~as.2387011145&w=320&lmt=1664371560&psa=0&format=320x50&url=https%3A%2F%2Fwww.picktime.com%2F4675535a-96ef-44ef-b980-5e3063210c13&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664371559851&bpp=1&bdt=211&idt=326&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8310228453532&frm=20&pv=1&ga_vid=778070088.1664371560&ga_sid=1664371560&ga_hid=1978297106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=644&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44760911%2C44772928&oid=2&pvsid=3344133680304182&tmod=78497966&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FnyZdaBdkq&p=https%3A//www.picktime.com&dtd=332
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 28 Sep 2022 13:26:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Sep 2022 13:26:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F56B 140 KB
44 KB 113ms
47ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 13:26:00 GMT

GET
H3 200 270cb447f650f22be90b4349b85576c2.js Show response
www.gstatic.com/mysidia/ Frame F56B 32 KB
13 KB 78ms
26ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 05:17:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13677
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 12:48:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Dec 2022 05:17:04 GMT

GET
H2 200 10795758537595168684
tpc.googlesyndication.com/simgad/ Frame F56B 5 KB
5 KB 108ms
47ms Image
image/png 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10795758537595168684?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa84d922ecabb4a660461fccdb7875aa027b419c07807bd78b247d4e30248868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:37:28 GMT
x-content-type-options: nosniff
age: 416912
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5079
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 20:26:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Sep 2023 17:37:28 GMT

GET
DATA 200
OK truncated
/ Frame F56B 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F56B 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F56B 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 622a59bbbc6f5ecf5cb3cd5e2d9e6c1d9ff4877f3e1f1a44d8955cc44c8583b1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame F56B 28 KB
28 KB 26ms
26ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 20:34:36 GMT
x-content-type-options: nosniff
age: 579085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 20:34:36 GMT

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame 2EE2 36 KB
16 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 03:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 03:30:26 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/ Frame F28D 6 KB
3 KB 28ms
27ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1363025071431070&output=html&h=90&slotname=8131605491&adk=2722224520&adf=859133316&pi=t.ma~as.8131605491&w=728&lmt=1664371560&psa=0&format=728x90&url=https%3A%2F%2Fwww.picktime.com%2F4675535a-96ef-44ef-b980-5e3063210c13&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664371559852&bpp=1&bdt=212&idt=344&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x50&nras=1&correlator=8310228453532&frm=20&pv=1&ga_vid=778070088.1664371560&ga_sid=1664371560&ga_hid=1978297106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44760911%2C44772928&oid=2&pvsid=3344133680304182&tmod=78497966&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Kx3tECIYkp&p=https%3A//www.picktime.com&dtd=348

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 20:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2640
x-xss-protection: 0
server: cafe
etag: 2603454828624189567
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 20:57:41 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame F28D 34 KB
14 KB 94ms
37ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b90e13ebc85d7fd3dc0e2665b491ad10fc544cf8bc57f76ed39459c0e02f2b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14190
x-xss-protection: 0
server: cafe
etag: 337214682915004451
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 13:25:13 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F28D 0
0 133ms
63ms Fetch
image/gif 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshs6e7j5nghZiQoRfPTvdtEdrQXLA5pt89WOBQyMDqjg2qfE-bE4tO9w21cPgwFaJ7nFa_2_ZofE1_EdVsfdM3-ckTrCJZdD_1HmjDAM_YN_O3kD7jRVQYtzpRDkBhAJNHD6ivUqiUai1u8YlMQvYpMIV76O7n75hHnWUpDTn64ckMzXbZme5ZYPQ_dILcXo5mNg6uQLVkZ1wd7QR7yOIFrTMfgxH8NdKeLN7n0ofIR_WvTRy1AOF5H9e-sP5LVsHqQzhmVKk226D3PHNW_mqCr686_7uGfnLnfIqcfIwJHvpP8TtNrKYHtvBt3Xp5C1hLUG8AAWyCHmHhVhq8NyA7yy81QTDuhQRP031EVdQlJrYtgU1tjv7mW1BMzE5vmfUE7zpM8ahrffOLXU63TQKL1zVrWx4P60mgxnN1BUMQB84iIA7fBOa15roT717NuK8MQz4dIR4uh8Fhltvp7r_9wY2e78aMycF6Zj_GY9OHhK7A7Yj30Qpy1VsKc4SVIlOV46HksqYQJrUObPk9XnYtPayJmeHDKTgaRJMeu3c1eiN_iPtf5y_qN0oFnIjhgWh-kJhl9YCmjOiXcIA8iSuU_Ygsmkb243aUC7g1k3fRzs3cpSFsyLGwhujfu3zE1fqvdSJkbRiDZPbjB2rWKW6ZhwTRQh6Ckp8jpum_mGj-vtfuAzkwzT8x_vwz14j7yEYM2kV-S0WyT0Rljyz_rlOujfCwsPkGb8IYTDFUkbtzkMdp1zhjAv3WoaGUPlxrVs3Om6s1NulzZSd2Hv2lN2oS3PazQZXEuT1LxTh-uTvuwrZxgmNpot5j603TGUvgLus_eRRc2dvlAhVnZeveTRtjita2JTyxyeE5SpQzUMuyH3by6MUwwo5f4P8CbgkVNFW7fQd64-mfCONYvt3WofiJAPaZ2NjNWXdLdtwA3fzs9xwJGhM_0miOOv559DDOq2V7UgP1UHb0m4hFiJ6HtxWSDQ-exsZeiI_aLsFLHhJtg8ykit57WvDFVLkSH4FhmsCw4VmETzzrIO38LL1LeB_zAIPvPPPrJsAMwhJ9&sai=AMfl-YRL_EeNO65mReQ1SE5MiP916FP2PdF013qoBfg0XFSS1IZnPKhQ4mPP7g&sig=Cg0ArKJSzMA5aINjJ0OnEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 28 Sep 2022 13:26:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame F28D 170 KB
59 KB 98ms
27ms Script
text/javascript 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 16:47:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74284
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Sep 2022 16:47:57 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F28D 41 KB
15 KB 93ms
45ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 22:12:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 22:12:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame F28D 3 KB
1 KB 73ms
25ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 13:24:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame F28D 17 KB
7 KB 74ms
27ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:25:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 13:25:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F28D 140 KB
44 KB 108ms
54ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 13:26:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame F28D 23 KB
9 KB 77ms
30ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 13:17:55 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D571 22 KB
8 KB 26ms
26ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 127594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 01:59:27 GMT
expires: Wed, 27 Sep 2023 01:59:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F28D 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0ddfbb37bed93d0254a8703c799020e34621891a2ce0238fd0715bd3f22e4e9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame F28D 8 KB
4 KB 143ms
28ms Script
application/javascript 2600:141b:7000:5a1::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=15929919&cmp=26904550&sid=1330369&plc=323019222&num=&adid=&advid=9921244&adsrv=1&btreg=533038201&btadsrv=doubleclick&crt=174635298&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:7000:5a1::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 13:26:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Sep 2022 15:59:20 GMT
Server: Microsoft-IIS/10.0
ETag: "0fc3bc740ccd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3314

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16832671980124635136/ Frame 62BC 5 KB
2 KB 97ms
43ms Document
text/html 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16832671980124635136/index.html?e=69&leftOffset=0&topOffset=0&c=dwuwwDnRXl&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e64d1964f67314316f69bbcb6f72e38e3a0ddb2ea6698ed4abec65b057f3a416

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1973
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 13:26:01 GMT
expires: Thu, 28 Sep 2023 13:26:01 GMT
last-modified: Mon, 04 Jul 2022 15:27:26 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 ds.png
sync.graph.bluecava.com/ Frame F28D 95 B
749 B 258ms
68ms Image
image/png 130.211.9.179
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.graph.bluecava.com/ds.png?p=9274e5db-ddcb-11ea-a80b-0242ac110002&segment=454417707a3eeb1187b842010a788008&uid=&CampaignID=5404C&Channel=Display&CreativeID=174635298&Placement=323019222&MAID=&Keyword=&Medium=&Source=&PageName=&Event=&Key1=&Key2=&Key3=&Key4=&Key5=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1363025071431070&output=html&h=90&slotname=8131605491&adk=2722224520&adf=859133316&pi=t.ma~as.8131605491&w=728&lmt=1664371560&psa=0&format=728x90&url=https%3A%2F%2Fwww.picktime.com%2F4675535a-96ef-44ef-b980-5e3063210c13&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664371559852&bpp=1&bdt=212&idt=344&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x50&nras=1&correlator=8310228453532&frm=20&pv=1&ga_vid=778070088.1664371560&ga_sid=1664371560&ga_hid=1978297106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44760911%2C44772928&oid=2&pvsid=3344133680304182&tmod=78497966&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Kx3tECIYkp&p=https%3A//www.picktime.com&dtd=348
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.9.179 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 179.9.211.130.bc.googleusercontent.com
Software: /
Resource Hash: d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 13:26:01 GMT
via: 1.1 google
content-type: image/png
access-control-allow-origin: *
p3p: CP="NON DSP LAW PSAo PSDo IVAo IVDo OTPo OUR SAMo BUS UNI PRE"
cache-control: no-cache, no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
expires: -1

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame F28D 43 B
632 B 88ms
19ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10100618&ea=EndemicRT

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 13:26:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Wed, 28 Sep 2022 13:26:01 GMT

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame D571 36 KB
16 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 03:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 03:30:26 GMT

GET
H3 200 katalyst_scrollbar.css
s0.2mdn.net/sadbundle/16832671980124635136/ Frame 62BC 1 KB
543 B 28ms
26ms Stylesheet
text/css 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16832671980124635136/katalyst_scrollbar.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16832671980124635136/index.html?e=69&leftOffset=0&topOffset=0&c=dwuwwDnRXl&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc74e2f5e537555a8aafce09efdd51efb076238448b2be9946fb8728e2e9b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16832671980124635136/index.html?e=69&leftOffset=0&topOffset=0&c=dwuwwDnRXl&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 23:39:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136018
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 514
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 15:27:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Sep 2023 23:39:03 GMT

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/16832671980124635136/ Frame 62BC 6 KB
2 KB 31ms
30ms Stylesheet
text/css 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16832671980124635136/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16832671980124635136/index.html?e=69&leftOffset=0&topOffset=0&c=dwuwwDnRXl&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03ff322267c5b8d72439278c39dfa472342303cb663ba8d4e02651ca834f0b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16832671980124635136/index.html?e=69&leftOffset=0&topOffset=0&c=dwuwwDnRXl&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 23:39:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136018
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1765
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 15:27:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Sep 2023 23:39:03 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 62BC 118 KB
40 KB 31ms
30ms Script
text/javascript 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16832671980124635136/index.html?e=69&leftOffset=0&topOffset=0&c=dwuwwDnRXl&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16832671980124635136/index.html?e=69&leftOffset=0&topOffset=0&c=dwuwwDnRXl&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 16:47:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Sep 2022 16:47:58 GMT

GET
H3 200 nurtec-logo.png
s0.2mdn.net/sadbundle/16832671980124635136/ Frame 62BC 5 KB
5 KB 28ms
27ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16832671980124635136/nurtec-logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16832671980124635136/index.html?e=69&leftOffset=0&topOffset=0&c=dwuwwDnRXl&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d2e5852ac6f1aafbd5f8a20e0252515904cabda81f042f3ee8a215c7f92a6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16832671980124635136/index.html?e=69&leftOffset=0&topOffset=0&c=dwuwwDnRXl&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 02:49:48 GMT
x-content-type-options: nosniff
age: 210973
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5578
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 15:27:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Sep 2023 02:49:48 GMT

GET
H3 200 verticle-line.png
s0.2mdn.net/sadbundle/16832671980124635136/ Frame 62BC 3 KB
3 KB 29ms
28ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16832671980124635136/verticle-line.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16832671980124635136/index.html?e=69&leftOffset=0&topOffset=0&c=dwuwwDnRXl&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

734e04cbe25c4ec4fa2fe5ee1cdeb5c48496b5136d864011efa6dc0c8533fc47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16832671980124635136/index.html?e=69&leftOffset=0&topOffset=0&c=dwuwwDnRXl&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 12:05:50 GMT
x-content-type-options: nosniff
age: 177611
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2816
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 15:27:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Sep 2023 12:05:50 GMT

GET
H3 200 biohaven-logo.png
s0.2mdn.net/sadbundle/16832671980124635136/ Frame 62BC 2 KB
2 KB 28ms
28ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16832671980124635136/biohaven-logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16832671980124635136/index.html?e=69&leftOffset=0&topOffset=0&c=dwuwwDnRXl&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

387b7277e9bd9044145e07ecd157b75229696984598bd122ab5bab910a05dfab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16832671980124635136/index.html?e=69&leftOffset=0&topOffset=0&c=dwuwwDnRXl&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 12:15:32 GMT
x-content-type-options: nosniff
age: 90629
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2237
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 15:27:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 12:15:32 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.6.0/ Frame 62BC 61 KB
22 KB 64ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.6.0/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16832671980124635136/index.html?e=69&leftOffset=0&topOffset=0&c=dwuwwDnRXl&t=1&renderingType=2&ev=01_247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ed6cb466bd654fe36c57faacb1c88ad4e2793087431d6ffc5366961a4c978f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 880195
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22265
last-modified: Tue, 12 Jan 2021 06:17:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ffd3ef5-f398"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2Fg11tn9U%2BTASZfiWIuUvuOCXgUwKwWDga084PJxZQJED92PO%2BzQ3T2jhzMTZFvNu1N3zk1bHOPv1rOvSWoAJe0aCFUcIbqSAtJdwB6IbxxLJFfah4nlXyRYzfDrnYhYyo0Im2HVB8UuFdudUpu9vlW6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 751ccef3ad08d153-BUF
expires: Mon, 18 Sep 2023 13:26:01 GMT

GET
H3 200 katalyst_scrollbar.min.js Show response
s0.2mdn.net/sadbundle/16832671980124635136/ Frame 62BC 7 KB
2 KB 26ms
26ms Script
application/x-javascript 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16832671980124635136/katalyst_scrollbar.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16832671980124635136/index.html?e=69&leftOffset=0&topOffset=0&c=dwuwwDnRXl&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a89a7afb1a6dd002138b13e1eb327b67a08f1bd084e8b89b5203ca6f117c94c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16832671980124635136/index.html?e=69&leftOffset=0&topOffset=0&c=dwuwwDnRXl&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1121
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1790
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 15:27:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 13:07:20 GMT

GET
H3 200 scripts.js Show response
s0.2mdn.net/sadbundle/16832671980124635136/ Frame 62BC 2 KB
696 B 27ms
26ms Script
application/x-javascript 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16832671980124635136/scripts.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16832671980124635136/index.html?e=69&leftOffset=0&topOffset=0&c=dwuwwDnRXl&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a69085dae7c57283a9e1f9385b37609aabb4131d5d3d301159dbb2f4f2688dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16832671980124635136/index.html?e=69&leftOffset=0&topOffset=0&c=dwuwwDnRXl&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 15:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 667
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 15:27:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 15:14:48 GMT

GET
H/1.1 200
OK dv-measurements3094.js Show response
cdn.doubleverify.com/ Frame 49D7 545 KB
105 KB 30ms
30ms Script
application/javascript 2600:141b:7000:5a1::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3094.js
Requested by: Host: www.picktime.com
URL: https://www.picktime.com/4675535a-96ef-44ef-b980-5e3063210c13
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:7000:5a1::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 13:26:01 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Sep 2022 19:04:54 GMT
Server: Microsoft-IIS/10.0
ETag: "0cf338991cbd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106974

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D571 0
20 B 89ms
88ms Image
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Be3GfaEs0Y5bcDpCyhAX1_qioDAAAAAA4AeAEAg&bg=!KyilKGzNAAYIxsuQKMY7ACkAdvg8WhkQYB2wnGfTeKL15OcuLHygetCjcxpgXblQSVBUdtR8MSEz8QIAAABiUgAAAAJoAQcKAGqOxgWTsu8-Vg3Q7S_KEaBoOjSB4xXvea6ih1wfcySe3R644QCtBcXFk3zy6kEOyyYx68bToOQ3Hai8tEciEWl-NLlMTYS_sSCx67W9aVfzfS6N8O0Y40I0ZoaJC0iQIWMiZZkXsylGBjbtmQLE6BtVn_j3B4z31tNwfdRg0hrZkAISk2lM8vmtlWl4hVnZYj6GCOiGRPyE098S0U6jwkBaOnoeYwg1SbftxaeJ_rBI4Km5ZY-3ZA9JX0dtiP2jgWk-msVeNFtt4fioaYTwAkZdgvitcjYvK95vhhkfOv8--NxEL7CJ2hGC7jTQsXJY6EDZcFj4dSv7f8GF9Ptbut8zvwLLQgMczSGlFRSkARGKr1EPXuY5_R2d83bxn1LJSDcvofWRB7aGhdfmIkmCnL4d8oE0KoVjGkSJqcxhfwZVxzJXPPlTC4bJ2P3HYbtOc_fDgb4AOzpthM8tsz3ZShyqP47sR0OcjAEuTzktsrrdUxvTviIRqXltM0ptIDcMwe7azzdAZloIa2hD3WA-sChw2q-dvHHlld9DChrO5NXO5W51Nvlbt_XZVXvocBaMlIBsYgGlA0ghsIv8fCWq8CCcpuE9beCrqdi8uyVfUq7a1DI1Gr_o0AlCklTAhb5zbRIDxjUDKnsB5uU5OWSd1GJ0hj4W4UGF-XTclbLCO_Pkhaet78V_6rLEAg_-JoHSrrhiiGD7cPi68DToOUSJB9bBBinsM_aqFGSKoDEKBB0mENmEQJ21mRYaFUdlAVkWIxqd6MBVyPReBdRS0qbiQpDH6i4agvJRmOog-MA_exgquUNFCnbLEQR5DBL6zr2j3aai1XY0-cMC0XFQWBZh2QM2E6CDjugMTbqcLGImQdjF1vd304b24BC0fnwVuEbdY7vIosdfM1urlK9r1KKCC5DY8o4drU-cuL-zhJ6nRRqjd2NpUg3sdfrJnQUP-Gc_u-PQ-eq468Dej-oX1Qk4yTbcHi9-orX3B4etsn-wfigaoDynAUV2glCDo1lrY4wo8neaRAguEv45s9q4EchdUpNKbtzaUtp-wnv8E2K_2nV03IuQ0V-wAnoLTDz_VpYhXTyf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 13:26:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 background.png
s0.2mdn.net/sadbundle/16832671980124635136/ Frame 62BC 13 KB
13 KB 26ms
26ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16832671980124635136/background.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16832671980124635136/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd52bef15563e42a0ad462b20eb0f36a3ecffb0be9345d89334c360f31ae783d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16832671980124635136/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:07:20 GMT
x-content-type-options: nosniff
age: 1121
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13276
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 15:27:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 13:07:20 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 62BC 7 KB
6 KB 97ms
44ms XHR
application/json 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27d6dbee65daaed172d41c1be0fdbc3de4dafc79b80b0f37cce567981c93ffcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5651
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 62BC 7 KB
6 KB 87ms
50ms XHR
application/json 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b51544d1724feb9bee805680e9efc0e0876cb17a41b4074b49760de19ba6b6bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5617
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 62BC 7 KB
6 KB 84ms
47ms XHR
application/json 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb0004a9d6db32210f48a143acabddc5a6db149630efc389b638db6835893548

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5619
x-xss-protection: 0

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 49D7 724 B
721 B 293ms
52ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=110&ttfrms=28&brid=3&brver=106.0.5249.61&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DA%3A4%3CE%3A%3E6%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DA%3A4%3CE%3A%3E6%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6EU2%26C%3Dl9EEADTbpTauTauHHH%5DA%3A4%3CE%3A%3E6%5D4%40%3ETaucefddbd2%5Che67%5Ccc67%5C3hg_%5Cd6b_eba%60_4%60b&srcurlD=0&aUrlD=-1&ssl=https:&dfs=1145&ddur=145&uid=1664371561632653&jsCallback=dvCallback_1664371561632618&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.61%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3094&tgjsver=3094&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1363025071431070%26output%3Dhtml%26h%3D90%26slotname%3D8131605491%26adk%3D2722224520%26adf%3D859133316%26pi%3Dt.ma~as.8131605491%26w%3D728%26lmt%3D1664371560%26psa%3D0%26format%3D728x90%26url%3Dhttps%253A%252F%252Fwww.picktime.com%252F4675535a-96ef-44ef-b980-5e3063210c13%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1664371559852%26bpp%3D1%26bdt%3D212%26idt%3D344%26shv%3Dr20220922%26mjsv%3Dm202209220101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C320x50%26nras%3D1%26correlator%3D8310228453532%26frm%3D20%26pv%3D1%26ga_vid%3D778070088.1664371560%26ga_sid%3D1664371560%26ga_hid%3D1978297106%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D440%26ady%3D1110%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C42531705%252C44760911%252C44772928%26oid%3D2%26pvsid%3D3344133680304182%26tmod%3D78497966%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CfE%257C%26abl%3DCF%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DKx3tECIYkp%26p%3Dhttps%253A%2F%2Fwww.picktime.com%26dtd%3D348&fcifrms=6&brh=2&sdf=2&dvp_epl=295&noc=4&nav_pltfrm=Win32&ctx=15929919&cmp=26904550&sid=1330369&plc=323019222&crt=174635298&btreg=533038201&btadsrv=doubleclick&adsrv=1&advid=9921244&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=7132228492.047979&dvp_tukv=7304550734.656111&dvp_uuid=276836709645.0847&dvp_strhd=0.6999999284744263&dvpx_strhd=0.6999999284744263&dvp_tuid=1327362525903
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 26bb525704f39f6dda8590c949487569bec59be3108797dc0808631633527709

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 13:26:01 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 09/27/2022 13:26:01

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 62BC 17 KB
6 KB 54ms
54ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 13:26:01 GMT

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame B410 36 KB
16 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 03:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 03:30:26 GMT

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame 55EF 36 KB
16 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 03:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 03:30:26 GMT

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame 1903 36 KB
16 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 03:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 03:30:26 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 50ms
49ms XHR
application/json 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220922&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ce44f983a970ac9e665245455fc4bdac953689f1f9fa2e35101423b61445cfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11146
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 65ms
65ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 13:26:02 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F56B 42 B
64 B 91ms
90ms Fetch
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHS7cIBlxFQhutV800qo6xuLpoAYu9O1NhhpOJuX3NE8c8rXPwFS8RPv57kOz0MQaPx-Ui3DD3Q9JnUBhFOgzy0GJkdMazWD5xbUB-XAQRJ1YpD7hPOH5Wdw_Xu9M0c0O0lT7AExlhDAyI4hmfYjdlGbnW9qaM4dTwg0TqLHA4leqmqPHJsrvMONfG12zwicW1fwrBJxuUpdAII2tbzN9CdJd1KvEIDeB5WbhPEJagYQo0WCyHwW8n0pKYW6C-CK1ip8KkLFfaQkEW0R1i1caYlygIQYJfcmv5IpkzBwD51I-iYMjcfp93WZjHnWumy2zP41zsdQYA3Z2WaB_b5SAZ9iwfwOpr1HkMJFWsdmJdiJemIM1DdlKtvpHqVl7baxUUCVP7BxMuPSnxMip_ffXThhbx1EvHLf-3OySa--9Zz-2a-ert4EH27xeAIInGLgb7Czu-UHvU6DeG8ZqWrsQ-IW3iRFbDi1jwbsAnlmrXYqZq6tl8aa-UIRbckxPQy8AIU5sV5FvwFbcHjHxinv_-w8xYowdnj7Sw7odQgfLgG_UG4FiOuOtWmCQ-3CnpLO3wxsh11O75vvE9HStopq6yJyEHaW30DoA6aUUaFo5M9OExyNonChyOGF_AEYFVvdGTxJ3un73szbsB-9hU9R6Ua4Gqme93PcM4qeSJjPqqAFNKhk1HgaAicGnoL5P8936KoKu9gw8VThH-i1lsddT63h3Um3eLQeEbH6uZ75rfxz_VjNSSmaPykQK3kNa8ltulIhZuRGhJNa03FA0ikLKyy0720PgT228Z7EqoMaWI4pWaNmwVQqV5rHVn_LmLMAVP2OLYyWR7I7gAVGISGYBZEDR1BRPdYNA41RzIerQMf4hmtbkuFCxbHKyUKbVNj8mY1XN31zJqbhzfDitQnwReq7iuGFF-vXSyOlchSgHhOO2PZOCBUwEyb3VWywZ-tLeAm08h98ohHv7IkWb4XOX46S6ckM3DAySI8y78B6UWVmj6ZOV76MTokLSxUOqkaUAXjSK8louUAooNLFVG5nuU6ikKav3DwMjfwZO8v8Q0VJaYZfQVsSjqFPAHNReINT-svpOuCRABheJKPy2Leje9zmzGNRpKBg&sai=AMfl-YS3ztX7purTtQk34jj2NMBtvhMVwKqrMw1BNClq4AjpI8g2eI4VCREll9BPtb6jBJ0TZSZDyEAJAVwS1rbsVc6fPN1UoHrPsG9E&sig=Cg0ArKJSzOu8iwK8_e2vEAE&id=lidar2&mcvt=1001&p=0,0,50,320&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220926&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=923108317&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664371560184&rpt=808&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 13:26:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DE89 13 KB
5 KB 28ms
26ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.picktime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 34834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 03:45:28 GMT
expires: Thu, 28 Sep 2023 03:45:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 96F4 783 B
536 B 101ms
47ms Document
text/html 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1f589efd5ad06f28ee81ec7821052f37a3417fe2bfc484a28706fcb7ebc9183d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CtkI_8GmoL087jO1q41v1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.picktime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-CtkI_8GmoL087jO1q41v1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 13:26:02 GMT
expires: Wed, 28 Sep 2022 13:26:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame DE89 36 KB
16 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 03:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 03:30:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 96F4 0
0 84ms
84ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220922&jk=3344133680304182&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DE89 0
10 B 27ms
26ms Image
text/plain 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9KYEuA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 89ms
89ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220922&jk=3344133680304182&bg=!iIuli8_NAAYIxsuQKMY7ACkAdvg8WqDx3SvGlxFYB_p9ygir1xx2zx-u7E4GCUIKQfPNGnMLfuFfwAIAAABfUgAAAAJoAQcKAOYAj57QexOllQ315G-G_ee1agG20dk9cjaNV8r5sLgxUglFaqeV0ZmxlXzG1-DmtdA2DdPzMWNbgbGpMicv4I7-ZqYTxPQ26g1p73IJTqtF2-llF4YrBmqcQhjR05uncLXageXY9ouyxQWXRRNbT-5l58UrO1Phuyw_Ma1YuudqiQCwrwfq-PAGoCYxk-fQ-ztFP7W46jCNqjNJiO9yhRxst6z9r3Kc9FuUAwGEwqQA0zcCGDTeFpP8iy4bFxyv4tHFyH2cwLUoPIrjSlwsgZayuvNdEL7K71q55n9okyHoTtv1T5K_J5kCrFV7jeswk9lE-3EW3lpUZ8AensxbgRmN9F1wuOUHBMtscP7y6zPNk7zvcIMEeZz9mAPVV23acIQOePyIhbFDlJgdMrTEaYUzHFDkbGG57tEbRhYduTaJ8NTG69XltMJNFBHJNZkOEsvNcsmvIf3868w8v2c94nO9gWu-eLGfDQZz-zGJB8CC5VFcdjC1N51Wjh18nukpnkPASg1kSQF6hI6Shqu8V1YII5ycTJOX6UX7jS2pSsuM5XVYHzfDUTjewlmWzUzoAQbxCaJ8YeG8y5j5WiwRBH0Tjx2SRKFH70aRIixsTs98pbNI_6Lk9dXRqLcfJ-bSpjWWkUoxpcQ4H8CUb7NnTwzslo6x0z6zih9TOhjET7xDY556mpTF0zJ0gu-T1pdRj-vCCIvme9924VdkQMj3kfw8EWGWw9eDCPXItkSbk3rzxa8jQ5AWOSLK3WtFUPT8f3ZYiT8BGMsKyDjqjEdK2jAYDoXFRAipXz7OqNlZxi3KV_hOw-4DVkpbNbqF3NmM9PZgT3ehDSBDaeOOspVqLBgEJFuEkFXXKPvUFeKQPOUv3c9GpSbmNyewmf_JXj1R8F8kKTI0oODoa2gnkjTmU8kcZl-bS96SwxqaAQb-tE5ezXSsNceYDVKKqzaqUNE5T_h851GXQUSQw8B0nnXJkva1o_VHgZXrHTWOyze4FxTDGpIItwTjEEhfjZy3yZWWOO3cdio73903kpB_UyOMV8GCzT1SR9B0oD6irdxYhyAfWkP0MEYKeiIvv3H_FWo-VJUv0XLvEKjJwypR-R8efNL6WfRNaEREcVjS0uoj4pSXY5EAgp6TfdoIZwFEwAtT5spt6ZddU7kEpc7lmyX7LDvEisWCBa6xICkPk205aU11L-PKnUN9gWDGT4eW_atDdJP7DW2g6A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F28D 42 B
64 B 92ms
92ms Fetch
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhXxtAqGCEHAHY7cp-xCJTI6o7-HhjmpcdwDpiDMfRVn6nN8__AlCSFsmq1h7VJaFoWi3qMUtiUiiRyMv-VwEjDK5SFGzLGoSaNi4op-IEh2QtoHG6jA-gpz2uwmmn0I3PEq3KYfSy9ye9Lyshwlt8ZNdqtuNtQE2U42nB9l4Rr0JjM9X_wSau7mAhBehZWuCv9r6aY9KOjEM61kbNc2XUy21WNEvLVZS6pqukETcAYmdx67F4eQoO7ROQETZvBrIPV3optqdAs4QA2G8lceNWPa_ql7nEQZDstKcq5BRnpfK5Ih2HraynLlyICp8qOyLVSHBJag8GBF6tUpjuFwwePPZu85bA1iN8lI8pFp21bByj9TSV4PAct2yZb6rLVdgVrclgGZ6FdO369FhqgH_FfmOdbNrjUZX3E3mnQuqajCar2UekM3oLnHG5BWdzb71zIh2GiySre5V-GRNnQJLNdluuwWUnB6oHDoLViUlK9JQeBxbJ0c6Mg1ROR0T0cQtOzpKnNsuRmIVTrDsuaLtOPfF88FFvdzu5a6exoRdYajvbkxo4JftK6SW_agBImMUGmQSoqGB9eZhuQSflcYPCaTMnW2a05zeF3ENzXpTtum-tLe-ai06s4vmWVRyG3Dh3ibwEw9RgU4KgIibFBVCbSgl8YbNy5Wk2kxuVH1XQL22pVf478UrGldMeg5YpFBVyhpt6VEWKYndgxyZJLbFjdSK4R5fyzqrYPG-JQR0m9UF_lM62iUfjws8tUpin9IHfDacLFPMORScKJYBi64kJ0Wsfue5URVfKhKTrrBDyB-Q5SdAA0lZPvKupkcTKi3zLEgSsvNSNIVR7Bk0LPseHe_g1rya7qWMEQ1h3nbgBC9Pq5rmZykqGvSP7Hrru42xNwlCO_Q8xjwqWgTXAaNrS7g9HSWS8r_c7dfJPc1yHjhkhFjzPkSfVI1QMCs4-7i49IKoPzG2xcBhSzgm85_-LlUH75Bv0U_60mFH72DPuNBZyXU8HoC8auNJOAvT8yD1tPi6Qo3OYI6IzAQaBQBJQTpN2j1KMjtviUgLL3h8EyaC6K7o&sai=AMfl-YT_8F-zNY4F-hB70t9PUdWDozkYwWiH-nsSniz2wcsLIBF933asKggx09xFckQCebh3tVZKUhHX4N4WviiK63w754x4OJ2iIv42kro&sig=Cg0ArKJSzO40oeFqL6YgEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220926&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2722224520&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664371560201&rpt=1741&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 13:26:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e.gif
new-collect.albacross.com/ 37 B
103 B 335ms
105ms Image
image/gif 52.19.221.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.1&e0=pageview&ci0=21404e40-9b90-09a0-fe6b-cde32065d43d&v0=bb1ea552-d1be-7c0d-ad9d-115e3c61a209&p0=f675273d-2586-1b02-ea20-a20e838b146e&u0=f675273d-2586-1b02-ea20-a20e838b146e&c0=89976480&t0=1664371560059&ur0=https%3A%2F%2Fwww.picktime.com%2F4675535a-96ef-44ef-b980-5e3063210c13&ti0=Book%20an%20Appointment%20with%20Spinal%20Awareness%20Business%20Education%20Programme%20(Spinal%20Awareness%20Sessions)%20%7C%20Picktime&re0=1600&re0=1200&o0=landscape-primary&e1=pageview_ping&ci1=21404e40-9b90-09a0-fe6b-cde32065d43d&v1=bb1ea552-d1be-7c0d-ad9d-115e3c61a209&p1=f675273d-2586-1b02-ea20-a20e838b146e&u1=8487ab8d-bd05-a770-28e6-634fb477c6e3&c1=89976480&t1=1664371560060&li1=1664371560056&e2=pageview_ping&ci2=21404e40-9b90-09a0-fe6b-cde32065d43d&v2=bb1ea552-d1be-7c0d-ad9d-115e3c61a209&p2=f675273d-2586-1b02-ea20-a20e838b146e&u2=68347b0c-5fa2-a273-7409-674485feb12d&c2=89976480&t2=1664371560061&li2=1664371560056
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.221.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-221-177.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.picktime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:26:03 GMT
content-length: 37
content-type: image/gif

Verdicts & Comments Add Verdict or Comment

227 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.picktime.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 5R9oJGiHGYCO6spU3zKDAw
.picktime.com/	1970-01-20 15:55:31	Name: _ga Value: GA1.2.778070088.1664371560
.picktime.com/	1970-01-20 06:20:57	Name: _gid Value: GA1.2.1389264797.1664371560
.picktime.com/	1970-01-20 06:19:31	Name: _gat Value: 1
www.picktime.com/	1970-01-20 15:05:07	Name: nQ_cookieId Value: 21404e40-9b90-09a0-fe6b-cde32065d43d
www.picktime.com/	1970-01-20 06:19:33	Name: nQ_userVisitId Value: bb1ea552-d1be-7c0d-ad9d-115e3c61a209
.picktime.com/	1970-01-20 15:41:07	Name: __gads Value: ID=a8ad96dec58129e8-22923bcd50d70030:T=1664371560:RT=1664371560:S=ALNI_Ma7hNt8ruT7Wi7-kcFNKSiKwxvOHw
.picktime.com/	1970-01-20 15:41:07	Name: __gpi Value: UID=00000870f1aa2fbf:T=1664371560:RT=1664371560:S=ALNI_Mb0skSXccudKNRnXOlDnGjHSpY6BQ
.doubleclick.net/	1970-01-20 15:55:31	Name: IDE Value: AHWqTUm0LJkILevq9aFuwGN8W5sxl6wgTjDj0OxC9RFNAQ0hZ8X4VNfqHeWeAg-2l4c
.doubleclick.net/	1970-01-20 06:19:32	Name: test_cookie Value: CheckForPermission
.yahoo.com/	1970-01-20 15:05:29	Name: A3 Value: d=AQABBGlLNGMCELyoaVn9XFt5sz3bL4l1tZ4FEgEBAQGcNWM-YwAAAAAA_eMAAA&S=AQAAAkgODixFvpje2pAd_Uv0lq8
.bluecava.com/	1970-01-20 07:45:55	Name: lv Value: 2022-09-28 13:26:01Z
.bluecava.com/	1970-01-20 07:45:55	Name: acx Value: dhttx\|^YAn5Ig==\|oKC7/FSh2gg=\|$ipatx\|^YAn5Ig==\|SqG7/FSh2gg=\|$lipx\|^2022-09-28 13:26:01Z\|$pt\|^H4sIAGlLNGMA/6uuBQBDv6ajAgAAAA==
.bluecava.com/	1970-01-20 07:45:55	Name: idx Value: dxx\|^eb1c5f8f-6a09-4439-957b-3c2c397bf549\|$mx\|^71c842e4-83ca-46b2-ba99-f0170e65f845

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
cdn.doubleverify.com
cdnjs.cloudflare.com
ec2-54-202-43-228.us-west-2.compute.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
io.pushfarm.com
lh3.googleusercontent.com
new-collect.albacross.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
serve.albacross.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
sync.graph.bluecava.com
tpc.googlesyndication.com
tps.doubleverify.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.picktime.com
130.211.9.179
142.251.40.130
18.164.96.9
2600:141b:7000:5a1::4469
2606:4700::6811:190e
2607:f8b0:4004:c17::9d
2607:f8b0:4006:80b::2004
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::2006
2607:f8b0:4006:80f::200a
2607:f8b0:4006:816::2002
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81e::2001
2607:f8b0:4006:81e::2003
2607:f8b0:4006:821::2002
2607:f8b0:4006:824::2003
34.111.99.112
34.117.228.201
34.120.107.5
52.19.221.177
54.202.43.228
76.13.32.146
03ff322267c5b8d72439278c39dfa472342303cb663ba8d4e02651ca834f0b62
08e5de388797d3432be5aeb94d79bcfd0b3a1da5adf492c4860b44dd6e71c1dd
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1ce44f983a970ac9e665245455fc4bdac953689f1f9fa2e35101423b61445cfe
1f589efd5ad06f28ee81ec7821052f37a3417fe2bfc484a28706fcb7ebc9183d
20a201f0a52091548b9fc3a9822f03e11170f24309c8584591c8a8e881591006
26bb525704f39f6dda8590c949487569bec59be3108797dc0808631633527709
27d6dbee65daaed172d41c1be0fdbc3de4dafc79b80b0f37cce567981c93ffcc
292b9e68543f0d3b735ca28ad4d3f428fc2c8b529bec9b58e8b04dd6b323c07a
2a37188b53807f02f55622e617af10f3a0e5d53754a4655e85e3e53548803433
2a89a7afb1a6dd002138b13e1eb327b67a08f1bd084e8b89b5203ca6f117c94c
2b50baa7b4a50c50aef3a0242d5483e3c05c22a91268f1b737624aa937f7d101
2ce543a45bcea22169848a952e2260b86827637379b6fc36ba2626d735bfa5ba
3399248ce348e6ff9962b1a05df0056dfbc5fded9d36e2c2f3b8af8b7abf0562
355e5be3fe5a24203d02e3f20545718c7c35830b2ada4738fd6da98ef752a684
35e8a5f25f17b2db1fbf6c05e4abf226dcaf2e73e91ed4e849ecbd87077de518
387b7277e9bd9044145e07ecd157b75229696984598bd122ab5bab910a05dfab
38fbe56978cc73ba5a5f8c85b360f71aca125c2cd850a3cd6c3683385e388702
3bc74e2f5e537555a8aafce09efdd51efb076238448b2be9946fb8728e2e9b9b
3bce01fc760abe6234cbedd2b7cad5d697e7b8b380397c7d80afe13513253e33
49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b90e13ebc85d7fd3dc0e2665b491ad10fc544cf8bc57f76ed39459c0e02f2b8
4bb95f54087278275abaf5505fc727483018aaa73eb90c2850a8c3cca5c533e3
4f2ae3528e93d578e8eb49417cbd6ccc97426901b22f135bb7738a5d968639cc
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622a59bbbc6f5ecf5cb3cd5e2d9e6c1d9ff4877f3e1f1a44d8955cc44c8583b1
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
6a69085dae7c57283a9e1f9385b37609aabb4131d5d3d301159dbb2f4f2688dd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f33dece7d8820f4730f58a928d7a54562952be26c47d8c85b195912e877aa1f
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
734e04cbe25c4ec4fa2fe5ee1cdeb5c48496b5136d864011efa6dc0c8533fc47
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
809c94be09e23c5042ac84c783bf1fb5f63c3cd5001b3ab36088c0cefa35ed3f
84ab93e86786e52d827b04bb83dd9533b1839206992e0185a617367f9da3b7e6
865fa8e124c4d36be6ea3a6f6a1c429a6411670d9256d6819e79d335c5b38264
887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bc1731ee29c610500798986deb2d9a4aa78e1f16b140fb605cb7ecd9e25718f
8d2e5852ac6f1aafbd5f8a20e0252515904cabda81f042f3ee8a215c7f92a6f2
9477514418894f35bcfd22d2c23278a79ba0033cc7a81e0d0794292332850d4a
954c4696a947fe0c18142796697bb739d58afe3091bec6cfddc86c7659734f26
96a1c284f9cd8286f0c484460d15b3602e9bf60c0e5cf7d28540bec90edd86b1
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
a0ddfbb37bed93d0254a8703c799020e34621891a2ce0238fd0715bd3f22e4e9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aa84d922ecabb4a660461fccdb7875aa027b419c07807bd78b247d4e30248868
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
affc7894c2800876b7c0be16cd89bbaf1c8a70e2afc26f8498131d7001578b03
b51544d1724feb9bee805680e9efc0e0876cb17a41b4074b49760de19ba6b6bf
bd52bef15563e42a0ad462b20eb0f36a3ecffb0be9345d89334c360f31ae783d
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bec7e5a49219ef10544321dbd44f27849644f20623c16f05baeeeaa73e3b9332
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
cb0004a9d6db32210f48a143acabddc5a6db149630efc389b638db6835893548
cf551dc78f8567ed1aff2029c34c7fbe050be3530e5f468c9f28545211bc1adf
d14f6f52c7d720265185f52120cc679bcdc6360b7b29e898e02af7f633acb9cf
d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c
d24f614171936b7116a6bb6fd8a572de83194bb28f5500e49d70a4308db18451
d3ed6cb466bd654fe36c57faacb1c88ad4e2793087431d6ffc5366961a4c978f
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
decb5244666ae1d41e794fa3708671009f8f3bab893f588227f96eee68196cd1
df681261b8d3255ec2cabd1714cd776e63ad043c8d40ab29c65fd30e4c5d779d
e234f8d8637215046b5c9fb89b9234ebc850c5df7661ebc19afa7cd5a6aef476
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64d1964f67314316f69bbcb6f72e38e3a0ddb2ea6698ed4abec65b057f3a416
e75f8674a689512cbef30b988e90f1e7a1ca321c6408617f694ee261fde8173d
e8a20c846e57c97ef4c323e8dc48e882ace5d76a8e838d362008935ae6424b75
ea489b2a498db417e456f0dc3f5265cb44d446d406c30908566349f94d381152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1df454f2a3ab81dcb66a077dcda45520dbf382fbb6ccc18b20c5cbed52cbfa3
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
feffd365fb662b68c40b9a54d4d7bc8b7f1bcae30fa6e80e54197c82833a2ead

www.picktime.com Open in urlscan Pro 34.120.107.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

104 Requests

100 %HTTPS

63 %IPv6

18 Domains

25 Subdomains

24 IPs

2 Countries

1834 kBTransfer

4775 kBSize

14 Cookies

1 Outgoing links

Page URL History

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.picktime.com Open in urlscan Pro
34.120.107.5 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

100 %
HTTPS

63 %
IPv6

18
Domains

25
Subdomains

24
IPs

2
Countries

1834 kB
Transfer

4775 kB
Size

14
Cookies

104 HTTP transactions
4 data transactions