www.sootoday.com Open in urlscan Pro
104.45.152.60 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.sootoday.com/
Submission Tags: falconsandbox
Submission: On April 21 via api (April 21st 2021, 11:03:58 pm UTC) from US

Summary HTTP 149 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 23 domains to perform 149 HTTP transactions. The main IP is 104.45.152.60, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.sootoday.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on December 8th 2020. Valid for: a year.

This is the only time www.sootoday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	104.45.152.60 104.45.152.60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6812:633c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
11	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
16	13.224.102.55 13.224.102.55	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	13.224.102.122 13.224.102.122	16509 (AMAZON-02) (AMAZON-02)
1	62.113.194.12 62.113.194.12	47447 (TTM) (TTM)
2	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	185.59.220.197 185.59.220.197	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
4	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	13.33.139.47 13.33.139.47	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	143.204.245.109 143.204.245.109	16509 (AMAZON-02) (AMAZON-02)
48	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
1	54.187.70.188 54.187.70.188	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	185.86.137.113 185.86.137.113	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	185.86.138.143 185.86.138.143	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	2600:1f18:612... 2600:1f18:612b:4200:ae67:61d5:5bef:8e79	14618 (AMAZON-AES) (AMAZON-AES)
1 1	88.214.206.142 88.214.206.142	46636 (NATCOWEB) (NATCOWEB)
1	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
149	32

11 104.45.152.60 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.sootoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:633c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.districtm.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 13.224.102.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-55.zrh50.r.cloudfront.net

www.vmcdn.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.102.122 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-122.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.113.194.12 (Berlin, Germany)

ASN47447 (TTM, DE)
PTR: edge-481.b-cdn.net

widgets.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.197 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-197.datapacket.com

st.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.139.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-139-47.cph50.r.cloudfront.net

static.freeskreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.245.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-109.cph50.r.cloudfront.net

sb.freeskreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.187.70.188 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-70-188.us-west-2.compute.amazonaws.com

pyd2ou6a40.execute-api.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.113 (France)

ASN201081 (SMARTADSERVER, FR)

ww1772.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.143 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4200:ae67:61d5:5bef:8e79 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

scm.publishers.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.206.142 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	2mdn.net s0.2mdn.net	294 KB
21	googlesyndication.com 5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	222 KB
16	vmcdn.ca www.vmcdn.ca	90 KB
13	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	146 KB
11	sootoday.com www.sootoday.com	412 KB
5	gstatic.com fonts.gstatic.com	72 KB
5	googletagservices.com www.googletagservices.com	172 KB
4	freeskreen.com static.freeskreen.com sb.freeskreen.com	26 KB
4	google.com www.google.com adservice.google.com	379 B
3	smartadserver.com 2 redirects ww1772.smartadserver.com sync.smartadserver.com	2 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	tremorhub.com 1 redirects scm.publishers.tremorhub.com	467 B
2	adnxs.com secure.adnxs.com	1 KB
2	getsitecontrol.com widgets.getsitecontrol.com st.getsitecontrol.com	97 KB
2	districtm.io cdn.districtm.io dmx.districtm.io	81 B
2	google.de www.google.de	214 B
1	exelator.com loadeu.exelator.com	324 B
1	admanmedia.com 1 redirects cs.admanmedia.com	348 B
1	amazonaws.com pyd2ou6a40.execute-api.us-west-2.amazonaws.com	234 B
1	google.ch adservice.google.ch	799 B
1	districtm.ca cdn.districtm.ca	25 KB
149	23

	Domain	Requested by
48	s0.2mdn.net	5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com s0.2mdn.net
16	www.vmcdn.ca	www.sootoday.com
11	securepubads.g.doubleclick.net	www.sootoday.com securepubads.g.doubleclick.net www.googletagservices.com 5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
11	www.sootoday.com	www.sootoday.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net 5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com tpc.googlesyndication.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	fonts.gstatic.com	fonts.googleapis.com
5	www.googletagservices.com	securepubads.g.doubleclick.net 5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
4	5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	sb.freeskreen.com	static.freeskreen.com
3	fonts.googleapis.com	5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com s0.2mdn.net
3	sb.scorecardresearch.com	1 redirects www.sootoday.com
3	www.google.com	www.sootoday.com securepubads.g.doubleclick.net
3	www.google-analytics.com	www.sootoday.com
2	scm.publishers.tremorhub.com	1 redirects
2	sync.smartadserver.com	2 redirects
2	secure.adnxs.com	cdn.districtm.ca
2	www.google.de	www.sootoday.com
2	stats.g.doubleclick.net	www.google-analytics.com
1	loadeu.exelator.com
1	cs.admanmedia.com	1 redirects
1	ww1772.smartadserver.com	sb.freeskreen.com
1	pyd2ou6a40.execute-api.us-west-2.amazonaws.com	5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
1	static.freeskreen.com	www.sootoday.com
1	st.getsitecontrol.com	widgets.getsitecontrol.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ch	securepubads.g.doubleclick.net
1	dmx.districtm.io	cdn.districtm.ca
1	widgets.getsitecontrol.com	www.sootoday.com
1	cdn.districtm.io	cdn.districtm.ca
1	cdn.districtm.ca	www.sootoday.com
149	31

This site contains links to these domains. Also see Links.

Domain
www.miosfurniture.com
player.kisssoo.com
player.country1043.com
docs.google.com
www.villagemedia.ca
www.barrietoday.com
www.baytoday.ca
www.bradfordtoday.ca
www.canadaflyers.ca
www.collingwoodtoday.ca
www.elliotlaketoday.com
www.guelphtoday.com
www.innisfiltoday.ca
www.midlandtoday.ca
www.newmarkettoday.ca
www.northernontariobusiness.com
www.ontarioflyers.ca
www.orilliamatters.com
www.sudbury.com
www.longmontleader.com
www.thoroldtoday.ca
www.timminstoday.com
www.alimoshotoday.com
www.airdrietoday.com
www.albertaprimetimes.com
ottawa.citynews.ca
www.cochranetoday.ca
www.halifaxtoday.ca
www.kitchenertoday.com
www.lakelandtoday.ca
www.moosejawtoday.com
www.mountainviewtoday.ca
www.okotokstoday.ca
www.princegeorgematters.com
www.rmotoday.com
www.stalberttoday.ca
www.tbnewswatch.com
www.townandcountrytoday.com
www.vancouverisawesome.com

Subject Issuer	Validity	Valid
www.sootoday.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-12-08` - `2021-12-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-11` - `2021-08-11`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.vmcdn.ca Amazon	`2020-08-21` - `2021-09-21`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.getsitecontrol.com Go Daddy Secure Certificate Authority - G2	`2020-03-05` - `2022-05-04`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.google.ch GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.freeskreen.com Amazon	`2021-01-19` - `2022-02-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.execute-api.us-west-2.amazonaws.com Amazon	`2020-08-30` - `2021-09-29`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh

This page contains 8 frames:

Primary Page: https://www.sootoday.com/
Frame ID: 75DEAB5AAD8900C4352FD486BA91BF00
Requests: 63 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: FDB117ED24B4127133DA8CD57E36EA3D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfFbxp2F7mUpwqXqhS1q9KZSvRAyhZ8W90mE5WAR6e-aRbq20FuAMTNxNV7FuwFluK7ToV7vl9yMBK-3djXd15_qqeQic_8c01HWUSfDJ0VDvPi8JY0OBK34RC84Zh3PQwR188GTnGzq6ZukMWslqevAUqb5pu0p9bjk0x5h9sLQ7bVoRqL7GVcvB-pilR3_mN8c9qzhTLWC4urVI81h3K0Ijn4soZMzpXvjhr0mb53w7S1e2QQu4ybEeMHOxLSCHBrZUsOP-RRiM7s6z2i5pCmBoS5CC19H3XBgVl3znaulPe&sai=AMfl-YRxXIsYZ7S9JWt2oyloa9QaZmH6SePvjY1DtKpzRP4gsc1F1FJED43nCyxWOpYjhk4w0UkwEW4jN49947QZYJMWksHNp1lN0HqFfUvPLxJXQl_kKX8owixRy3eoM3k&sig=Cg0ArKJSzFWRAxRBOJToEAE&adurl=
Frame ID: CDF1D9A65C90002AD219DA23AB35AC1C
Requests: 8 HTTP requests in this frame

Frame: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DC824C20D189E6F219E50CEDE312F220
Requests: 12 HTTP requests in this frame

Frame: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4CD4454477B62C5962FBCB7C4E521AFD
Requests: 9 HTTP requests in this frame

Frame: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F0C6BCE8FB8239E59D5C0B43560FE40A
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
Frame ID: 6B1908F8F2F7109015F72AF01AD8A0C6
Requests: 50 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 67AB55B403E23AF0AC039B2EB9B91082
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /adnxs\.(?:net|com)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

149
Requests

100 %
HTTPS

55 %
IPv6

23
Domains

31
Subdomains

32
IPs

6
Countries

1584 kB
Transfer

3131 kB
Size

12
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: http://www.miosfurniture.com/
Title: Mio's Furniture

Search URL Search Domain Scan URL

URL: http://player.kisssoo.com/?skipap=1

Search URL Search Domain Scan URL

URL: http://player.country1043.com/?skipap=1

Search URL Search Domain Scan URL

URL: https://docs.google.com/document/d/1dOgoLS-jn6McFIAW-bnvR4tLixYBez9qGv0vwoAcjsw/edit?usp=sharing
Title: Political Ads Registry

Search URL Search Domain Scan URL

URL: http://www.villagemedia.ca/

Search URL Search Domain Scan URL

URL: https://www.barrietoday.com/
Title: BarrieToday.com

Search URL Search Domain Scan URL

URL: https://www.baytoday.ca/
Title: BayToday.ca

Search URL Search Domain Scan URL

URL: https://www.bradfordtoday.ca/
Title: BradfordToday.ca

Search URL Search Domain Scan URL

URL: https://www.canadaflyers.ca/
Title: CanadaFlyers.ca

Search URL Search Domain Scan URL

URL: https://www.collingwoodtoday.ca/
Title: CollingwoodToday.ca

Search URL Search Domain Scan URL

URL: https://www.elliotlaketoday.com/
Title: ElliotLakeToday.com

Search URL Search Domain Scan URL

URL: https://www.guelphtoday.com/
Title: GuelphToday.com

Search URL Search Domain Scan URL

URL: https://www.innisfiltoday.ca/
Title: InnisfilToday.ca

Search URL Search Domain Scan URL

URL: https://www.midlandtoday.ca/
Title: MidlandToday.ca

Search URL Search Domain Scan URL

URL: https://www.newmarkettoday.ca/
Title: NewmarketToday.ca

Search URL Search Domain Scan URL

URL: https://www.northernontariobusiness.com/
Title: Northern Ontario Business

Search URL Search Domain Scan URL

URL: https://www.ontarioflyers.ca/
Title: OntarioFlyers.ca

Search URL Search Domain Scan URL

URL: https://www.orilliamatters.com/
Title: OrilliaMatters.com

Search URL Search Domain Scan URL

URL: https://www.sudbury.com/
Title: Sudbury.com

Search URL Search Domain Scan URL

URL: https://www.longmontleader.com/
Title: The Longmont Leader

Search URL Search Domain Scan URL

URL: https://www.thoroldtoday.ca/
Title: ThoroldToday.ca

Search URL Search Domain Scan URL

URL: https://www.timminstoday.com/
Title: TimminsToday.com

Search URL Search Domain Scan URL

URL: https://www.alimoshotoday.com/
Title: AlimoshoToday.com

Search URL Search Domain Scan URL

URL: https://www.airdrietoday.com/
Title: AirdrieToday.com

Search URL Search Domain Scan URL

URL: https://www.albertaprimetimes.com/
Title: Alberta Prime Times

Search URL Search Domain Scan URL

URL: https://ottawa.citynews.ca/
Title: CityNews Ottawa

Search URL Search Domain Scan URL

URL: https://www.cochranetoday.ca/
Title: CochraneToday.ca

Search URL Search Domain Scan URL

URL: https://www.halifaxtoday.ca/
Title: HalifaxToday.ca

Search URL Search Domain Scan URL

URL: https://www.kitchenertoday.com/
Title: KitchenerToday.com

Search URL Search Domain Scan URL

URL: https://www.lakelandtoday.ca/
Title: LakelandToday.ca

Search URL Search Domain Scan URL

URL: https://www.moosejawtoday.com/
Title: MooseJawToday.com

Search URL Search Domain Scan URL

URL: https://www.mountainviewtoday.ca/
Title: Mountain View Today

Search URL Search Domain Scan URL

URL: https://www.okotokstoday.ca/
Title: Okotoks Today

Search URL Search Domain Scan URL

URL: https://www.princegeorgematters.com/
Title: PrinceGeorgeMatters.com

Search URL Search Domain Scan URL

URL: https://www.rmotoday.com/
Title: RMO Today

Search URL Search Domain Scan URL

URL: https://www.stalberttoday.ca/
Title: StAlbertToday.ca

Search URL Search Domain Scan URL

URL: https://www.tbnewswatch.com/
Title: TBNewsWatch.com

Search URL Search Domain Scan URL

URL: https://www.townandcountrytoday.com/
Title: Town and Country Today

Search URL Search Domain Scan URL

URL: https://www.vancouverisawesome.com/
Title: Vancouver is Awesome

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://sb.scorecardresearch.com/b?c1=2&c2=21059523&ns__t=1619046220230&ns_c=UTF-8&cv=3.5&c8=Sault%20Ste.%20Marie%20News%20-%20Sault%20Ste.%20Marie%20News&c7=https%3A%2F%2Fwww.sootoday.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=21059523&ns__t=1619046220230&ns_c=UTF-8&cv=3.5&c8=Sault%20Ste.%20Marie%20News%20-%20Sault%20Ste.%20Marie%20News&c7=https%3A%2F%2Fwww.sootoday.com%2F&c9=

Request Chain 113

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D&cklb=1 HTTP 302
https://sb.freeskreen.com/um?sa=450355380182771494

Request Chain 114

https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D

Request Chain 115

https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID} HTTP 302
https://sb.freeskreen.com/um?ac={$UID}

149 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.sootoday.com/ 104 KB
105 KB 355ms
116ms Document
text/html 104.45.152.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.45.152.60 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6bd9af57b5df81645bad552188b945e7c4265eb3602f7ded00297e7eb77bf064

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.sootoday.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: public, max-age=24
content-length: 106794
content-type: text/html; charset=utf-8
expires: Wed, 21 Apr 2021 23:04:04 GMT
last-modified: Wed, 21 Apr 2021 23:03:04 GMT
x-frame-options: SAMEORIGIN
set-cookie: ARRAffinity=2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6;Path=/;HttpOnly;Secure;Domain=www.sootoday.com ARRAffinitySameSite=2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6;Path=/;HttpOnly;SameSite=None;Secure;Domain=www.sootoday.com
date: Wed, 21 Apr 2021 23:03:39 GMT

GET
H2 200 template
www.sootoday.com/cssb/ 85 KB
85 KB 198ms
198ms Stylesheet
text/css 104.45.152.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sootoday.com/cssb/template?v=eXqC4slhynyrZCBsqW_0lQodl59ruH0mZWfQ3ggy7II1
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.152.60 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 00cc6a65b16ad240fd8efc1563a5a803f338a727cf3b8d16658c1873a28ad8f3

Request headers

:path: /cssb/template?v=eXqC4slhynyrZCBsqW_0lQodl59ruH0mZWfQ3ggy7II1
pragma: no-cache
cookie: ARRAffinity=2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6; ARRAffinitySameSite=2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.sootoday.com
referer: https://www.sootoday.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:39 GMT
cache-control: public
expires: Thu, 21 Apr 2022 23:03:39 GMT
last-modified: Wed, 21 Apr 2021 23:03:39 GMT
content-length: 86569
vary: User-Agent
content-type: text/css; charset=utf-8

GET
H2 200 head Show response
www.sootoday.com/jsb/ 3 KB
3 KB 273ms
273ms Script
text/javascript 104.45.152.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sootoday.com/jsb/head?v=FxLEHbA1zWldtzXpgNNMn1K8nPzHd3DG6pEldrwRyhI1
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.152.60 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c8b0bb81aa4d93740b114b22cf88d3c5952349e01fb55aa27f98fbbea32c11f3

Request headers

:path: /jsb/head?v=FxLEHbA1zWldtzXpgNNMn1K8nPzHd3DG6pEldrwRyhI1
pragma: no-cache
cookie: ARRAffinity=2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6; ARRAffinitySameSite=2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.sootoday.com
referer: https://www.sootoday.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:39 GMT
cache-control: public
expires: Thu, 21 Apr 2022 23:03:39 GMT
last-modified: Wed, 21 Apr 2021 23:03:39 GMT
content-length: 3249
vary: User-Agent
content-type: text/javascript; charset=utf-8

GET
H2 200 merge.v4.6.176762.js Show response
cdn.districtm.ca/merge/ 110 KB
25 KB 49ms
26ms Script
application/x-javascript 2606:4700::6812:633c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.ca/merge/merge.v4.6.176762.js
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:633c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e456005a29f457efade69b61cc5e22c8965ebb7bdf94376a5f9b0b61796ebf2f

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:40 GMT
content-encoding: br
cf-cache-status: HIT
age: 6306
cf-polished: origSize=247993
last-modified: Fri, 29 Jan 2021 17:56:47 GMT
x-amz-request-id: A9X8NDBMDN1HXWYB
x-amz-id-2: rbFhvJKFqyd2CA7XtEisbwgMDN6fiOMSkrPVu0OYP8w0RTzfSVIDJDr38zJ+XZdJZyQ07NRDS+g=
cf-bgj: minify
server: cloudflare
etag: W/"fe34d4bbb1ba321e5620ec10a40eddcf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=172800
x-amz-version-id: D4YUqGN12fRDFmrTksnR059yaquhYqIl
cf-request-id: 099845d91200004a9182850000000001
cf-ray: 643a3f3b49e24a91-FRA
expires: Fri, 23 Apr 2021 23:03:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1286
date: Wed, 21 Apr 2021 22:42:14 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Thu, 22 Apr 2021 00:42:14 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 139ms
64ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

97cff47a8a080b0ab18840b3bf5b49ecc091f4d4aaedf54697f8757cf4c2c59b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "849 / 311 of 1000 / last-modified: 1619043195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21096
x-xss-protection: 0
expires: Wed, 21 Apr 2021 23:03:40 GMT

GET
H2 200 sootoday_white.svg
www.vmcdn.ca/files/sootoday/layout/ 5 KB
2 KB 68ms
22ms Image
image/svg+xml 13.224.102.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/sootoday/layout/sootoday_white.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-55.zrh50.r.cloudfront.net
Software: /
Resource Hash: 785d653df2645599aae40b2bdb678026626afaa365b1fd2819d45d956fab8983

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 10:56:30 GMT
content-encoding: gzip
age: 1253229
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control: public
content-disposition: inline; filename=sootoday_white.svg
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: NZbXtb8IYogOxlpILv-1jCtF8nWAg5P3OF7sxdltJcJKszH-KsmN_Q==
expires: Fri, 07 May 2021 09:42:43 GMT

GET
H2 200 covid-testing.jpeg;w=300;h=200;mode=crop
www.vmcdn.ca/f/files/shared/stock-images/ 13 KB
13 KB 68ms
22ms Image
image/jpeg 13.224.102.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/shared/stock-images/covid-testing.jpeg;w=300;h=200;mode=crop
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-55.zrh50.r.cloudfront.net
Software: /
Resource Hash: c08e016b80f14f2d35c29215f8fa0d8fb3f1bd72ef2e343cd683a50e25e8b456

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Apr 2021 02:58:56 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
age: 1627483
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
x-amz-cf-pop: ZRH50-C1
content-length: 13242
x-amz-cf-id: zETxFVa855uJj90m09pIW4kKsxCitUZXGmSFwkTLOrTiW3-4kZ61tA==
expires: Sat, 02 Apr 2022 22:15:23 GMT

GET
H2 200 blank.gif
www.sootoday.com/images/ 42 B
144 B 121ms
120ms Image
image/gif 104.45.152.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sootoday.com/images/blank.gif
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.152.60 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2dd2ef26debf40e0edd9a62277cddf59a939b4026c8805af018fbea29496a62b

Request headers

:path: /images/blank.gif
pragma: no-cache
cookie: ARRAffinity=2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6; ARRAffinitySameSite=2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sootoday.com
referer: https://www.sootoday.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:39 GMT
cache-control: max-age=2592000
last-modified: Tue, 05 Jan 2021 18:12:34 GMT
accept-ranges: bytes
etag: "2c5384578ee3d61:0"
content-length: 42
content-type: image/gif

GET
H2 200 0b06b35f-93db-4b0f-ab14-3455f8f04c25.jpg;w=120
www.vmcdn.ca/f/files/classifieds/64170/ 3 KB
4 KB 69ms
23ms Image
image/jpeg 13.224.102.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/classifieds/64170/0b06b35f-93db-4b0f-ab14-3455f8f04c25.jpg;w=120
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-55.zrh50.r.cloudfront.net
Software: /
Resource Hash: 808db1bf825f5443891d09825a7b655d27fb6bbb64b8135508a3e123947f40a2

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 11:12:46 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
age: 6695453
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
x-amz-cf-pop: ZRH50-C1
content-length: 3318
x-amz-cf-id: Qs6FnjA5jXoihv3nxbgHsTAOxffO9EiFRIfZoJHp2bPPXRXqXk6wPw==
expires: Thu, 03 Feb 2022 11:12:47 GMT

GET
H2 200 85649863-942a-41d3-8ae5-0a2032e0e0dd.jpg;w=120
www.vmcdn.ca/f/files/classifieds/61655/ 4 KB
4 KB 68ms
22ms Image
image/jpeg 13.224.102.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/classifieds/61655/85649863-942a-41d3-8ae5-0a2032e0e0dd.jpg;w=120
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-55.zrh50.r.cloudfront.net
Software: /
Resource Hash: af563f200f2c8b6087cfe0072e4a713b3fdfbb3e83ec480988181be88ce5b31a

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:27:39 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
age: 1154161
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
x-amz-cf-pop: ZRH50-C1
content-length: 4291
x-amz-cf-id: NR6adQ7cdkb1Ys3yFL9USri_CeQQFmqq6YxeeiZW-2Rlb3gvC8--AQ==
expires: Fri, 08 Apr 2022 14:25:45 GMT

GET
H2 200 logo_sootoday_plus_white.svg
www.vmcdn.ca/files/shared/site-layout/ 3 KB
2 KB 68ms
22ms Image
image/svg+xml 13.224.102.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/shared/site-layout/logo_sootoday_plus_white.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-55.zrh50.r.cloudfront.net
Software: /
Resource Hash: 1dd325a220a7467f132797a6275d92a9a9b30c8f3134db1065ee4eda684baa92

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 01:45:03 GMT
content-encoding: gzip
age: 1459116
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control: public
content-disposition: inline; filename=logo_sootoday_plus_white.svg
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: yks3sON-WvmFs84erJH1NcUDI_5dAKqj3tUdOBQxB8mE2faugEhLlw==
expires: Wed, 05 May 2021 01:45:03 GMT

GET
H2 200 logo_thedaily@2x.png;w=200
www.vmcdn.ca/f/files/shared/ 13 KB
13 KB 69ms
23ms Image
image/png 13.224.102.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/shared/logo_thedaily@2x.png;w=200
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-55.zrh50.r.cloudfront.net
Software: /
Resource Hash: c50d66e1f625525c9d0da8d144ec80efae45ae8283c84909eadea38812d2e346

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 18:14:45 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
age: 4855734
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public
x-amz-cf-pop: ZRH50-C1
content-length: 12847
x-amz-cf-id: PKGSTfNb59rjuwc7BllhzfvWNNxmb5hsb9A3-BqHsYevMQAur1bhtA==
expires: Thu, 24 Feb 2022 17:55:21 GMT

GET
H2 200 template Show response
www.sootoday.com/jsb/ 158 KB
158 KB 119ms
119ms Script
text/javascript 104.45.152.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sootoday.com/jsb/template?v=SuXD3CW6ksF8nwZBRoDtdIrPWKXVVDBMajJ61kEGZ141
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.152.60 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4a2e306828a92d84c3843cfceb70366475a2416cd04ea0c3fb47c0d36d7eb53f

Request headers

:path: /jsb/template?v=SuXD3CW6ksF8nwZBRoDtdIrPWKXVVDBMajJ61kEGZ141
pragma: no-cache
cookie: ARRAffinity=2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6; ARRAffinitySameSite=2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.sootoday.com
referer: https://www.sootoday.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:39 GMT
cache-control: public
expires: Thu, 21 Apr 2022 23:03:40 GMT
last-modified: Wed, 21 Apr 2021 23:03:40 GMT
content-length: 161319
vary: User-Agent
content-type: text/javascript; charset=utf-8

GET
H2 200 user-o-w.svg
www.vmcdn.ca/files/ui/icons/ 712 B
1023 B 52ms
21ms Image
image/svg+xml 13.224.102.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/user-o-w.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=eXqC4slhynyrZCBsqW_0lQodl59ruH0mZWfQ3ggy7II1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-55.zrh50.r.cloudfront.net
Software: /
Resource Hash: d4626a22c2af8c95f8143af91c42fac2242da36ef36139912f72c2d85d373482

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 12:01:01 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
age: 1335759
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public
content-disposition: inline; filename=user-o-w.svg
x-amz-cf-pop: ZRH50-C1
content-length: 712
x-amz-cf-id: 3SA_7Gx1Mn3dOmCQt6Izj346P2efAWiazjWAaNsUFlDzRTJ7XMDY0g==
expires: Thu, 06 May 2021 12:01:01 GMT

GET
H2 200 opensans-regular.woff2
www.sootoday.com/css/fonts/ 19 KB
19 KB 119ms
118ms Font
application/font-woff2 104.45.152.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sootoday.com/css/fonts/opensans-regular.woff2
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=eXqC4slhynyrZCBsqW_0lQodl59ruH0mZWfQ3ggy7II1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.152.60 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bb83e6c7cf4aa041bcc51c81777e0e24484164c096c675bc0c8728f507eb943f

Request headers

sec-fetch-mode: cors
origin: https://www.sootoday.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: ARRAffinity=2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6; ARRAffinitySameSite=2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6
:path: /css/fonts/opensans-regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.sootoday.com
referer: https://www.sootoday.com/cssb/template?v=eXqC4slhynyrZCBsqW_0lQodl59ruH0mZWfQ3ggy7II1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.sootoday.com
Referer: https://www.sootoday.com/cssb/template?v=eXqC4slhynyrZCBsqW_0lQodl59ruH0mZWfQ3ggy7II1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:39 GMT
cache-control: max-age=2592000
last-modified: Tue, 05 Jan 2021 18:12:34 GMT
accept-ranges: bytes
etag: "4c907c578ee3d61:0"
content-length: 19020
content-type: application/font-woff2

GET
DATA 200
OK truncated
/ 204 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bbada45fd68ad952c7630330f2a543b374aa0dff02b612ed8637b09b6cef8ae

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 search.svg
www.vmcdn.ca/files/ui/icons/ 442 B
751 B 38ms
22ms Image
image/svg+xml 13.224.102.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/search.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=eXqC4slhynyrZCBsqW_0lQodl59ruH0mZWfQ3ggy7II1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-55.zrh50.r.cloudfront.net
Software: /
Resource Hash: ab33bb269f5d469aaa053c29777d536ee3579be104a6e16d922c95af5f40ba1d

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:59:03 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
age: 1811076
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public
content-disposition: inline; filename=search.svg
x-amz-cf-pop: ZRH50-C1
content-length: 442
x-amz-cf-id: yHwCNp6FGNoG1xHcrb2q4W9R1Peb_LapRl3RrNOay4iwliSWJMrHhA==
expires: Fri, 30 Apr 2021 23:59:04 GMT

GET
H2 200 opensans-bold.woff2
www.sootoday.com/css/fonts/ 19 KB
19 KB 171ms
171ms Font
application/font-woff2 104.45.152.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sootoday.com/css/fonts/opensans-bold.woff2
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=eXqC4slhynyrZCBsqW_0lQodl59ruH0mZWfQ3ggy7II1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.152.60 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7188423c548d0761358ba2b6570354989e3f98f7318ed998adfb04e063c05915

Request headers

sec-fetch-mode: cors
origin: https://www.sootoday.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: ARRAffinity=2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6; ARRAffinitySameSite=2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6
:path: /css/fonts/opensans-bold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.sootoday.com
referer: https://www.sootoday.com/cssb/template?v=eXqC4slhynyrZCBsqW_0lQodl59ruH0mZWfQ3ggy7II1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.sootoday.com
Referer: https://www.sootoday.com/cssb/template?v=eXqC4slhynyrZCBsqW_0lQodl59ruH0mZWfQ3ggy7II1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:39 GMT
cache-control: max-age=2592000
last-modified: Tue, 05 Jan 2021 18:12:34 GMT
accept-ranges: bytes
etag: "ad317b578ee3d61:0"
content-length: 19724
content-type: application/font-woff2

GET
H2 200 picture-o.svg
www.vmcdn.ca/files/ui/icons/ 475 B
785 B 46ms
46ms Image
image/svg+xml 13.224.102.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/picture-o.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=eXqC4slhynyrZCBsqW_0lQodl59ruH0mZWfQ3ggy7II1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-55.zrh50.r.cloudfront.net
Software: /
Resource Hash: 361a44881097f7833bbf4346278ea77c9c56033682fdab64feffe9bb57b5eaf5

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:58:26 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
age: 1926313
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public
content-disposition: inline; filename=picture-o.svg
x-amz-cf-pop: ZRH50-C1
content-length: 475
x-amz-cf-id: SxrWrEyc4iK9srkVZ-o5-CI1pSuVBqTeDu226O8C8v2JEmtsR1TvRQ==
expires: Thu, 29 Apr 2021 15:58:26 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-37383801-16&cid=1029540144.1619046220&jid=1237957663&gjid=106613018&_gid=393316705.1619046220&_u=IGDAgEABAAAAAE~&z=787088067

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 21 Apr 2021 23:03:40 GMT
content-type: text/plain
access-control-allow-origin: https://www.sootoday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 18ms
18ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-37383801-4&cid=1029540144.1619046220&jid=1967142295&gjid=188550356&_gid=393316705.1619046220&_u=IGDAgEABAAAAAE~&z=445430218

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 21 Apr 2021 23:03:40 GMT
content-type: text/plain
access-control-allow-origin: https://www.sootoday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
26ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1117513169&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sootoday.com%2F&ul=en-us&de=UTF-8&dt=Sault%20Ste.%20Marie%20News%20-%20Sault%20Ste.%20Marie%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAgEAB~&jid=1237957663&gjid=106613018&cid=1029540144.1619046220&tid=UA-37383801-16&_gid=393316705.1619046220&cd1=5&z=996840516

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 10:06:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46619
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
27ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1117513169&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sootoday.com%2F&ul=en-us&de=UTF-8&dt=Sault%20Ste.%20Marie%20News%20-%20Sault%20Ste.%20Marie%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAgEABAAAAAE~&jid=1967142295&gjid=188550356&cid=1029540144.1619046220&tid=UA-37383801-4&_gid=393316705.1619046220&cd1=5&z=1608566898

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 10:06:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46619
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 32ms
30ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-37383801-16&cid=1029540144.1619046220&jid=1237957663&_u=IGDAgEABAAAAAE~&z=396499070

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 23:03:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-37383801-16&cid=1029540144.1619046220&jid=1237957663&_u=IGDAgEABAAAAAE~&z=396499070

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 23:03:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-37383801-4&cid=1029540144.1619046220&jid=1967142295&_u=IGDAgEABAAAAAE~&z=415749139

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 23:03:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-37383801-4&cid=1029540144.1619046220&jid=1967142295&_u=IGDAgEABAAAAAE~&z=415749139

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 23:03:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame FDB1 0
0 70ms
26ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: cdn.districtm.ca
URL: https://cdn.districtm.ca/merge/merge.v4.6.176762.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sootoday.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sootoday.com/

Response headers

date: Wed, 21 Apr 2021 23:03:40 GMT
set-cookie: __cfduid=dbf2572240d69a5bad9b1bbd474d3dc011619046220; expires=Fri, 21-May-21 23:03:40 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 099845d9a1000023df42ac8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 643a3f3c397523df-ZRH

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 67ms
20ms Script
application/javascript 13.224.102.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-122.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 22:50:47 GMT
via: 1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 774
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: ounTflBFG8Df3lW0N5Rd57TO6fNDZ7iim1DI5oKs0OF5oyV1UQCyFA==

GET
H2 200 script.js Show response
widgets.getsitecontrol.com/128748/ 19 KB
4 KB 243ms
179ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.getsitecontrol.com/128748/script.js
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Berlin, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 4a62b7cdfad36dc3c581a99af319074d974d4a1b2edbe1c940f091fd2890d2ed

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:40 GMT
content-encoding: br
cdn-edgestorageid: 481, 617, 617
x-amz-request-id: KCPBG9Y4X5GM1ZG3
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-04-13 21:57:57
cdn-pullzone: 44619
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: wFyEIemmBKplwh3zGfz8UrF5TDPsQ01pd+xJQ7QuNTrDv+Sm16VvyfgHxTdyFDf9tXDjhqYZN44=
access-control-allow-origin: *
last-modified: Tue, 13 Apr 2021 19:45:04 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: REVALIDATED
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=5
cdn-requestid: eaa1d93a40be7b5f8dbdee3495546630
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

POST
H2 200 weatherwidget Show response
www.sootoday.com/external/ 133 B
255 B 115ms
114ms XHR
application/json 104.45.152.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sootoday.com/external/weatherwidget?weatherCode=ON%2Fs0000479_e
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/template?v=SuXD3CW6ksF8nwZBRoDtdIrPWKXVVDBMajJ61kEGZ141
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.152.60 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fcaf21bbe168c477bff8b2ce347cae211b29ece05127c87d5bdb200c0afd498c

Request headers

sec-fetch-mode: cors
origin: https://www.sootoday.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: ARRAffinity=2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6; ARRAffinitySameSite=2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6; _ga=GA1.2.1029540144.1619046220; _gid=GA1.2.393316705.1619046220; _gat_base=1; _gat_site=1; dmxRegion=false
content-length: 0
:path: /external/weatherwidget?weatherCode=ON%2Fs0000479_e
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.sootoday.com
referer: https://www.sootoday.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://www.sootoday.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:39 GMT
cache-control: public, max-age=220
expires: Wed, 21 Apr 2021 23:07:20 GMT
last-modified: Wed, 21 Apr 2021 22:52:20 GMT
content-length: 133
content-type: application/json; charset=utf-8

GET
H2 200 poll Show response
www.sootoday.com/jsb/ 20 KB
20 KB 116ms
115ms XHR
text/javascript 104.45.152.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sootoday.com/jsb/poll?v=6Cjm7uclaOYdmR4ukfFNftqmxhiYVJ-tEBkeF-FXbDk1
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/template?v=SuXD3CW6ksF8nwZBRoDtdIrPWKXVVDBMajJ61kEGZ141
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.152.60 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 55d0d1077f3e72c5a378e1d7c81e2d035c856665e9ecdefc9a9dd1cbcc33d69b

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: ARRAffinity=2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6; ARRAffinitySameSite=2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6; _ga=GA1.2.1029540144.1619046220; _gid=GA1.2.393316705.1619046220; _gat_base=1; _gat_site=1; dmxRegion=false
:path: /jsb/poll?v=6Cjm7uclaOYdmR4ukfFNftqmxhiYVJ-tEBkeF-FXbDk1
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: www.sootoday.com
referer: https://www.sootoday.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.sootoday.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:39 GMT
cache-control: public
expires: Thu, 21 Apr 2022 23:03:40 GMT
last-modified: Wed, 21 Apr 2021 23:03:40 GMT
content-length: 20720
vary: User-Agent
content-type: text/javascript; charset=utf-8

GET
H2 200 335670 Show response
www.sootoday.com/widgets/ 3 KB
3 KB 122ms
122ms XHR
text/html 104.45.152.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/widgets/335670

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/template?v=SuXD3CW6ksF8nwZBRoDtdIrPWKXVVDBMajJ61kEGZ141

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.45.152.60 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a4575d812d72edb37a297e4c1ab31883a3bba95005b02bc45ac11b9d1e838ad1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: ARRAffinity=2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6; ARRAffinitySameSite=2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6; _ga=GA1.2.1029540144.1619046220; _gid=GA1.2.393316705.1619046220; _gat_base=1; _gat_site=1; dmxRegion=false
:path: /widgets/335670
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.sootoday.com
referer: https://www.sootoday.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.sootoday.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:39 GMT
cache-control: private
set-cookie: __RequestVerificationToken=h9YRjQwMzihIVZOyw7CxkjL-hPKB738xdNO2GtadfiDSpOsAXYKPCp4Dg9onBb91fZKL4rHLkPAKL6bUs7SR2rTHdbkPRktdAHRaM8XkeHE1; path=/; HttpOnly
content-length: 2568
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8

GET
H2 200 sessions-soo-image-facebook.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/sootoday/spotlight-photos/ 4 KB
4 KB 24ms
22ms Image
image/jpeg 13.224.102.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/sootoday/spotlight-photos/sessions-soo-image-facebook.jpg;w=100;h=67;mode=crop
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-55.zrh50.r.cloudfront.net
Software: /
Resource Hash: 69855d4ae024622d9cfba6a6320cf3fffd5fb27e9e9637b398adbb5a174d8b54

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 19:52:54 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
age: 97845
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
x-amz-cf-pop: ZRH50-C1
content-length: 4049
x-amz-cf-id: Dr0GC68_xgXiUAvYRqFjiUXNZiWjiY4hFvOwD6g5FB830SJLEtmZ1Q==
expires: Wed, 20 Apr 2022 19:46:54 GMT

GET
H2 200 soo-spotlight-photo_skinner-psychotherapy_april-19.jpeg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/sootoday/spotlight-photos/ 3 KB
3 KB 24ms
23ms Image
image/jpeg 13.224.102.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/sootoday/spotlight-photos/soo-spotlight-photo_skinner-psychotherapy_april-19.jpeg;w=100;h=67;mode=crop
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-55.zrh50.r.cloudfront.net
Software: /
Resource Hash: a8af28940ea946193aed53324832707eba46b6ea7daec272138ce27a4c4a98ad

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 20:18:12 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
age: 182728
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
x-amz-cf-pop: ZRH50-C1
content-length: 2978
x-amz-cf-id: KkUsAaVb2WeX-tTl9_PwCeDsDrkjbqwdxjXKSd6jp1IJNEB7LyLrkg==
expires: Tue, 19 Apr 2022 20:15:28 GMT

GET
H2 200 northside-all-you-can-haul.png;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/sootoday/spotlight-photos/ 17 KB
18 KB 24ms
23ms Image
image/png 13.224.102.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/sootoday/spotlight-photos/northside-all-you-can-haul.png;w=100;h=67;mode=crop
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-55.zrh50.r.cloudfront.net
Software: /
Resource Hash: b4f8753d3655fe3de6533aed4897c61e194205f443ac8d7bfe9e2b6b20d653d1

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:32:01 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
age: 473499
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public
x-amz-cf-pop: ZRH50-C1
content-length: 17841
x-amz-cf-id: Blfwn_i-3vW8eZp_KW0pw4KvGI0j73iCSAOF7E501MB2sfcnqeUScg==
expires: Sat, 16 Apr 2022 11:27:49 GMT

GET
H2 200 2021-04-21-harold-soderlund.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/sootoday/images/people/ 3 KB
4 KB 24ms
23ms Image
image/jpeg 13.224.102.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/sootoday/images/people/2021-04-21-harold-soderlund.jpg;w=100;h=67;mode=crop
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-55.zrh50.r.cloudfront.net
Software: /
Resource Hash: f81a52671a832c4051f7a059a4bd6bcf2648116dbef5e5b2c3abfa1ee9cd8e3d

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:37:10 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
age: 30390
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
x-amz-cf-pop: ZRH50-C1
content-length: 3455
x-amz-cf-id: gNDmce3yDd4pn7jgqnt8-JzYyDDXQGqTqVNM9qPwxkwHv1pJys69zQ==
expires: Thu, 21 Apr 2022 14:35:05 GMT

GET
H2 200 _membership_contest_image_2000x1333_sourceforsports.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/sootoday/membership/gift-card-images/ 2 KB
2 KB 24ms
23ms Image
image/jpeg 13.224.102.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/sootoday/membership/gift-card-images/_membership_contest_image_2000x1333_sourceforsports.jpg;w=100;h=67;mode=crop
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-55.zrh50.r.cloudfront.net
Software: /
Resource Hash: ed553521f58b3e3b3424aae7c0168f0a5b10df5db5238c4d70ed17de43a25012

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 04:04:08 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
age: 586771
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
x-amz-cf-pop: ZRH50-C1
content-length: 1581
x-amz-cf-id: VQ6uCwlRbJqqevd3sFIoRL5stYZsdQxFKTUxNh2WSE60KkQgQ8dTxA==
expires: Fri, 15 Apr 2022 04:02:14 GMT

GET
H2 200 20210414-lindrena-newbery-photo-supplied-01-cropped.png;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/sootoday/images/entertainment/film/ 16 KB
16 KB 24ms
23ms Image
image/png 13.224.102.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/sootoday/images/entertainment/film/20210414-lindrena-newbery-photo-supplied-01-cropped.png;w=100;h=67;mode=crop
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-55.zrh50.r.cloudfront.net
Software: /
Resource Hash: 608f3783666e8dcffb74eb2b51f94b5c5409f636194d9957093cece2a87aabd1

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 23:03:29 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
age: 604810
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public
x-amz-cf-pop: ZRH50-C1
content-length: 16467
x-amz-cf-id: or2X1x1V0ih2ZEx8g4u1dgNZYGfgzjuNISbDSvjUs74tjeU9l3Qmeg==
expires: Thu, 14 Apr 2022 23:01:34 GMT

GET
H3-29 200 pubads_impl_2021042001.js Show response
securepubads.g.doubleclick.net/gpt/ 301 KB
105 KB 84ms
83ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

a2aca9aa200ad3e4dd9afcd27fd2bd5b272a5d297e9f85d708394857ca6a1ffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Apr 2021 08:40:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107961
x-xss-protection: 0
expires: Wed, 21 Apr 2021 23:03:40 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=21059523&ns__t=1619046220230&ns_c=UTF-8&cv=3.5&c8=Sault%20Ste.%20Marie%20News%20-%20Sault%20Ste.%20Marie%20News&c7=https%3A%2F%2Fwww.sootoday.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=21059523&ns__t=1619046220230&ns_c=UTF-8&cv=3.5&c8=Sault%20Ste.%20Marie%20News%20-%20Sault%20Ste.%20Marie%20News&c7=https%3A%2F%2Fwww.sootoday.com%2F&c9=

64 B
330 B

29ms
28ms

Image
image/gif

13.224.102.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=21059523&ns__t=1619046220230&ns_c=UTF-8&cv=3.5&c8=Sault%20Ste.%20Marie%20News%20-%20Sault%20Ste.%20Marie%20News&c7=https%3A%2F%2Fwww.sootoday.com%2F&c9=
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-122.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:40 GMT
via: 1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: ntVTcq19SvMlokISTA_99AQl5cZWoyct7vGz3cmyjQwAnEZt7sxwPg==

Redirect headers

date: Wed, 21 Apr 2021 23:03:40 GMT
via: 1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=21059523&ns__t=1619046220230&ns_c=UTF-8&cv=3.5&c8=Sault%20Ste.%20Marie%20News%20-%20Sault%20Ste.%20Marie%20News&c7=https%3A%2F%2Fwww.sootoday.com%2F&c9=
content-length: 218
x-amz-cf-id: 4Zm1d1VT0pm2FKvoKnZqxMI0Vs77B50dbHcuyFEsmX8_Ejc3JwXhjQ==

GET
H2 200 02.gif
www.vmcdn.ca/files/ui/icons/weather/ 3 KB
3 KB 21ms
20ms Image
image/gif 13.224.102.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/weather/02.gif
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-55.zrh50.r.cloudfront.net
Software: /
Resource Hash: b07a7ccaa61260fd76bb674350367128a36673fb5853d73186e89d371fca9e0d

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Apr 2021 14:19:54 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
age: 1500226
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: public
content-disposition: inline; filename=02.gif
x-amz-cf-pop: ZRH50-C1
content-length: 2661
x-amz-cf-id: hHf_uFBqFoTyv-8M3dEsMNSsFUxOeIRWv_kWWSmiEbu2PPmFrYToDg==
expires: Tue, 04 May 2021 14:19:54 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
81 B 31ms
27ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: cdn.districtm.ca
URL: https://cdn.districtm.ca/merge/merge.v4.6.176762.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

date: Wed, 21 Apr 2021 23:03:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.sootoday.com
access-control-allow-credentials: true
cf-ray: 643a3f3dfbac23df-ZRH
access-control-allow-headers: Content-Type, Origin
cf-request-id: 099845dac0000023df4836c000000001

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
664 B 116ms
38ms Script
text/html 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?callback=districtmHeader.ssp.appnexus.handleAppNexusCallback&callback_uid=VJuYTePLy4IQqdaTOg9JhZiKOFulbh~450~slot-762a351a&psa=0&zone=450&id=19057196&member_id=1908&size=300x600&promo_sizes=300x250&referrer=https://www.sootoday.com/

Requested by

Host: cdn.districtm.ca
URL: https://cdn.districtm.ca/merge/merge.v4.6.176762.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 23:03:40 GMT
X-Proxy-Origin: 185.212.170.148; 185.212.170.148; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.137:80
AN-X-Request-Uuid: 7c581da1-dee1-4c60-a6b2-1f4b9c12acb1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
664 B 116ms
38ms Script
text/html 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?callback=districtmHeader.ssp.appnexus.handleAppNexusCallback&callback_uid=2kL3DGfrBCiHiibfCifjI7asbHVsir~450~slot-762a351a&psa=0&zone=450&id=19330666&member_id=undefined&size=300x600&promo_sizes=300x250&referrer=https://www.sootoday.com/

Requested by

Host: cdn.districtm.ca
URL: https://cdn.districtm.ca/merge/merge.v4.6.176762.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 23:03:40 GMT
X-Proxy-Origin: 185.212.170.148; 185.212.170.148; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.133:80
AN-X-Request-Uuid: 0bcc9847-1b80-4c72-83a7-121a971e24a7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
799 B 60ms
27ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.sootoday.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 23:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 28ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sootoday.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 23:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 runtime.2.10.4.js Show response
st.getsitecontrol.com/main/runtime/ 403 KB
93 KB 103ms
36ms Script
application/javascript 185.59.220.197
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://st.getsitecontrol.com/main/runtime/runtime.2.10.4.js
Requested by: Host: widgets.getsitecontrol.com
URL: https://widgets.getsitecontrol.com/128748/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.197 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-185-59-220-197.datapacket.com
Software: BunnyCDN-DE1-487 /
Resource Hash: e99235caac1dc00f2fb631896feceafc55cadc5fd0bfd6cc673da6dac3f59af2

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:40 GMT
content-encoding: br
cdn-edgestorageid: 487
x-amz-request-id: HHDKJ9QNB02ZG9DG
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-04-21 22:59:42
cdn-pullzone: 44631
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: WXR+wEU253LAQYD2RYkz8GOGRvxM/39bnyyv7ZYeg2h9ZPapgwcHuMPN56uKr6WTApIygIFcumA=
access-control-allow-origin: *
last-modified: Mon, 24 Sep 2018 08:05:29 GMT
server: BunnyCDN-DE1-487
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=2592000
cdn-requestid: 128dc1034172334b709e0d8c316f8e9e
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 59 KB
20 KB 102ms
101ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=201627350099855&correlator=1392689111642298&output=ldjh&impl=fifs&eid=31060783%2C31060860&vrg=2021042001&ptt=17&sc=1&sfv=1-0-38&ecs=20210421&iu_parts=5198809%2CNET_Background%2CNET_Alert%2CLocalFeature%2CNET_TopBlock&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=1920x1200%7C1920x800%2C320x50%2C320x50%2C300x600%7C300x250%7C300x300%7C300x120&fluid=0%2Cheight%2Cheight%2C0&eri=1&cust_params=site%3Dwww.sootoday.com%252Csootoday.com%26ContentCategory%3DLanding&cookie_enabled=1&bc=31&abxe=1&lmt=1619046184&dt=1619046220503&dlt=1619046219733&idt=714&frm=20&biw=1600&bih=1200&oid=3&adxs=-160%2C0%2C650%2C980&adys=109%2C0%2C473%2C164&adks=2422289816%2C144140361%2C2798333654%2C2887964220&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sootoday.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1920x1200%7C1600x-1%7C300x0%7C300x600&msz=1920x1200%7C0x-1%7C0x0%7C300x600&ga_vid=1029540144.1619046220&ga_sid=1619046221&ga_hid=1117513169&ga_fc=false&fws=4%2C516%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

cb6063588752ece70de5748b9cae7154baf95d0bdb510eeda93a152887963f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20260
x-xss-protection: 0
google-lineitem-id: 5664528845,5526292015,5660906803,5664528845
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138346776980,138336231886,138345869296,138347483689
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sootoday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 78ms
26ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK freeskreen.min.js Show response
static.freeskreen.com/ba/221/ 4 KB
2 KB 150ms
47ms Script
text/javascript 13.33.139.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.freeskreen.com/ba/221/freeskreen.min.js
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-47.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 185c415b43f0d5e4e90bdc8e8f3d37f1749566d9b05fc3ffea55da54bb5218ed

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: PtBZi6vfKmgs7SN_DfZj9Nt_eYnMV1Td
Content-Encoding: gzip
Last-Modified: Fri, 10 Jul 2020 09:28:30 GMT
Server: AmazonS3
Age: 80969
ETag: "4a7c7f833f112f865f44a5d35c11cd26"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 7845b0ba96346a26acafd704806353e2.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Wed, 21 Apr 2021 00:34:12 GMT
X-Amz-Cf-Pop: CPH50-C2
Accept-Ranges: bytes
Content-Length: 1602
X-Amz-Cf-Id: 69desODARs6-BIIuILMgKjsaDtShbcbGk1CnF1xwMSPeppQp9bm-Hw==

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame CDF1 0
0 51ms
49ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfFbxp2F7mUpwqXqhS1q9KZSvRAyhZ8W90mE5WAR6e-aRbq20FuAMTNxNV7FuwFluK7ToV7vl9yMBK-3djXd15_qqeQic_8c01HWUSfDJ0VDvPi8JY0OBK34RC84Zh3PQwR188GTnGzq6ZukMWslqevAUqb5pu0p9bjk0x5h9sLQ7bVoRqL7GVcvB-pilR3_mN8c9qzhTLWC4urVI81h3K0Ijn4soZMzpXvjhr0mb53w7S1e2QQu4ybEeMHOxLSCHBrZUsOP-RRiM7s6z2i5pCmBoS5CC19H3XBgVl3znaulPe&sai=AMfl-YRxXIsYZ7S9JWt2oyloa9QaZmH6SePvjY1DtKpzRP4gsc1F1FJED43nCyxWOpYjhk4w0UkwEW4jN49947QZYJMWksHNp1lN0HqFfUvPLxJXQl_kKX8owixRy3eoM3k&sig=Cg0ArKJSzFWRAxRBOJToEAE&adurl=

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 23:03:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 21 Apr 2021 23:03:40 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210419/r20110914/client/ Frame CDF1 2 KB
1 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210419/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 22:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 May 2021 22:59:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CDF1 118 KB
36 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Wed, 21 Apr 2021 23:03:40 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame CDF1 0
0 41ms
40ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSB6zRpQqN1UMMuA3LQlHHkTGfV6WhwKCgBsvwk2pmoLz1n03uc7Ha88fgXFJIDPod0deJM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 15391367595715826822
tpc.googlesyndication.com/simgad/ Frame CDF1 134 KB
134 KB 74ms
73ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15391367595715826822

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7c79b90ca2217f0e683c7be848586fadc849707b58631b92edaa5f984b0c9c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:40 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 15:38:21 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137123
x-xss-protection: 0
expires: Thu, 21 Apr 2022 23:03:40 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831909828443"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Wed, 21 Apr 2021 23:03:40 GMT

GET
H3-29 200 container.html Show response
5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DC82 6 KB
3 KB 34ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sootoday.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sootoday.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 21 Apr 2021 23:03:40 GMT
expires: Thu, 21 Apr 2022 23:03:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4CD4 6 KB
3 KB 30ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sootoday.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sootoday.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 21 Apr 2021 23:03:40 GMT
expires: Thu, 21 Apr 2022 23:03:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F0C6 6 KB
3 KB 25ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sootoday.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sootoday.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 21 Apr 2021 23:03:40 GMT
expires: Thu, 21 Apr 2022 23:03:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame CDF1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e0c864ab9a8ae8d6d1bc5c60c539e483190f86841a4b588b485be3be81d9436

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210419/r20110914/ Frame F0C6 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210419/r20110914/abg_lite_fy2019.js

Requested by

Host: 5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
URL: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ef94bf64859083c25bdd7a2d317afc825ac1d2a3e3721239d79dee9a71376cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 3400864208869547588
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 May 2021 23:01:18 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F0C6 22 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
URL: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 17:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18242
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Apr 2022 17:59:38 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F0C6 118 KB
36 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
URL: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Wed, 21 Apr 2021 23:03:40 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4CD4 22 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
URL: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 17:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18242
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Apr 2022 17:59:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4CD4 2 KB
642 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400&lang=en

Requested by

Host: 5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
URL: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 21:22:58 GMT
server: ESF
date: Wed, 21 Apr 2021 23:03:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Apr 2021 23:03:40 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4CD4 118 KB
36 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
URL: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Wed, 21 Apr 2021 23:03:40 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame DC82 22 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
URL: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 17:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18242
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Apr 2022 17:59:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DC82 4 KB
704 B 28ms
27ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&lang=en

Requested by

Host: 5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
URL: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

016b91219c6ed7712bdfed0dfa714b53c5df005847771cddf79e2a3a5d5679ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 21:29:21 GMT
server: ESF
date: Wed, 21 Apr 2021 23:03:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Apr 2021 23:03:40 GMT

GET
H3-29 200 14641470042660233566
tpc.googlesyndication.com/simgad/ Frame DC82 27 KB
27 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14641470042660233566?

Requested by

Host: 5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
URL: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5fe6b9bfd032ba622a01dc91e59767fea29fee8fe952aee35854c5f87a0cd6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:15:37 GMT
x-content-type-options: nosniff
age: 24483
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27139
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 19:04:13 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Apr 2022 16:15:37 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC82 118 KB
36 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
URL: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Wed, 21 Apr 2021 23:03:40 GMT

GET
H2 200 script.js Show response
sb.freeskreen.com/publisher/ 76 KB
22 KB 378ms
271ms Script
text/html 143.204.245.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.freeskreen.com/publisher/script.js?bai=221&ut=&uts=&p_cust_params=ContentCategory%253DLanding%2526site%253Dwww.sootoday.com%252Csootoday.com&flc=&slc=&windowlocation=https%3A%2F%2Fwww.sootoday.com%2F&gdpr=-1&cs=-1
Requested by: Host: static.freeskreen.com
URL: https://static.freeskreen.com/ba/221/freeskreen.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-109.cph50.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 0796c10f1cd266f601dcfa89cb16ebab6c7c5c8c3bceca9f35b2a5e49942d638

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 23:03:41 GMT
content-encoding: gzip
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: CPH50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
via: 1.1 3285fe33cd28bf7e47b10465a4ff411b.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
content-type: text/html;charset=UTF-8
content-length: 22189
x-amz-cf-id: 955bvr0se0HfDjdG7VA2rYn_dzOICCaSh6UNsoP8dfc0w3xgKg4NGg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame CDF1 0
0 96ms
49ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstK3ZLSx3dWwjZuR4cLPSHeiihYRouSnyDx9aOwWkfyUE3W0GOvUcIIbKEGLAYyeM5a4oT4TWk75heFEguyEkBnythQSAUCaQHLZ68WcuMUUnjInodKLrNEqly38zZz8C-v61ABE2qVwviIXpEMdXAJwfynV_u0Js8DBoS2r0vGP4EOhl4KLo_lDZe40ANTZCuXNu_SeIret0MqvQMND8ZDUC4Uk8igS0W5VR-x8B_gLHgcz-wWIIZkHCmAJx9J6fCCcXRXb8HtyB5TQDGI54XREw5Rx2LzYuqVB5kNhKKQ8XTCGa4&sai=AMfl-YSWV-xcAoAfJNDWpRPsPUg4b3O8CxIEuhL9nM3Gq7RZumxwjiJfZH3pIBKN8Ahfe4939npHafS7YHiyDo-I7GaShR4-FVsHXUJEfi-WOkLggvYSF0QLiurkXtZDeMI&sig=Cg0ArKJSzLeN1sOMCR_XEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 23:03:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 21 Apr 2021 23:03:40 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame F0C6 109 KB
38 KB 40ms
7ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: 5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
URL: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
Referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 13:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35593
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Apr 2021 13:10:27 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4CD4 0
0 49ms
49ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0kYSsQ_V8lZK7kPquVCTFqX8SrHkFmX7kNfN3Bm0btMsTUKxUjTpS0JsOTZmFhyp6K7tmLjhjDCchzOuaoJg1SKbPNdZyGAqSyq1U09pXaRo4oj3XQh517zkPgSzVG0K4buNzGWyY__xSUKJ9GUWzHw4FoHbq6rc3bSa1_h7k3zOhbpQzOSGgTHDcapV5eQAjPOUA7MPLy0vuz4h3p4-lgBGNirx69d0P_-nvKi-55XPlYRxmA7lfFFAXgz-5AO4TWxKQGgiBcuic7Nnm7bavr5ZsPp9sZG5VAA3dAfen5w&sai=AMfl-YTLHhpnoBM5L6kGR-EO3DUN2fOzIvlceVwmmYSxv5LS3QQkjnP9WZ5-D7l2QCshh1SLHOzQKKX1xdu_ZdvDVEYMIYMz5nRFj2dO83dQgMc2sjFOJJt64NYJO3dNAmM&sig=Cg0ArKJSzENdhfI1B7FQEAE&urlfix=1&adurl=

Requested by

Host: 5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
URL: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 23:03:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DC82 0
0 48ms
48ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvk1zRwsrBd3gg4Jc2rkELQ0qMKeVBlgKH3YHbaioxM7P-Gzjz3Mu7pI3PvDTwpkvTI1IPChQXhbRmDcoFvZMyW34yZhgAC0lElaxOes9stSjtfM-ooIL7SPFNGrXTLA_PrvCyhOmF7w3OztAktabqQfNh7xtOjSw1RvtnHutgtKkdVUimUU3m-SrHO2Ylp0PUNblm7ZI97JJEIKH52YRfOW7_aw_WYh9NQwFYSBchf56mAE5Gv30nPhGVzWhXGNf5oO1XyCF9t6ZCZ_IE0XbyvKj9B1BVumOPrBeDR9hplDqApA&sai=AMfl-YSPffhwwOUWfWVdL2dWqgJCK7O9cLIo3-qp_WQu2wELZnsc0_ULwCDUWTa3J0yOhJaeppxCXDwbpMkjAqxKyUkrlVfIMEbNpwMVjfPyFqwM7HPoTvuBIu_M6vI1ZTU&sig=Cg0ArKJSzC4xHXGBrnmlEAE&urlfix=1&adurl=

Requested by

Host: 5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
URL: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 23:03:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 currentpot Show response
pyd2ou6a40.execute-api.us-west-2.amazonaws.com/v1/af4e7001/ Frame DC82 29 B
234 B 614ms
204ms XHR
application/json 54.187.70.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pyd2ou6a40.execute-api.us-west-2.amazonaws.com/v1/af4e7001/currentpot
Requested by: Host: 5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
URL: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.70.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-70-188.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 804df63d009b9e50c60a2547b355c3378b0868c494ae7f514a119609080b544c

Request headers

Referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Apr 2021 23:03:41 GMT
x-amzn-requestid: c2a1074d-fd51-4b6e-a105-567107f344f0
x-amz-apigw-id: eKBUGEExvHcFkJw=
x-amzn-trace-id: Root=1-6080af4d-65aa971734fbd71e4965fb5b
content-length: 29
content-type: application/json

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame DC82 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 20:40:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 94982
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Wed, 20 Apr 2022 20:40:38 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ Frame DC82 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 162783
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 20 Apr 2022 01:50:37 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 4CD4 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400&lang=en

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 162783
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 20 Apr 2022 01:50:37 GMT

GET
DATA 200
OK truncated
/ Frame 4CD4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cf8cf575fc12f53e86744e78d6785fb1e3f541b98deebfe4c276d19f830a01c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4CD4 0
0 48ms
48ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvN2xLtWAL6qA0Bo9GeE9OyaFBRNINph26a4-HJWI93K3DppFUrJJ7vNtOxg7iTI1-K8sIANbo4BdP96zKrZ-OqukFiT2GHnKNcaoXk7LyGgWtTtmO7cNyHKgaPP72LPLxG2yaVAaN3v-TKd-FU-wvcdLR3uAW3uGUvf8USfw7KzD9fnEa9Dm8JPf2pt12p77wtR1U2mlvTlJOW5DH1j-W0L1HfaqPQmPKXtFe9Wkg9rEvvve0UF_lVZ8QLor7IhDieCg8zoX1dVUwyDL7Qk9PkDhYSk-bsOsJrQAtDv0E27e5l&sai=AMfl-YTD3cQ95I1MVEnjxqrS-owFkavXOcmuEUcJpnQidAliN3V7O5geJWP2Z8Nsmx5skt6If13BfdgUedgvFWA8UojzWMH7W3NC_dluSYdI8lqq9N2Bww9RL_QqZ0sLs_o&sig=Cg0ArKJSzBHEQNEYWbnoEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 23:03:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 21 Apr 2021 23:03:40 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DC82 0
0 49ms
48ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssP0331jPdXPkmOTjVzw0fBr45-bqLOSeGJ1dUYD54y4sIJhnvv_ScD_zOEUWwB-NhJe5SlP5PLQimKhG8QjfLocbWjoBbQSUJl9kTuhI5KCEttIKG_2p0ibziGc71aainPTmPJWXQ_DPybP3gixXT2gtbjZ02ZlVfriVF1GCAvqPyJFywiHSCAmuRB5Vh8wbCMQlXReXVPvPpgh_Rp6WgOuA0bt-Q4xLZY_t2RGyuT1eaOPJ1tr26C00xe5K9x6n_n_utOig50jtBro-WhLgEEk5jYG30j6QLYtfw4NaIkBuMXyAyg&sai=AMfl-YS0k8DA10TyxKQ-mRpBUz5FUwcxYBucGTqihN6yzD4EHgA9LrsByxZcOulAfrVUeXPH7vhevgTTEXydNBKWniqgNdiW6xyJ-XJ__Dw2oua0ZUrbi3x7S-3HSQByVr8&sig=Cg0ArKJSzJp-qLs6JU-LEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 23:03:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 21 Apr 2021 23:03:40 GMT

GET
DATA 200
OK truncated
/ Frame DC82 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1405dd9252f15e882588de2b2b00fd38c42ca6990225742c48007374451ea827

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 index.html Show response
s0.2mdn.net/dfp/292569/60436809/1619010591777/ Frame 6B19 79 KB
8 KB 33ms
7ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf92d8e9ce7457c461196421d41bee6e0ef911e7a4a828906f4ba496ebb8990

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /dfp/292569/60436809/1619010591777/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 8660
date: Wed, 21 Apr 2021 14:26:58 GMT
expires: Thu, 22 Apr 2021 14:26:58 GMT
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=86400
age: 31003
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F0C6 0
23 B 49ms
48ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsux5k4uvHsfMZq6vlEDsv2i7N1TGxnLHy4m51dpUSrQ5UhhQt4iQdjs542gORnSpvwxjeOSpdBGR3xxY2SjOC95tssnjxBVJ7I9bgiLCODn8-LDdp9ty8mgvnDxeutW0dl8YCQTSpIn2MFEjZnEX0Sh7YPhDTNaumybwwYO6KHz5LBCPoLYTdAFFh7ZpXZkdBVVQR-Z5BI9ygltBQTMCDIXmmQqPFJECWzDBAyy1TQn48_UV3VWzrwxO3XrI3xEPB3u2oqMoQF5ChJf2ql5xqYRTqF0GziCQj6YdPcV0R-ugw&sai=AMfl-YStETmDSZlzyYXNCp49Ql4kgSIe_EsP-rlHR3WPC2l6J4VxnX01o56_6Lt5MLFVZBQwgzcPLCY1VhJ3ueo0SYKcVlrSSuIudTgNQYc4gAQJ6Jtwszw4krWIhL1J-lg&sig=Cg0ArKJSzOXyUdKS7WqLEAE&urlfix=1&adurl=

Requested by

Host: 5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
URL: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 23:03:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 2c9df3b6ae5d2e1ae09853e84aba16da.js Show response
s0.2mdn.net/dfp/292569/60436809/1619010591777/ Frame 6B19 77 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/2c9df3b6ae5d2e1ae09853e84aba16da.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae2e3ad2a6054124ed58885a90e3aed0ebbbd7c2c4386a191adaac7688bad249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31003
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19404
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:58 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 6B19 4 KB
632 B 52ms
49ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400|Open+Sans:800

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/2c9df3b6ae5d2e1ae09853e84aba16da.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

89d8b796a471df6e63ffe88be81dfaf656ecbb57a2ac802d604f697c06b20da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 23:03:41 GMT
server: ESF
date: Wed, 21 Apr 2021 23:03:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Apr 2021 23:03:41 GMT

GET
H3-29 200 859cca3a475088176b0723d8c481f6a0.jpg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 29 KB
29 KB 10ms
7ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/859cca3a475088176b0723d8c481f6a0.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

309df87044a070722e387ec47aeff901f3c31a92bb730e7ce798bbc8f036c045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 13:09:51 GMT
server: sffe
age: 31003
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30068
x-xss-protection: 0
expires: Thu, 22 Apr 2021 14:26:58 GMT

GET
H3-29 200 c57129e1165701bde072212f10ac7491.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 3 KB
2 KB 13ms
10ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/c57129e1165701bde072212f10ac7491.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2f5bc8a65180d6f3e9424a09e9f10fb72eff9d15a9cf654b5630bdb86d6c739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31003
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1585
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:52 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:58 GMT

GET
H3-29 200 efa5bc4b301d093654f4ad18b1c3e804.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 8 KB
3 KB 12ms
9ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/efa5bc4b301d093654f4ad18b1c3e804.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7287f14721ddc10b3ecfeae26dc6c320fd62cff20528f80dc8d12a5b185e244c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31003
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2599
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:52 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:58 GMT

GET
H3-29 200 4b3a3a9d2f075291c10a9a9a5149c34f.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 11 KB
2 KB 12ms
8ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/4b3a3a9d2f075291c10a9a9a5149c34f.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b08d1fac92e955ba986b57a55bcaa1ae1eb8a6c9cffd17a00494face1b1f303c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31003
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2213
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:58 GMT

GET
H3-29 200 0c129a0066b836a12fa9e5f5770f7b02.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 2 KB
1 KB 16ms
13ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/0c129a0066b836a12fa9e5f5770f7b02.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e6d604163cc345483056cd8593466a8af9375c4bb4f9f6a202c61441b8fa54e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31003
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1063
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:58 GMT

GET
H3-29 200 e02dc202fba227f69ad400352ccc26fb.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 2 KB
880 B 16ms
12ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/e02dc202fba227f69ad400352ccc26fb.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1c6b7a056fa555f7dd54d7033604c06a74345bbbcfa3c84d69add4df462cadc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31003
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 856
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:58 GMT

GET
H3-29 200 0a1fb02ad8c996aaa1acaf8bc930039c.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 2 KB
677 B 15ms
12ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/0a1fb02ad8c996aaa1acaf8bc930039c.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b90378ebe0d6165c725f0efa4e9065a64cbe91fdda3a565b8727451c4e80b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31002
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 653
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:59 GMT

GET
H3-29 200 2f44d58ada28e0fcd90fff596bf5e262.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 6 KB
3 KB 14ms
12ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/2f44d58ada28e0fcd90fff596bf5e262.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

737e5510d4698511a225fc64acf8f98cc5f3e1c488298a15bebb936770b19886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31002
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2690
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:52 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:59 GMT

GET
H3-29 200 fe0a43b901380f88df4729cde8779d37.png
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 6 KB
6 KB 13ms
11ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/fe0a43b901380f88df4729cde8779d37.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

781696e53c023c2a7d44bc742cf045638b397c93a2b470251540eb703c4bf867

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 13:09:51 GMT
server: sffe
age: 31003
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6539
x-xss-protection: 0
expires: Thu, 22 Apr 2021 14:26:58 GMT

GET
H3-29 200 3a0b0f4f91ee8754997273d6efe72a90.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 2 KB
916 B 13ms
10ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/3a0b0f4f91ee8754997273d6efe72a90.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c39881fd410d246a4b31dbe51cd3d29808f41dfab1ce8b2c328f7460d34a67c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31003
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 892
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:58 GMT

GET
H3-29 200 c57bb76ae9983e5cd51bbec102a6801b.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 10 KB
4 KB 12ms
10ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/c57bb76ae9983e5cd51bbec102a6801b.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b521dde098cf940542272322b2aa5353dbf7ffa9e1f18d4425ea2709aff6e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31003
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4246
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:52 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:58 GMT

GET
H3-29 200 b43548f8074093c445923719cd45c0f8.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 2 KB
994 B 12ms
10ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/b43548f8074093c445923719cd45c0f8.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd4f666eb3774a35782acac013fc9df9f55c510596dd5e0431da0b8226c84db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31003
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 970
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:58 GMT

GET
H3-29 200 49d24023c5f1b80069a7b5b5a91e9ba9.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 778 B
484 B 11ms
9ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/49d24023c5f1b80069a7b5b5a91e9ba9.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3af25c613adb0ae0cd471b90bce2d32c57653fb09f9efee31cb8e6bdb4bb2f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31003
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 460
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:58 GMT

GET
H3-29 200 0b5ccfe235d765cbd879a8f867e1b7b4.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 1 KB
658 B 7ms
7ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/0b5ccfe235d765cbd879a8f867e1b7b4.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28e1a913101c60f04b4936f25291d355158427d6c98053f0ff9a2ce77f47dc51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31002
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 634
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:59 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 6B19 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400|Open+Sans:800

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75db69592337280529fdc6448185b1cb88a50dbe9b498718f45ba52907e8aba3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:38 GMT
server: sffe
age: 306003
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15088
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 6B19 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400|Open+Sans:800

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 162784
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 20 Apr 2022 01:50:37 GMT

GET
H3-29 200 f327ff260e28aecaa93e0b46c9251472.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 6 KB
2 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/f327ff260e28aecaa93e0b46c9251472.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1e66fe1dcdd659dcb2c720d0995fca81325faad04b0621c602a95a59a748c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31002
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1850
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:52 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:59 GMT

GET
H3-29 200 e0612b69a88bed72ceaa4dc17fa69f3c.png
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 16 KB
16 KB 7ms
7ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/e0612b69a88bed72ceaa4dc17fa69f3c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e1c36345b91728670747e1f28571a1dd9ea4837f6cb0360d5a6eb5c242c6fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 13:09:52 GMT
server: sffe
age: 31002
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16831
x-xss-protection: 0
expires: Thu, 22 Apr 2021 14:26:59 GMT

GET
H3-29 200 9c134adcc3e457196cb13011117383fb.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 1 KB
693 B 9ms
8ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/9c134adcc3e457196cb13011117383fb.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12251c99ad9f14a849bf43ae73292c54ae238c42f6b7bfcbdd32db09aced71c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31002
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 669
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:59 GMT

GET
H3-29 200 da556b8c49aece2852c825924ab2f482.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 10 KB
3 KB 8ms
8ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/da556b8c49aece2852c825924ab2f482.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a13995851155e9d9991e1c9a7b3895f076ebe2edadb7db3ff9cc47360f502b75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31002
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3119
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:52 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:59 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F0C6 0
0 49ms
49ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqb-Mjy7-2i6J385KY_snTLa18dMCQ1sCcgLPLGu5A_cAKOY5qnNFzLFRYrrAdvEL6ZAwSwt4j33GUvs2txOSDzaNUPSEqkQFm-8ZYGO0yV2ATjGLw_KsNcXoQSt5F5bKcxexeWJF8NX-nRDXPY1Pn68FolOoQ_anAqrBIamZm9tiNYdRyesJVWKM5CcukRLQxynor4ysA5MdRJR9HsmyATTyiC1RIBBqd8s_iWAaaS9ES1EfT4fRTzxZQ2CxaZD5tDlWhXz66iOi6KM_YG26UscjBGvN3BSFOV2-EdVYnraUK&sai=AMfl-YT2ipceUM2nMw4jIyaMmBmxlf_8VrYBX3ISmguAR2sMVJNEPChc8AaBVUb1b3j8e4l5_lIkBFBODTElNit5f1PQchBac8_JPjfkXJ-OUyP_w_a8OSbrz-got_a4i5s&sig=Cg0ArKJSzN6Ed948dxZ0EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 23:03:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 21 Apr 2021 23:03:41 GMT

POST
H2 200 me Show response
www.sootoday.com/account/ 124 B
192 B 116ms
115ms XHR
application/json 104.45.152.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/account/me

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/head?v=FxLEHbA1zWldtzXpgNNMn1K8nPzHd3DG6pEldrwRyhI1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.45.152.60 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

203eb082c6c4430d2a855fd5c77f2f115738eb6788187840a6e5e12068a974aa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://www.sootoday.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: ARRAffinity=2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6; ARRAffinitySameSite=2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6; _ga=GA1.2.1029540144.1619046220; _gid=GA1.2.393316705.1619046220; _gat_base=1; _gat_site=1; dmxRegion=false; __RequestVerificationToken=h9YRjQwMzihIVZOyw7CxkjL-hPKB738xdNO2GtadfiDSpOsAXYKPCp4Dg9onBb91fZKL4rHLkPAKL6bUs7SR2rTHdbkPRktdAHRaM8XkeHE1; __gads=ID=3a21ede919bde542-220d688bedc7004e:T=1619046220:S=ALNI_MYD-M4LdQJ9-2cdT3rdoQBiQCESbQ; _gu=feb3e0e3-d0f2-4e96-91a7-d01f4c991b33; _gs=2.s(); _gw=2.u%5B%2C%2C%2C%2C%5Dv%5B~g2d2f%2C~1%2C~0%5Da()
content-length: 0
:path: /account/me
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.sootoday.com
referer: https://www.sootoday.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:40 GMT
cache-control: private
content-length: 124
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 37ms
36ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b17e0576075e7f64117e9fe8527c5e0fd3c81eec1b571ecd1c48b3cbda89b495

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 23:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6582
x-xss-protection: 0

GET
H/1.1 200
OK ac Show response
ww1772.smartadserver.com/ 16 B
433 B 151ms
56ms Script
application/javascript 185.86.137.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1772.smartadserver.com/ac?pgid=662773&insid=7974420&tmstp=2761981296&out=js
Requested by: Host: sb.freeskreen.com
URL: https://sb.freeskreen.com/publisher/script.js?bai=221&ut=&uts=&p_cust_params=ContentCategory%253DLanding%2526site%253Dwww.sootoday.com%252Csootoday.com&flc=&slc=&windowlocation=https%3A%2F%2Fwww.sootoday.com%2F&gdpr=-1&cs=-1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 23:03:40 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sootoday.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/javascript; charset=UTF-8
transfer-encoding: chunked

GET
H2

200

um
sb.freeskreen.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D&cklb=1
https://sb.freeskreen.com/um?sa=450355380182771494

43 B
587 B

98ms
97ms

Image
image/gif

143.204.245.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/um?sa=450355380182771494
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-109.cph50.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 23:03:41 GMT
via: 1.1 3285fe33cd28bf7e47b10465a4ff411b.cloudfront.net (CloudFront)
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: CPH50-C1
x-cache: Miss from cloudfront
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
x-amz-cf-id: j_ousI6MLoifG_PRQRv5NE0nA4dVx9_i7gdzkxosCPeARJGpIslxlA==
expires: -1

Redirect headers

location: https://sb.freeskreen.com/um?sa=450355380182771494
pragma: no-cache
date: Wed, 21 Apr 2021 23:03:41 GMT
cache-control: no-cache,no-store
x-smrt-reason: 5
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

verify
scm.publishers.tremorhub.com/pubsync/
Redirect Chain

https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D

43 B
182 B

88ms
88ms

Image
image/gif

2600:1f18:612b:4200:ae67:61d5:5bef:8e79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:ae67:61d5:5bef:8e79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:41 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

location: pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
date: Wed, 21 Apr 2021 23:03:41 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2

200

um
sb.freeskreen.com/
Redirect Chain

https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID}
https://sb.freeskreen.com/um?ac={$UID}

43 B
646 B

103ms
102ms

Image
image/gif

143.204.245.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/um?ac={$UID}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-109.cph50.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 23:03:41 GMT
via: 1.1 3285fe33cd28bf7e47b10465a4ff411b.cloudfront.net (CloudFront)
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: CPH50-C1
x-cache: Miss from cloudfront
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
x-amz-cf-id: 9_8Edn6KJp820yY8fRSPSNT4ns5Uh8AHaI1lqzG6W292bnbyRwKOsA==
expires: -1

Redirect headers

Location: https://sb.freeskreen.com/um?ac={$UID}
Date: Wed, 21 Apr 2021 23:03:41 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 204 /
loadeu.exelator.com/load/ 0
324 B 97ms
26ms Image
text/plain 18.198.126.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=204&g=1300&j=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:41 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 21 Apr 2021 23:03:41 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 67AB 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sootoday.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sootoday.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 21 Apr 2021 19:45:41 GMT
expires: Thu, 21 Apr 2022 19:45:41 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11880
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame 67AB 14 KB
6 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 13:43:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 33614
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Thu, 21 Apr 2022 13:43:27 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 29ms
29ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042001&jk=201627350099855&bg=!X1ylXBjNAAZUuIlwVLg7ACkAdvg8Wm7tLjnsK3I4YAqYov0SaJSjyU9kHWO_aE6NOxC9F7EQvrCIaQIAAABhUgAAABNoAQcKAYU5UlB1s-Si9mjpnLqxuF2FOk_fJB6TUb2QnkABRQqrSXk0VsOPa2JVmyHfss7vVa_RqhlCpVFfmOsWWXXfoU4GcaaTBriLo-pAomQwSonUcb834j9D9T4aQQs3qqWm-Gc4d4nBTu_F0sPAFCsLhzEJbLu1x-XLHJoKzILMjWh9D-wWNIFVuTrwn-Ph0Ci8XmSugqdM78sZPW99JV-maEw4yjA9ysOIf4kv57bV8lLXF2GrzJVpYaP-HnVwtBh-7GgKEd3G22-oXa-jQrKs4hxZySJJy8ZVyUL2WYtTG9FOTB8D_Ph517a3ILF0P1D3tGE67CDoiomcgHBkUhziakNJ0Bb5wJVVfJx9e_WoO78suzjAT2XFt_5qY5Qp1z9LuVNNjBusdN7CimyZGp5XEUokrkoh233YGVBSZDe4kAqCGpYt89oAHC9VjooSlmuuKQvtNGiJv_m_cN6I0fgQj1z712oRRrl9y_WOq4N4cWudHr3aHyHWGSLxhM0a5-092W58lIgWfZkB3n4zdoFxaEUYuLHC1W_NI0cIODDe9y3kSD3OmUW2v3P5rKTp4MOE8_x-gFJaOhS46giEUwl61u-sICSM2byS6KBZTs1Pa-Uk_vOS_fk6dGP4ZkASg1hGxtAuPXHDAIEYCLkDzBOXhSziF1nJDIT19dlHlu5DfuXycg2UyQL8q_MvSMjIZcNxZyg95L3L0q2GRdwqhhitJLHM9Mx51ZaDg1KSAwtn0WezdRiyBoOwRYV2iv3yrQOAPwIfGQJXBzbhtzuAY-L5vfaZeV1Fyp4lKoCiqd1QRc2rThP5UnEgKb6USiGaxe1xWYyDXpswAe_mfXvQBd7DWWa1phUpmTUzHNX-PP6pY7oBgW8WPfn77d9dcBXwT7i-oEmGzB_aMoHH3nQ7CjeGqmsrkzqqx3zwLLsNO-Mw49_A_3aQeJRcb-4-ZTKqAUHZRf1dSF-Wovo6dgwPQKGoTY5gTJBKLFn61JSdhR5Vb5--_2QJe5VpmOVLWm_PsoDknE_LijiBgqtQX1kvCAgjdP9yhTEzLIOnpP4rXQVx56uvZek6TuTeV7VhO2g9TB8aobi6xFwCSoxMd4dP8uzJlzSkpDlLi-UPGRqtec1YJMx6zKaVRTJsYwW_dQ5BLNQ_qoWzBV1HVbA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 23:03:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CDF1 42 B
64 B 53ms
27ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthT4PDsFfdNUCLulQXzJv6SYB8wYHwawx9QXmQHR4xZKOc9Ax4uvJ5Qk3qLG3toToKi0s1adygOsNyrEGlLVxeS-We-0U9zMivR_lb8dU&sig=Cg0ArKJSzKa1vDqcsZCyEAE&id=lidar2&mcvt=1001&p=0,0,800,1920&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20210419&bin=7&avms=nio&bs=1600,1200&mc=0.83&app=0&itpl=3&adk=2422289816&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&rst=1619046220642&dlt=0&rpt=182&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 23:03:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DC82 42 B
64 B 27ms
27ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzjVCE_2Il4peo2ibMzraiV_Gav7mZldauzNowNS-_q0UfL1ZnnGCaOV6QgWEXsk4wtzhiSdBO_OJM3tB55Z4fuR186bh7SBQbpdORDwA&sig=Cg0ArKJSzCguiQormn4tEAE&id=lidar2&mcvt=1000&p=473,650,811,950&mtos=510,1000,1000,1000,1000&tos=510,490,0,0,0&v=20210419&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=7&adk=2798333654&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619046220650&dlt=59&rpt=303&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 23:03:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4CD4 42 B
64 B 27ms
26ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszOULvNY8dqISqD9ZaHyBsPMmmeQRJTaAgXKDU9E8C4MnMejClgipl9UdFcKoITVlzF2eUJ_LvPj4I1QV-uK8bDQ8bAN8x652bpojBa6g&sig=Cg0ArKJSzJijn6cZRr66EAE&id=lidar2&mcvt=1001&p=0,0,28,1600&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210419&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=7&adk=144140361&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1619046220654&dlt=52&rpt=295&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 23:03:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F0C6 42 B
64 B 28ms
28ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUKyZ2hv1IgFGkLkpTdA0YGooiekb4BX5V55ecV_uhDxq-tZv8Y7RRtK3XC18hiZHr8KKOGtqr4PYeUC3M2xJoKbuHGu6AnpZAXHulgGY&sig=Cg0ArKJSzIhXM_O3ZQ37EAE&id=lidar2&mcvt=1000&p=164,980,764,1280&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210419&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=2887964220&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1619046220658&dlt=45&rpt=287&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 23:03:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 c57129e1165701bde072212f10ac7491.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 3 KB
2 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/c57129e1165701bde072212f10ac7491.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/2c9df3b6ae5d2e1ae09853e84aba16da.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2f5bc8a65180d6f3e9424a09e9f10fb72eff9d15a9cf654b5630bdb86d6c739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31009
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1585
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:52 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:58 GMT

GET
H3-29 200 4b3a3a9d2f075291c10a9a9a5149c34f.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 11 KB
2 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/4b3a3a9d2f075291c10a9a9a5149c34f.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/2c9df3b6ae5d2e1ae09853e84aba16da.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b08d1fac92e955ba986b57a55bcaa1ae1eb8a6c9cffd17a00494face1b1f303c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31009
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2213
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:58 GMT

GET
H3-29 200 0c129a0066b836a12fa9e5f5770f7b02.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 2 KB
1 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/0c129a0066b836a12fa9e5f5770f7b02.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/2c9df3b6ae5d2e1ae09853e84aba16da.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e6d604163cc345483056cd8593466a8af9375c4bb4f9f6a202c61441b8fa54e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31009
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1063
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:58 GMT

GET
H3-29 200 e02dc202fba227f69ad400352ccc26fb.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 2 KB
880 B 8ms
7ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/e02dc202fba227f69ad400352ccc26fb.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/2c9df3b6ae5d2e1ae09853e84aba16da.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1c6b7a056fa555f7dd54d7033604c06a74345bbbcfa3c84d69add4df462cadc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31009
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 856
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:58 GMT

GET
H3-29 200 0a1fb02ad8c996aaa1acaf8bc930039c.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 2 KB
677 B 9ms
8ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/0a1fb02ad8c996aaa1acaf8bc930039c.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/2c9df3b6ae5d2e1ae09853e84aba16da.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b90378ebe0d6165c725f0efa4e9065a64cbe91fdda3a565b8727451c4e80b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31008
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 653
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:59 GMT

GET
H3-29 200 2f44d58ada28e0fcd90fff596bf5e262.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 6 KB
3 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/2f44d58ada28e0fcd90fff596bf5e262.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/2c9df3b6ae5d2e1ae09853e84aba16da.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

737e5510d4698511a225fc64acf8f98cc5f3e1c488298a15bebb936770b19886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31008
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2690
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:52 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:59 GMT

GET
H3-29 200 859cca3a475088176b0723d8c481f6a0.jpg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 29 KB
29 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/859cca3a475088176b0723d8c481f6a0.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

309df87044a070722e387ec47aeff901f3c31a92bb730e7ce798bbc8f036c045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 13:09:51 GMT
server: sffe
age: 31009
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30068
x-xss-protection: 0
expires: Thu, 22 Apr 2021 14:26:58 GMT

GET
H3-29 200 e0612b69a88bed72ceaa4dc17fa69f3c.png
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 16 KB
16 KB 8ms
8ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/e0612b69a88bed72ceaa4dc17fa69f3c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e1c36345b91728670747e1f28571a1dd9ea4837f6cb0360d5a6eb5c242c6fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 13:09:52 GMT
server: sffe
age: 31008
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16831
x-xss-protection: 0
expires: Thu, 22 Apr 2021 14:26:59 GMT

GET
H3-29 200 0b5ccfe235d765cbd879a8f867e1b7b4.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 1 KB
658 B 8ms
8ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/0b5ccfe235d765cbd879a8f867e1b7b4.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28e1a913101c60f04b4936f25291d355158427d6c98053f0ff9a2ce77f47dc51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31008
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 634
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:59 GMT

GET
H3-29 200 bc0d5032ddaf4e5dc703d5bd0516aa00.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 6 KB
2 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/bc0d5032ddaf4e5dc703d5bd0516aa00.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b0bf11308525d71c8c02a26959d8855eca9341a8ccb7e1063150cfd24c8302

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:27:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31002
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2345
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:52 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:27:05 GMT

GET
H3-29 200 35e94f87aa7fce448da3951a7a90328d.png
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 14 KB
14 KB 9ms
8ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/35e94f87aa7fce448da3951a7a90328d.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1263b38218fd17502edd53ef7516ec5a170e00b04898c4a7f5e09f2d773dcfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:27:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 13:09:52 GMT
server: sffe
age: 31002
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14814
x-xss-protection: 0
expires: Thu, 22 Apr 2021 14:27:05 GMT

GET
H3-29 200 4776ac5c61cdb1e0603dff609ead3649.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 3 KB
1 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/4776ac5c61cdb1e0603dff609ead3649.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e805a486047afbc5b6613f4b0b30c63f4eca5f4ed37f9c953ba8b928758ed2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:27:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31002
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1017
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:27:05 GMT

GET
H3-29 200 ecb045cd02d8286275412268c14de773.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 10 KB
3 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ecb045cd02d8286275412268c14de773.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3025a4b914b491c1bdb60ec896d66beee1c627269d14f16c87568d57d04c8816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:27:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31002
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3256
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:52 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:27:05 GMT

GET
H2 200 c57129e1165701bde072212f10ac7491.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 3 KB
2 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/c57129e1165701bde072212f10ac7491.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/2c9df3b6ae5d2e1ae09853e84aba16da.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2f5bc8a65180d6f3e9424a09e9f10fb72eff9d15a9cf654b5630bdb86d6c739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31015
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1585
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:52 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:58 GMT

GET
H2 200 4b3a3a9d2f075291c10a9a9a5149c34f.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 11 KB
2 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/4b3a3a9d2f075291c10a9a9a5149c34f.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/2c9df3b6ae5d2e1ae09853e84aba16da.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b08d1fac92e955ba986b57a55bcaa1ae1eb8a6c9cffd17a00494face1b1f303c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31015
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2213
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:58 GMT

GET
H2 200 0c129a0066b836a12fa9e5f5770f7b02.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 2 KB
1 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/0c129a0066b836a12fa9e5f5770f7b02.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/2c9df3b6ae5d2e1ae09853e84aba16da.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e6d604163cc345483056cd8593466a8af9375c4bb4f9f6a202c61441b8fa54e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31015
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1063
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:58 GMT

GET
H2 200 e02dc202fba227f69ad400352ccc26fb.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 2 KB
919 B 8ms
8ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/e02dc202fba227f69ad400352ccc26fb.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/2c9df3b6ae5d2e1ae09853e84aba16da.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1c6b7a056fa555f7dd54d7033604c06a74345bbbcfa3c84d69add4df462cadc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31015
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 856
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:58 GMT

GET
H2 200 0a1fb02ad8c996aaa1acaf8bc930039c.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 2 KB
716 B 8ms
7ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/0a1fb02ad8c996aaa1acaf8bc930039c.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/2c9df3b6ae5d2e1ae09853e84aba16da.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b90378ebe0d6165c725f0efa4e9065a64cbe91fdda3a565b8727451c4e80b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31014
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 653
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:59 GMT

GET
H2 200 2f44d58ada28e0fcd90fff596bf5e262.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 6 KB
3 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/2f44d58ada28e0fcd90fff596bf5e262.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/2c9df3b6ae5d2e1ae09853e84aba16da.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

737e5510d4698511a225fc64acf8f98cc5f3e1c488298a15bebb936770b19886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31014
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2690
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:52 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:59 GMT

GET
H2 200 859cca3a475088176b0723d8c481f6a0.jpg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 29 KB
29 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/859cca3a475088176b0723d8c481f6a0.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

309df87044a070722e387ec47aeff901f3c31a92bb730e7ce798bbc8f036c045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 13:09:51 GMT
server: sffe
age: 31015
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30068
x-xss-protection: 0
expires: Thu, 22 Apr 2021 14:26:58 GMT

GET
H2 200 35e94f87aa7fce448da3951a7a90328d.png
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 14 KB
15 KB 11ms
11ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/35e94f87aa7fce448da3951a7a90328d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1263b38218fd17502edd53ef7516ec5a170e00b04898c4a7f5e09f2d773dcfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:27:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 13:09:52 GMT
server: sffe
age: 31008
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14814
x-xss-protection: 0
expires: Thu, 22 Apr 2021 14:27:05 GMT

GET
H2 200 0b5ccfe235d765cbd879a8f867e1b7b4.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 1 KB
697 B 11ms
11ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/0b5ccfe235d765cbd879a8f867e1b7b4.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28e1a913101c60f04b4936f25291d355158427d6c98053f0ff9a2ce77f47dc51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31014
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 634
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:26:59 GMT

GET
H3-29 200 b81c5564a8354cf71a8677b473845e32.png
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 14 KB
14 KB 9ms
8ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/b81c5564a8354cf71a8677b473845e32.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

250530dc1c75e0713115b6169c76184b54fccbef914c8dc2d524cd25f866d9fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:27:11 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 13:09:52 GMT
server: sffe
age: 31002
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14124
x-xss-protection: 0
expires: Thu, 22 Apr 2021 14:27:11 GMT

GET
H3-29 200 e6becd58148a7c0779b2f5554a844e0d.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 10 KB
3 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/e6becd58148a7c0779b2f5554a844e0d.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdbe60028bb158749279b0e9d2538e715c2db57cc62c2f6aa7d0ed33f12c7ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31002
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3253
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:52 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:27:11 GMT

GET
H3-29 200 20fec5dfff282f68989d26d5ba3e2d70.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 2 KB
998 B 8ms
7ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/20fec5dfff282f68989d26d5ba3e2d70.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4862d78999ec58ab4cec035982a890f81d9e434c96dfde0bf3a8c1ce9f36fa7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31002
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 974
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:27:11 GMT

GET
H3-29 200 f1a9f3580a65a9db9c22155f12b8a65e.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 10 KB
3 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/f1a9f3580a65a9db9c22155f12b8a65e.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

926559c77806960124f4c18ac6504b0d11a612936d12ae48b08a7063a41182a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31002
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3173
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:52 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:27:11 GMT

GET
H3-29 200 6e5a057296c4008b38d7f4ca86df7b17.svg
s0.2mdn.net/dfp/292569/60436809/1619010591777/media/ Frame 6B19 2 KB
727 B 9ms
8ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/292569/60436809/1619010591777/media/6e5a057296c4008b38d7f4ca86df7b17.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19919bc00d94c839e9dfc03e637685cd941868e9097322968606cd009ab6eb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/292569/60436809/1619010591777/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31002
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 703
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 13:09:53 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 14:27:11 GMT

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.sootoday.com/	1970-01-20 02:29:42	Name: _gu Value: feb3e0e3-d0f2-4e96-91a7-d01f4c991b33
.sootoday.com/	1970-01-20 03:05:42	Name: __gads Value: ID=3a21ede919bde542-220d688bedc7004e:T=1619046220:S=ALNI_MYD-M4LdQJ9-2cdT3rdoQBiQCESbQ
www.sootoday.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: h9YRjQwMzihIVZOyw7CxkjL-hPKB738xdNO2GtadfiDSpOsAXYKPCp4Dg9onBb91fZKL4rHLkPAKL6bUs7SR2rTHdbkPRktdAHRaM8XkeHE1
www.sootoday.com/	1969-12-31 23:59:59	Name: _gs Value: 2.s()
www.sootoday.com/	1969-12-31 23:59:59	Name: dmxRegion Value: false
.sootoday.com/	1970-01-19 17:44:06	Name: _gat_site Value: 1
.www.sootoday.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6
.sootoday.com/	1970-01-19 17:45:32	Name: _gid Value: GA1.2.393316705.1619046220
.sootoday.com/	1970-01-19 17:44:06	Name: _gat_base Value: 1
www.sootoday.com/	1970-01-20 02:29:42	Name: _gw Value: 2.u%5B%2C%2C%2C%2C%5Dv%5B~g2d2f%2C~1%2C~0%5Da()
.sootoday.com/	1970-01-20 11:15:18	Name: _ga Value: GA1.2.1029540144.1619046220
.www.sootoday.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5593a88e6799fd5d9217f45bcd5e0151.safeframe.googlesyndication.com
adservice.google.ch
adservice.google.com
cdn.districtm.ca
cdn.districtm.io
cs.admanmedia.com
dmx.districtm.io
fonts.googleapis.com
fonts.gstatic.com
loadeu.exelator.com
pagead2.googlesyndication.com
pyd2ou6a40.execute-api.us-west-2.amazonaws.com
s0.2mdn.net
sb.freeskreen.com
sb.scorecardresearch.com
scm.publishers.tremorhub.com
secure.adnxs.com
securepubads.g.doubleclick.net
st.getsitecontrol.com
static.freeskreen.com
stats.g.doubleclick.net
sync.smartadserver.com
tpc.googlesyndication.com
widgets.getsitecontrol.com
ww1772.smartadserver.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.sootoday.com
www.vmcdn.ca
104.16.190.66
104.45.152.60
13.224.102.122
13.224.102.55
13.33.139.47
143.204.245.109
172.217.18.98
18.198.126.47
185.33.220.243
185.59.220.197
185.86.137.113
185.86.138.143
2600:1f18:612b:4200:ae67:61d5:5bef:8e79
2606:4700::6812:633c
2a00:1450:4001:801::2006
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:400c:c0a::9c
54.187.70.188
62.113.194.12
88.214.206.142
00cc6a65b16ad240fd8efc1563a5a803f338a727cf3b8d16658c1873a28ad8f3
016b91219c6ed7712bdfed0dfa714b53c5df005847771cddf79e2a3a5d5679ac
0796c10f1cd266f601dcfa89cb16ebab6c7c5c8c3bceca9f35b2a5e49942d638
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
12251c99ad9f14a849bf43ae73292c54ae238c42f6b7bfcbdd32db09aced71c0
1263b38218fd17502edd53ef7516ec5a170e00b04898c4a7f5e09f2d773dcfa7
1405dd9252f15e882588de2b2b00fd38c42ca6990225742c48007374451ea827
185c415b43f0d5e4e90bdc8e8f3d37f1749566d9b05fc3ffea55da54bb5218ed
19919bc00d94c839e9dfc03e637685cd941868e9097322968606cd009ab6eb30
1dd325a220a7467f132797a6275d92a9a9b30c8f3134db1065ee4eda684baa92
1e805a486047afbc5b6613f4b0b30c63f4eca5f4ed37f9c953ba8b928758ed2e
203eb082c6c4430d2a855fd5c77f2f115738eb6788187840a6e5e12068a974aa
250530dc1c75e0713115b6169c76184b54fccbef914c8dc2d524cd25f866d9fa
28e1a913101c60f04b4936f25291d355158427d6c98053f0ff9a2ce77f47dc51
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dd2ef26debf40e0edd9a62277cddf59a939b4026c8805af018fbea29496a62b
2e0c864ab9a8ae8d6d1bc5c60c539e483190f86841a4b588b485be3be81d9436
3025a4b914b491c1bdb60ec896d66beee1c627269d14f16c87568d57d04c8816
309df87044a070722e387ec47aeff901f3c31a92bb730e7ce798bbc8f036c045
32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0
361a44881097f7833bbf4346278ea77c9c56033682fdab64feffe9bb57b5eaf5
3af25c613adb0ae0cd471b90bce2d32c57653fb09f9efee31cb8e6bdb4bb2f3f
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
4862d78999ec58ab4cec035982a890f81d9e434c96dfde0bf3a8c1ce9f36fa7c
4a2e306828a92d84c3843cfceb70366475a2416cd04ea0c3fb47c0d36d7eb53f
4a62b7cdfad36dc3c581a99af319074d974d4a1b2edbe1c940f091fd2890d2ed
4bbada45fd68ad952c7630330f2a543b374aa0dff02b612ed8637b09b6cef8ae
4e6d604163cc345483056cd8593466a8af9375c4bb4f9f6a202c61441b8fa54e
55d0d1077f3e72c5a378e1d7c81e2d035c856665e9ecdefc9a9dd1cbcc33d69b
5e1c36345b91728670747e1f28571a1dd9ea4837f6cb0360d5a6eb5c242c6fdf
608f3783666e8dcffb74eb2b51f94b5c5409f636194d9957093cece2a87aabd1
60b90378ebe0d6165c725f0efa4e9065a64cbe91fdda3a565b8727451c4e80b1
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69855d4ae024622d9cfba6a6320cf3fffd5fb27e9e9637b398adbb5a174d8b54
6b521dde098cf940542272322b2aa5353dbf7ffa9e1f18d4425ea2709aff6e1e
6bd9af57b5df81645bad552188b945e7c4265eb3602f7ded00297e7eb77bf064
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
7188423c548d0761358ba2b6570354989e3f98f7318ed998adfb04e063c05915
7287f14721ddc10b3ecfeae26dc6c320fd62cff20528f80dc8d12a5b185e244c
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
737e5510d4698511a225fc64acf8f98cc5f3e1c488298a15bebb936770b19886
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
75db69592337280529fdc6448185b1cb88a50dbe9b498718f45ba52907e8aba3
781696e53c023c2a7d44bc742cf045638b397c93a2b470251540eb703c4bf867
785d653df2645599aae40b2bdb678026626afaa365b1fd2819d45d956fab8983
7c39881fd410d246a4b31dbe51cd3d29808f41dfab1ce8b2c328f7460d34a67c
7ef94bf64859083c25bdd7a2d317afc825ac1d2a3e3721239d79dee9a71376cd
804df63d009b9e50c60a2547b355c3378b0868c494ae7f514a119609080b544c
808db1bf825f5443891d09825a7b655d27fb6bbb64b8135508a3e123947f40a2
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89d8b796a471df6e63ffe88be81dfaf656ecbb57a2ac802d604f697c06b20da8
926559c77806960124f4c18ac6504b0d11a612936d12ae48b08a7063a41182a7
97cff47a8a080b0ab18840b3bf5b49ecc091f4d4aaedf54697f8757cf4c2c59b
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9cf8cf575fc12f53e86744e78d6785fb1e3f541b98deebfe4c276d19f830a01c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a13995851155e9d9991e1c9a7b3895f076ebe2edadb7db3ff9cc47360f502b75
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2aca9aa200ad3e4dd9afcd27fd2bd5b272a5d297e9f85d708394857ca6a1ffe
a4575d812d72edb37a297e4c1ab31883a3bba95005b02bc45ac11b9d1e838ad1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8af28940ea946193aed53324832707eba46b6ea7daec272138ce27a4c4a98ad
ab33bb269f5d469aaa053c29777d536ee3579be104a6e16d922c95af5f40ba1d
ae2e3ad2a6054124ed58885a90e3aed0ebbbd7c2c4386a191adaac7688bad249
af563f200f2c8b6087cfe0072e4a713b3fdfbb3e83ec480988181be88ce5b31a
b07a7ccaa61260fd76bb674350367128a36673fb5853d73186e89d371fca9e0d
b08d1fac92e955ba986b57a55bcaa1ae1eb8a6c9cffd17a00494face1b1f303c
b17e0576075e7f64117e9fe8527c5e0fd3c81eec1b571ecd1c48b3cbda89b495
b1c6b7a056fa555f7dd54d7033604c06a74345bbbcfa3c84d69add4df462cadc
b4f8753d3655fe3de6533aed4897c61e194205f443ac8d7bfe9e2b6b20d653d1
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
bb83e6c7cf4aa041bcc51c81777e0e24484164c096c675bc0c8728f507eb943f
c08e016b80f14f2d35c29215f8fa0d8fb3f1bd72ef2e343cd683a50e25e8b456
c1e66fe1dcdd659dcb2c720d0995fca81325faad04b0621c602a95a59a748c2c
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
c50d66e1f625525c9d0da8d144ec80efae45ae8283c84909eadea38812d2e346
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c8b0bb81aa4d93740b114b22cf88d3c5952349e01fb55aa27f98fbbea32c11f3
cb6063588752ece70de5748b9cae7154baf95d0bdb510eeda93a152887963f4d
d4626a22c2af8c95f8143af91c42fac2242da36ef36139912f72c2d85d373482
d5fe6b9bfd032ba622a01dc91e59767fea29fee8fe952aee35854c5f87a0cd6d
ddd4f666eb3774a35782acac013fc9df9f55c510596dd5e0431da0b8226c84db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e456005a29f457efade69b61cc5e22c8965ebb7bdf94376a5f9b0b61796ebf2f
e7c79b90ca2217f0e683c7be848586fadc849707b58631b92edaa5f984b0c9c4
e99235caac1dc00f2fb631896feceafc55cadc5fd0bfd6cc673da6dac3f59af2
ecf92d8e9ce7457c461196421d41bee6e0ef911e7a4a828906f4ba496ebb8990
ed553521f58b3e3b3424aae7c0168f0a5b10df5db5238c4d70ed17de43a25012
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606
f1b0bf11308525d71c8c02a26959d8855eca9341a8ccb7e1063150cfd24c8302
f2f5bc8a65180d6f3e9424a09e9f10fb72eff9d15a9cf654b5630bdb86d6c739
f81a52671a832c4051f7a059a4bd6bcf2648116dbef5e5b2c3abfa1ee9cd8e3d
fcaf21bbe168c477bff8b2ce347cae211b29ece05127c87d5bdb200c0afd498c
fdbe60028bb158749279b0e9d2538e715c2db57cc62c2f6aa7d0ed33f12c7ad5

www.sootoday.com Open in urlscan Pro 104.45.152.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

149 Requests

100 %HTTPS

55 %IPv6

23 Domains

31 Subdomains

32 IPs

6 Countries

1584 kBTransfer

3131 kBSize

12 Cookies

39 Outgoing links

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sootoday.com Open in urlscan Pro
104.45.152.60 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

100 %
HTTPS

55 %
IPv6

23
Domains

31
Subdomains

32
IPs

6
Countries

1584 kB
Transfer

3131 kB
Size

12
Cookies

149 HTTP transactions
4 data transactions