Submitted URL: http://greenfieldreporter.com/
Effective URL: http://www.greenfieldreporter.com/
Submission: On August 13 via manual from US

Summary

This website contacted 42 IPs in 4 countries across 36 domains to perform 256 HTTP transactions. The main IP is 2a04:4e42:3::204, located in United States and belongs to FASTLY, US. The main domain is www.greenfieldreporter.com.
This is the only time www.greenfieldreporter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.217.161.101 16509 (AMAZON-02)
36 2a04:4e42:3::204 54113 (FASTLY)
9 2606:2800:233... 15133 (EDGECAST)
1 13.82.152.48 8075 (MICROSOFT...)
19 2600:9000:210... 16509 (AMAZON-02)
4 2.18.234.190 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
9 34.193.255.24 14618 (AMAZON-AES)
28 2a00:1450:400... 15169 (GOOGLE)
1 151.101.1.26 54113 (FASTLY)
1 2.18.232.28 16625 (AKAMAI-AS)
22 142.250.185.226 15169 (GOOGLE)
1 65.9.73.122 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
1 172.67.75.166 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 52.6.83.111 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
38 2a00:1450:400... 15169 (GOOGLE)
2 70.42.32.63 22075 (AS-OUTBRAIN)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.224.89.214 16509 (AMAZON-02)
1 52.217.110.76 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.72 13414 (TWITTER)
4 13.85.16.224 8075 (MICROSOFT...)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 2a03:2880:f00... 32934 (FACEBOOK)
6 52.217.67.84 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 7 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 91.228.74.134 16509 (AMAZON-02)
2 2 35.244.174.68 15169 (GOOGLE)
5 142.250.186.98 15169 (GOOGLE)
1 34.98.67.61 15169 (GOOGLE)
2 2 35.227.252.103 15169 (GOOGLE)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
1 1 69.173.144.138 26667 (RUBICONPR...)
3 7 104.75.88.126 16625 (AKAMAI-AS)
2 13.69.106.211 8075 (MICROSOFT...)
256 42
Apex Domain
Subdomains
Transfer
69 googlesyndication.com
b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
888 KB
37 greenfieldreporter.com
greenfieldreporter.com
www.greenfieldreporter.com
751 KB
27 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
238 KB
20 cloudfront.net
d1bdhkmqqz901h.cloudfront.net
d1wa9546y9kg0n.cloudfront.net
169 KB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
203 KB
12 google.com
adservice.google.com
apis.google.com
www.google.com
24 KB
12 googletagservices.com
www.googletagservices.com
396 KB
11 friends2follow.com
greenfieldreporter.friends2follow.com
tracking.friends2follow.com
antifraudjs.friends2follow.com
148 KB
7 amazonaws.com
paywall-ad-bucket.s3.amazonaws.com
friends2follow-us.s3.amazonaws.com
88 KB
5 addthis.com
m.addthis.com
s7.addthis.com Failed
107 KB
4 azurewebsites.net
prod-aim-proxy-connext.azurewebsites.net
2 KB
4 googleapis.com
fonts.googleapis.com
3 KB
4 google.de
adservice.google.de
1 KB
4 outbrain.com
widgets.outbrain.com
widget-pixels.outbrain.com
64 KB
3 twitter.com
platform.twitter.com
syndication.twitter.com
133 KB
3 cheqzone.com
ob.cheqzone.com
obs.cheqzone.com
21 KB
3 ayc0zsm69431gfebd.xyz
cdn.ayc0zsm69431gfebd.xyz
221 KB
3 outbrainimg.com
tcheck.outbrainimg.com
log.outbrainimg.com
1 KB
3 azureedge.net
loader-cdn.azureedge.net
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
248 KB
2 visualstudio.com
dc.services.visualstudio.com
556 B
2 addthisedge.com
m.addthisedge.com
1 KB
2 pubmatic.com
image6.pubmatic.com
1 KB
2 openx.net
rtb.openx.net
758 B
2 rlcdn.com
id.rlcdn.com
885 B
2 fbcdn.net
scontent-iad3-1.xx.fbcdn.net
121 KB
2 msecnd.net
az416426.vo.msecnd.net
44 KB
1 rubiconproject.com
pixel.rubiconproject.com
461 B
1 mookie1.com
odr.mookie1.com
324 B
1 quantserve.com
cms.quantserve.com
464 B
1 facebook.com
www.facebook.com
1 KB
1 googletagmanager.com
www.googletagmanager.com
33 KB
1 db-ip.com
api-mg2.db-ip.com
1 KB
1 sbgsodufuosmmvsdf.info
cdn.sbgsodufuosmmvsdf.info
2 KB
1 polyfill.io
polyfill.io
588 B
1 google-analytics.com
www.google-analytics.com
112 B
1 windows.net
prodmg2.blob.core.windows.net
143 KB
256 36
Domain Requested by
38 tpc.googlesyndication.com securepubads.g.doubleclick.net
b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
36 www.greenfieldreporter.com www.greenfieldreporter.com
27 pagead2.googlesyndication.com b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
az416426.vo.msecnd.net
19 d1bdhkmqqz901h.cloudfront.net www.greenfieldreporter.com
12 www.googletagservices.com www.greenfieldreporter.com
securepubads.g.doubleclick.net
b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
11 fonts.gstatic.com fonts.googleapis.com
11 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.greenfieldreporter.com
b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
8 greenfieldreporter.friends2follow.com www.greenfieldreporter.com
greenfieldreporter.friends2follow.com
7 www.google.com 2 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
6 friends2follow-us.s3.amazonaws.com www.greenfieldreporter.com
5 cm.g.doubleclick.net www.greenfieldreporter.com
googleads.g.doubleclick.net
4 prod-aim-proxy-connext.azurewebsites.net cdn.ayc0zsm69431gfebd.xyz
4 fonts.googleapis.com greenfieldreporter.friends2follow.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
4 b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 s7.addthis.com www.greenfieldreporter.com
3 cdn.ayc0zsm69431gfebd.xyz loader-cdn.azureedge.net
cdn.ayc0zsm69431gfebd.xyz
3 widgets.outbrain.com www.greenfieldreporter.com
widgets.outbrain.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 m.addthis.com 1 redirects
2 m.addthisedge.com 1 redirects
2 image6.pubmatic.com 2 redirects
2 rtb.openx.net 2 redirects
2 id.rlcdn.com 2 redirects
2 scontent-iad3-1.xx.fbcdn.net www.greenfieldreporter.com
2 platform.twitter.com www.greenfieldreporter.com
platform.twitter.com
2 log.outbrainimg.com widgets.outbrain.com
2 tracking.friends2follow.com greenfieldreporter.friends2follow.com
www.greenfieldreporter.com
2 obs.cheqzone.com ob.cheqzone.com
www.greenfieldreporter.com
2 az416426.vo.msecnd.net loader-cdn.azureedge.net
cdn.ayc0zsm69431gfebd.xyz
1 pixel.rubiconproject.com 1 redirects
1 odr.mookie1.com googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 www.gstatic.com googleads.g.doubleclick.net
1 www.facebook.com greenfieldreporter.friends2follow.com
1 syndication.twitter.com platform.twitter.com
1 apis.google.com greenfieldreporter.friends2follow.com
1 paywall-ad-bucket.s3.amazonaws.com www.greenfieldreporter.com
1 d1wa9546y9kg0n.cloudfront.net cdn.ayc0zsm69431gfebd.xyz
1 www.googletagmanager.com g2insights-cdn.azureedge.net
1 antifraudjs.friends2follow.com greenfieldreporter.friends2follow.com
1 api-mg2.db-ip.com fp-cdn.azureedge.net
1 ob.cheqzone.com widgets.outbrain.com
1 g2insights-cdn.azureedge.net loader-cdn.azureedge.net
1 fp-cdn.azureedge.net loader-cdn.azureedge.net
1 cdn.sbgsodufuosmmvsdf.info loader-cdn.azureedge.net
1 widget-pixels.outbrain.com www.greenfieldreporter.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 polyfill.io loader-cdn.azureedge.net
1 www.google-analytics.com www.greenfieldreporter.com
1 prodmg2.blob.core.windows.net www.greenfieldreporter.com
1 loader-cdn.azureedge.net www.greenfieldreporter.com
1 greenfieldreporter.com 1 redirects
256 55
Subject Issuer Validity Valid
sni22a5dgl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1
2020-11-03 -
2021-11-07
a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01
2021-05-17 -
2022-05-17
a year crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA
2021-05-25 -
2022-06-01
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
friends2follow.com
Amazon
2020-12-11 -
2022-01-09
a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020
2021-06-04 -
2022-07-06
a year crt.sh
*.outbrainimg.com
DigiCert SHA2 Secure Server CA
2021-05-04 -
2022-05-09
a year crt.sh
sni22a5egl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1
2020-11-03 -
2021-11-07
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2020-04-16 -
2022-04-21
2 years crt.sh
sni1ad09gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2019-11-22 -
2021-12-01
2 years crt.sh
sni1ad03gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2019-11-22 -
2021-12-01
2 years crt.sh
sni9642gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1
2021-02-20 -
2022-03-22
a year crt.sh
*.cheqzone.com
Amazon
2021-02-21 -
2022-03-22
a year crt.sh
*.google.de
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.google.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
obs.cheqzone.com
R3
2021-08-13 -
2021-11-11
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-05 -
2021-11-09
a year crt.sh
*.apis.google.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
*.azurewebsites.net
Microsoft RSA TLS CA 01
2020-09-28 -
2021-09-28
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-07-20 -
2021-10-18
3 months crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2
2021-01-11 -
2022-02-11
a year crt.sh
www.google.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA
2020-10-02 -
2021-10-07
a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-22 -
2022-03-25
a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2021-04-25 -
2022-04-27
a year crt.sh
in.applicationinsights.azure.com
Microsoft RSA TLS CA 01
2021-07-22 -
2022-07-22
a year crt.sh

This page contains 30 frames:

Primary Page: http://www.greenfieldreporter.com/
Frame ID: C35A8235E8E090FA53C25B33031E3AD9
Requests: 96 HTTP requests in this frame

Frame: https://greenfieldreporter.friends2follow.com/f2f/widget/async/socialstack/73/0/12/140/1/1/1/9/9/1?click=&cache=
Frame ID: 8C17F759A48071CB27AA89B9C159D3D3
Requests: 30 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: E908733F661073DAC575F93BCAF9359E
Requests: 2 HTTP requests in this frame

Frame: https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E8758E560573FB4EE2940182950E5E0F
Requests: 1 HTTP requests in this frame

Frame: https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1046C16EB52695A3CF9794C7D3F40262
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSngUn69LzBoQHcF4GysXoBnJ5GbxHoKgXuPXU_S27PrWfWv8axyek3N4NpP-nYbBUfLJizFxqXkytYqnMEZgeW_6UB5G6YPjXe3RKhHaioU0Wv6BPpNZYhCYBHJEyKpykmEVbyx0ZJ3pkEie3WGxU9WMc144rkQ0My3grKjehxwIS5AS_7jc93OEABkQfVnR81vPZbYu8UWISucgJxziNU1fAV8YWuuOhZ6x-yoykzzXSCHPw7dKtU0hav7f42AU45Dg__CXnHetONEZKGNqQP99YNqFd5eUWSkxbAJqoyeTU7dLYy2IkTfNfvg22vc2qwxOhveBW&sai=AMfl-YRkQX1f8dsQlJlcoPR0z5LQRSn4Mil4FQ-ig6sbit_Rb6SJyF78ZfWJaIzkknEIBYxO54FpzQuX2wcIbphkgr_chbGX1DdwsIRuwZg7jzUoTXsqzqvwvbG3GtV8eXdm&sig=Cg0ArKJSzKNCHF33NXbPEAE&adurl=
Frame ID: 4DA8C364331F65CE78DC10AF878CDBF9
Requests: 7 HTTP requests in this frame

Frame: https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5DCCDFB7AC4D9BB4312CB4A96B63A18F
Requests: 14 HTTP requests in this frame

Frame: https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0AAC72C2C57333DF2E34424002F0A2CE
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html
Frame ID: 7FF0517477B69E632547EDC44231233B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=4276895084&adk=1395521969&adf=3173046727&pi=t.ma~as.4276895084&w=300&psa=0&format=300x250&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248886&bpp=3&bdt=301&idt=122&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2888767822576&frm=24&ife=3&pv=2&ga_vid=411336925.1628870249&ga_sid=1628870249&ga_hid=2055035991&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2620777031&scr_x=-12245933&scr_y=-12245933&eid=44748449%2C20211866%2C31062297&oid=3&pvsid=4085466409989513&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.e91g8foak7hk&fsb=1&dtd=138
Frame ID: B30571450E2B873D55D885790C3D9F38
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=1211748044&adk=3016629187&adf=3173046726&pi=t.ma~as.1211748044&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248909&bpp=2&bdt=317&idt=145&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2048775415397&frm=24&ife=3&pv=2&ga_vid=1102279058.1628870249&ga_sid=1628870249&ga_hid=1423830209&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062178%2C31062297&oid=3&pvsid=769119180703108&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.g9yxv37fb1n6&fsb=1&dtd=150
Frame ID: 74983DA029777E452A0B4388C24D4671
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=6229514277&adk=3921771909&adf=3173046729&pi=t.ma~as.6229514277&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248945&bpp=1&bdt=358&idt=119&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=3368534226065&frm=24&ife=3&pv=2&ga_vid=174578696.1628870249&ga_sid=1628870249&ga_hid=837287916&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=242847332390508&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.1k4brr5o2jj0&fsb=1&dtd=125
Frame ID: FA29F08420D06286B5C7EAB3A61226EE
Requests: 9 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fgreenfieldreporter.friends2follow.com
Frame ID: 12473180CFAEF7192C8C6BEE694C4F58
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F169226043087676&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
Frame ID: D797DEE5AD5D9196DD7B85102E0CA2FE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0E82B337421BBE4058CED4FB81ABD7A2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html
Frame ID: 4435B423E9C1D5C9D383C61DA53DD896
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 01DA619F3B6EA0B027169A5F3087CB57
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js
Frame ID: B3BC18E75EC098716CB94564C0B1B176
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html
Frame ID: 6018ECBCEC91C297E0AADE7226B603AC
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 038C5D1283ED3E14179E63303B2CD439
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 69A6716C8501F97B322737E4419F3037
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4C39F4CA98B78660CE3132692BC0850D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 231AE088C90944A9DC97AF7A93DFF4E4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 748368FF4C71C0224E047BDADDF893E3
Requests: 1 HTTP requests in this frame

Frame: http://s7.addthis.com/static/sh.54c6626dbe9f22c083627c06.html
Frame ID: 576D8A60B01D720A9984B41114855FE7
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.54c6626dbe9f22c083627c06.html
Frame ID: 42F27C7D953385041B4D4C960CA3B01F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A5552FB58D2A2D853850D6F1CF0A34F5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 506D5A5506D1367796891BECFD15B158
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B3271A580EF6991B2B733C376AFC2360
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A495FC72EF4197154FA15B10A3F49D8F
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://greenfieldreporter.com/ HTTP 301
    http://www.greenfieldreporter.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

256
Requests

78 %
HTTPS

46 %
IPv6

36
Domains

55
Subdomains

42
IPs

4
Countries

4051 kB
Transfer

11531 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://greenfieldreporter.com/ HTTP 301
    http://www.greenfieldreporter.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • http://www.google-analytics.com/r/collect?v=1&_v=j47&a=1003808106&t=pageview&_s=1&dl=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ul=en-us&de=UTF-8&dt=Daily%20Reporter%20%E2%80%93%20Nobody%20covers%20Hancock%20County%20like%20the%20Daily%20Reporter&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AEAAAEABI~&jid=1033524054&cid=554517979.1628870248&tid=UA-5000778-1&_r=1&z=792448150 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j47&a=1003808106&t=pageview&_s=1&dl=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ul=en-us&de=UTF-8&dt=Daily%20Reporter%20%E2%80%93%20Nobody%20covers%20Hancock%20County%20like%20the%20Daily%20Reporter&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AEAAAEABI~&jid=1033524054&cid=554517979.1628870248&tid=UA-5000778-1&_r=1&z=792448150
Request Chain 190
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJo_JWNjsgd-rM4sBXFqBOVKeZMHpci1gPosUp_Mgljzc6wkVskohtXqYrAG0nf8WfkzouZemjG7u564WRNtZoxCwskkYo&google_gid=CAESEHGzlKnZ1DlZMqUHw5LFlFM&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOms2ogGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBKb19KV05qc2dkLXJNNHNCWEZxQk9WS2VaTUhwY2kxZ1Bvc1VwX01nbGp6YzZ3a1Zza29odFhxWXJBRzBuZjhXZmt6b3VaZW1qRzd1NTY0V1JOdFpveEN3c2trWW8 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMUJqdURSMGExWG5uTmp2WTZ6TWRmazZEaVNtRjktck0tT1dWSFd5aDBnVQ==&google_push
Request Chain 192
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGomtww1hP72Dyb1fmWms2E&google_cver=1&google_push=AYg5qPL4A5mKKtqBzBwaMQWcqOw1pqs0cPabeW3Urzut3b_kNwY3lMyUHk5LODE0o5Y7wPx3TPQGR72B3G1w-NS_KaV7oqJoBVmf HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGomtww1hP72Dyb1fmWms2E&google_cver=1&google_push=AYg5qPL4A5mKKtqBzBwaMQWcqOw1pqs0cPabeW3Urzut3b_kNwY3lMyUHk5LODE0o5Y7wPx3TPQGR72B3G1w-NS_KaV7oqJoBVmf&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL4A5mKKtqBzBwaMQWcqOw1pqs0cPabeW3Urzut3b_kNwY3lMyUHk5LODE0o5Y7wPx3TPQGR72B3G1w-NS_KaV7oqJoBVmf&google_hm=LCAenGt3zE0RcAozvPT0oQ==
Request Chain 193
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPTMtZmt4zDJ6ay__NxU2aI&google_cver=1&google_push=AYg5qPIAtQR_CM1JAzef8LjlFNzhA50r9v6GQTelKe9LiUlnjI16cGd57vgqo3QfJzI6TeUpj7w8FOgbRA3qiCUZjPj7xZqsUh0 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPTMtZmt4zDJ6ay__NxU2aI&google_cver=1&google_push=AYg5qPIAtQR_CM1JAzef8LjlFNzhA50r9v6GQTelKe9LiUlnjI16cGd57vgqo3QfJzI6TeUpj7w8FOgbRA3qiCUZjPj7xZqsUh0&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IYHJ-cu3S3mMTzaa7ZniTg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIAtQR_CM1JAzef8LjlFNzhA50r9v6GQTelKe9LiUlnjI16cGd57vgqo3QfJzI6TeUpj7w8FOgbRA3qiCUZjPj7xZqsUh0
Request Chain 194
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELrJzl7i3j0kk6flaXlALOQ&google_cver=1&google_push=AYg5qPLDHEtXsEsuozMCxThdskfeXGtrepuLVOQBty6uhN9mKfHeBDbwW9zl7otQ-RH8VFBtzyY3m5RjieoClvT9aoqscPiwPniC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NBSkFHSFotMU4tQkJMQQ==&google_push=AYg5qPLDHEtXsEsuozMCxThdskfeXGtrepuLVOQBty6uhN9mKfHeBDbwW9zl7otQ-RH8VFBtzyY3m5RjieoClvT9aoqscPiwPniC
Request Chain 195
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELEYoq1mz6laeKNo33tHyjg&google_cver=1&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVrVqKs1USHg- HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELEYoq1mz6laeKNo33tHyjg&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVrVqKs1USHg-&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVrVqKs1USHg-&google_cver=1&google_gid=CAESELEYoq1mz6laeKNo33tHyjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVrVqKs1USHg-&google_cver=1&google_gid=CAESELEYoq1mz6laeKNo33tHyjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVrVqKs1USHg-&google_cver=1&google_gid=CAESELEYoq1mz6laeKNo33tHyjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVrVqKs1USHg-&google_cver=1&google_gid=CAESELEYoq1mz6laeKNo33tHyjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVrVqKs1USHg-&google_cver=1&google_gid=CAESELEYoq1mz6laeKNo33tHyjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVrVqKs1USHg-&google_cver=1&google_gid=CAESELEYoq1mz6laeKNo33tHyjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVrVqKs1USHg-&google_cver=1&google_gid=CAESELEYoq1mz6laeKNo33tHyjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVrVqKs1USHg-&google_cver=1&google_gid=CAESELEYoq1mz6laeKNo33tHyjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVrVqKs1USHg-&google_cver=1&google_gid=CAESELEYoq1mz6laeKNo33tHyjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVrVqKs1USHg-&google_cver=1&google_gid=CAESELEYoq1mz6laeKNo33tHyjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVrVqKs1USHg-&google_cver=1&google_gid=CAESELEYoq1mz6laeKNo33tHyjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVrVqKs1USHg-&google_cver=1&google_gid=CAESELEYoq1mz6laeKNo33tHyjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVrVqKs1USHg-&google_cver=1&google_gid=CAESELEYoq1mz6laeKNo33tHyjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVrVqKs1USHg-&google_cver=1&google_gid=CAESELEYoq1mz6laeKNo33tHyjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVrVqKs1USHg-&google_cver=1&google_gid=CAESELEYoq1mz6laeKNo33tHyjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVrVqKs1USHg-&google_cver=1&google_gid=CAESELEYoq1mz6laeKNo33tHyjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVrVqKs1USHg-&google_cver=1&google_gid=CAESELEYoq1mz6laeKNo33tHyjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVrVqKs1USHg-&google_cver=1&google_gid=CAESELEYoq1mz6laeKNo33tHyjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVrVqKs1USHg-&google_cver=1&google_gid=CAESELEYoq1mz6laeKNo33tHyjg
Request Chain 204
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 228
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 242
  • http://m.addthisedge.com/live/boost/ra-52b4a11e59fc3f6d/_ate.track.config_resp HTTP 302
  • https://m.addthisedge.com/live/boost/ra-52b4a11e59fc3f6d/_ate.track.config_resp
Request Chain 243
  • http://m.addthis.com/live/red_lojson/300lo.json?si=61169668801eacd0&bkl=0&bl=1&sid=61169668801eacd0&pub=ra-52b4a11e59fc3f6d&rev=v7.8.6-wp&ln=en&pc=men&cb=0&ab=-&dp=www.greenfieldreporter.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1628870250004&jsl=1&uvs=611696687998abc4000&skipb=1&callback=addthis.cbs.oln9_98898962815760140 HTTP 302
  • https://m.addthis.com/live/red_lojson/300lo.json?si=61169668801eacd0&bkl=0&bl=1&sid=61169668801eacd0&pub=ra-52b4a11e59fc3f6d&rev=v7.8.6-wp&ln=en&pc=men&cb=0&ab=-&dp=www.greenfieldreporter.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1628870250004&jsl=1&uvs=611696687998abc4000&skipb=1&callback=addthis.cbs.oln9_98898962815760140
Request Chain 245
  • http://s7.addthis.com/static/sh.54c6626dbe9f22c083627c06.html HTTP 308
  • https://s7.addthis.com/static/sh.54c6626dbe9f22c083627c06.html
Request Chain 264
  • http://s7.addthis.com/static/layers.136713430e8d2517734e.js HTTP 307
  • https://s7.addthis.com/static/layers.136713430e8d2517734e.js

256 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.greenfieldreporter.com/
Redirect Chain
  • http://greenfieldreporter.com/
  • http://www.greenfieldreporter.com/
119 KB
18 KB
Document
General
Full URL
http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b4c341aaecc72f090e18ce3fc29c104fcfd8adb27e31f46f71d7266d6832264f

Request headers

Host
www.greenfieldreporter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Content-Type
text/html; charset=UTF-8
X-Robots-Tag
index,follow,noarchive
Content-Language
en
Cache-Control
public, max-age=120
Pragma
public
X-SRCache-Fetch-Status
HIT
X-SRCache-Store-Status
BYPASS
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Content-Length
17408
Accept-Ranges
bytes
Date
Fri, 13 Aug 2021 15:57:27 GMT
Age
23
Connection
keep-alive
X-Served-By
cache-mdw17354-MDW, cache-fra19170-FRA
X-Cache
HIT, MISS
X-Cache-Hits
1, 0
X-Timer
S1628870247.107259,VS0,VE106
Vary
Accept-Encoding

Redirect headers

x-amz-id-2
mzi6R4aafpSpiFW8ACAPu2u+6Cenv5lI89q4iYgr97dzzMzKx3sC2gdHa6VhoErtBCTorALUvpc=
x-amz-request-id
KSWPS6XC92AK440K
Date
Fri, 13 Aug 2021 15:57:28 GMT
Location
http://www.greenfieldreporter.com/
Server
AmazonS3
Content-Length
0
events_manager.css
www.greenfieldreporter.com/wp-content/plugins/events-manager/includes/css/
16 KB
4 KB
Stylesheet
General
Full URL
http://www.greenfieldreporter.com/wp-content/plugins/events-manager/includes/css/events_manager.css
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
31c214d8a4efb2d50baaee8356c0c6bbeba0d536d4dab0d602d479a60dda1cba

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
727427
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3986
X-Served-By
cache-mdw17362-MDW, cache-fra19170-FRA
Access-Control-Allow-Origin
*
Last-Modified
Mon, 23 Oct 2017 20:33:48 GMT
Server
nginx
X-Timer
S1628870247.228106,VS0,VE1
ETag
"59ee522c-40d3"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
1, 1
js_composer.min.css
www.greenfieldreporter.com/wp-content/plugins/js_composer/assets/css/
711 KB
57 KB
Stylesheet
General
Full URL
http://www.greenfieldreporter.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1eb8b0b461886b58a6d7a704ffc72912c4268363deecd5c963ed266c0fd709fd

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
709152
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
58090
X-Served-By
cache-mdw17320-MDW, cache-fra19160-FRA
Access-Control-Allow-Origin
*
Last-Modified
Mon, 06 Jun 2016 19:33:28 GMT
Server
nginx
X-Timer
S1628870247.233248,VS0,VE1
ETag
"5755d008-b1c11"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
1, 1
style.css
www.greenfieldreporter.com/wp-content/themes/Newspaper/
461 KB
57 KB
Stylesheet
General
Full URL
http://www.greenfieldreporter.com/wp-content/themes/Newspaper/style.css
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b97cbd1c9d7651291f6c80205703d7bacf4881dfd56a1751605eb9857223777c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
2538980
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
57929
X-Served-By
cache-mdw17346-MDW, cache-fra19174-FRA
Access-Control-Allow-Origin
*
Last-Modified
Thu, 26 May 2016 18:10:44 GMT
Server
nginx
X-Timer
S1628870247.233727,VS0,VE1
ETag
"57473c24-732e6"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
1, 1
jquery.js
www.greenfieldreporter.com/wp-includes/js/jquery/
95 KB
34 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-includes/js/jquery/jquery.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
132153fc8ff2cbe5c6cecc682083658bd1d0faaaa5730cb2b7598d63f8cbde13

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
3132309
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
33833
X-Served-By
cache-mdw17334-MDW, cache-fra19170-FRA
Access-Control-Allow-Origin
*
Last-Modified
Sun, 29 May 2016 19:25:44 GMT
Server
nginx
X-Timer
S1628870247.234829,VS0,VE1
ETag
"574b4238-17bb1"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
1, 1
jquery-migrate.min.js
www.greenfieldreporter.com/wp-includes/js/jquery/
9 KB
4 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f6412288a06f5b354674ebf8b3b1c732f40567f536bed66d859ddf69a0ace4ff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
2002888
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3885
X-Served-By
cache-mdw17377-MDW, cache-fra19129-FRA
Access-Control-Allow-Origin
*
Last-Modified
Sun, 29 May 2016 19:25:44 GMT
Server
nginx
X-Timer
S1628870247.235876,VS0,VE1
ETag
"574b4238-25a1"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
2, 1
core.min.js
www.greenfieldreporter.com/wp-includes/js/jquery/ui/
4 KB
2 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-includes/js/jquery/ui/core.min.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
191622240e7646a2e888eb318557bcca854828b59b5b2e960545ee08ae142382

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
1330382
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
1823
X-Served-By
cache-mdw17346-MDW, cache-fra19162-FRA
Access-Control-Allow-Origin
*
Last-Modified
Fri, 12 Feb 2016 19:02:34 GMT
Server
nginx
X-Timer
S1628870247.235665,VS0,VE1
ETag
"56be2c4a-f9d"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
1, 1
widget.min.js
www.greenfieldreporter.com/wp-includes/js/jquery/ui/
7 KB
3 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-includes/js/jquery/ui/widget.min.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf70d14e543cc6d2c59a90614f84c34d4dcd6d0a66813cf5a046a249a3d1a2a3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
2531844
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
2601
X-Served-By
cache-mdw17359-MDW, cache-fra19171-FRA
Access-Control-Allow-Origin
*
Last-Modified
Fri, 12 Feb 2016 19:02:34 GMT
Server
nginx
X-Timer
S1628870247.236572,VS0,VE1
ETag
"56be2c4a-1b01"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
1, 1
position.min.js
www.greenfieldreporter.com/wp-includes/js/jquery/ui/
6 KB
3 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-includes/js/jquery/ui/position.min.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ac0d8dae396eed714b53c15ed0d4e8699fe0809b91da48fb1075a6403cc8b65

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
722379
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
2563
X-Served-By
cache-mdw17381-MDW, cache-fra19162-FRA
Access-Control-Allow-Origin
*
Last-Modified
Fri, 12 Feb 2016 19:02:34 GMT
Server
nginx
X-Timer
S1628870247.244670,VS0,VE1
ETag
"56be2c4a-197f"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
21, 1
mouse.min.js
www.greenfieldreporter.com/wp-includes/js/jquery/ui/
3 KB
2 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-includes/js/jquery/ui/mouse.min.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6a873ec2fcf8748b20c3794ca506fa4c4de97073e553e30c77d860faef12ca31

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
1326763
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
1025
X-Served-By
cache-mdw17357-MDW, cache-fra19171-FRA
Access-Control-Allow-Origin
*
Last-Modified
Fri, 12 Feb 2016 19:02:34 GMT
Server
nginx
X-Timer
S1628870247.244994,VS0,VE0
ETag
"56be2c4a-c4f"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
1, 2
sortable.min.js
www.greenfieldreporter.com/wp-includes/js/jquery/ui/
24 KB
7 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-includes/js/jquery/ui/sortable.min.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e2cd4914edda4d5f8a0562d5137cbf98fb89d2286d33b89f720571dc584834d6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
1931855
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
6551
X-Served-By
cache-mdw17343-MDW, cache-fra19129-FRA
Access-Control-Allow-Origin
*
Last-Modified
Fri, 12 Feb 2016 19:02:34 GMT
Server
nginx
X-Timer
S1628870247.245918,VS0,VE1
ETag
"56be2c4a-6150"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
1, 1
datepicker.min.js
www.greenfieldreporter.com/wp-includes/js/jquery/ui/
36 KB
11 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-includes/js/jquery/ui/datepicker.min.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dc569104765dc63add573c1e2256369b5330d5a252efae5cb8b4c531dca84100

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
1923958
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
11011
X-Served-By
cache-mdw17347-MDW, cache-fra19170-FRA
Access-Control-Allow-Origin
*
Last-Modified
Fri, 12 Feb 2016 19:02:34 GMT
Server
nginx
X-Timer
S1628870247.245926,VS0,VE1
ETag
"56be2c4a-8eb6"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
1, 1
menu.min.js
www.greenfieldreporter.com/wp-includes/js/jquery/ui/
9 KB
3 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-includes/js/jquery/ui/menu.min.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1e1a77f9f30b38dc1bd684a10c1bda12b47b498992553ea78c4ca6f7eb14781e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
1317326
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
2847
X-Served-By
cache-mdw17371-MDW, cache-fra19174-FRA
Access-Control-Allow-Origin
*
Last-Modified
Fri, 12 Feb 2016 19:02:34 GMT
Server
nginx
X-Timer
S1628870247.246979,VS0,VE1
ETag
"56be2c4a-2580"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
2, 1
wp-a11y.min.js
www.greenfieldreporter.com/wp-includes/js/
643 B
932 B
Script
General
Full URL
http://www.greenfieldreporter.com/wp-includes/js/wp-a11y.min.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
71b245301927acbc68a3cbfcae185df3c246d46b3156d21af04b7a309ede01b7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
3131646
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
361
X-Served-By
cache-mdw17353-MDW, cache-fra19160-FRA
Access-Control-Allow-Origin
*
Last-Modified
Fri, 12 Feb 2016 19:02:34 GMT
Server
nginx
X-Timer
S1628870247.247487,VS0,VE1
ETag
"56be2c4a-283"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
4, 1
autocomplete.min.js
www.greenfieldreporter.com/wp-includes/js/jquery/ui/
8 KB
3 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-includes/js/jquery/ui/autocomplete.min.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c4234f93bd894572069745f51d2804d462c5a392ff47993fb592e420fa9b76a1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
3132289
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
2872
X-Served-By
cache-mdw17370-MDW, cache-fra19171-FRA
Access-Control-Allow-Origin
*
Last-Modified
Fri, 12 Feb 2016 19:02:34 GMT
Server
nginx
X-Timer
S1628870247.253750,VS0,VE1
ETag
"56be2c4a-2062"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
2, 1
resizable.min.js
www.greenfieldreporter.com/wp-includes/js/jquery/ui/
18 KB
6 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-includes/js/jquery/ui/resizable.min.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3a5031e567b8e2746e312346fd42a28e53585747550a1c1545822ef3fb1246cb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
1937003
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
5273
X-Served-By
cache-mdw17335-MDW, cache-fra19162-FRA
Access-Control-Allow-Origin
*
Last-Modified
Fri, 12 Feb 2016 19:02:34 GMT
Server
nginx
X-Timer
S1628870247.254294,VS0,VE1
ETag
"56be2c4a-47fc"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
22, 1
draggable.min.js
www.greenfieldreporter.com/wp-includes/js/jquery/ui/
18 KB
5 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-includes/js/jquery/ui/draggable.min.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3ad6569f439422f0263c3471356a5ded62df94a689f308c6ca906b907408a605

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
723590
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
5013
X-Served-By
cache-mdw17355-MDW, cache-fra19174-FRA
Access-Control-Allow-Origin
*
Last-Modified
Fri, 12 Feb 2016 19:02:34 GMT
Server
nginx
X-Timer
S1628870247.254613,VS0,VE1
ETag
"56be2c4a-49da"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
5040, 1
button.min.js
www.greenfieldreporter.com/wp-includes/js/jquery/ui/
7 KB
3 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-includes/js/jquery/ui/button.min.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
26984d8013ad2ad66660f5f0a36618d084230786b139b0b95b665ff879fdd717

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
1330316
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
2080
X-Served-By
cache-mdw17381-MDW, cache-fra19160-FRA
Access-Control-Allow-Origin
*
Last-Modified
Fri, 12 Feb 2016 19:02:34 GMT
Server
nginx
X-Timer
S1628870247.254733,VS0,VE1
ETag
"56be2c4a-1c51"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
1, 1
dialog.min.js
www.greenfieldreporter.com/wp-includes/js/jquery/ui/
12 KB
4 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-includes/js/jquery/ui/dialog.min.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6d900c437f03dff77033a65462cae784791ceb56620f3ffcc846eed71d29b0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
709321
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3697
X-Served-By
cache-mdw17323-MDW, cache-fra19129-FRA
Access-Control-Allow-Origin
*
Last-Modified
Fri, 12 Feb 2016 19:02:34 GMT
Server
nginx
X-Timer
S1628870247.255098,VS0,VE1
ETag
"56be2c4a-2f6c"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
2, 1
events-manager.js
www.greenfieldreporter.com/wp-content/plugins/events-manager/includes/js/
50 KB
13 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-content/plugins/events-manager/includes/js/events-manager.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7dc46bf2c9857125c6fecd128c0e201bab4b2e4841abed12d6c1b262040d5513

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
1330382
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
12440
X-Served-By
cache-mdw17355-MDW, cache-fra19170-FRA
Access-Control-Allow-Origin
*
Last-Modified
Mon, 23 Oct 2017 20:33:50 GMT
Server
nginx
X-Timer
S1628870247.254916,VS0,VE1
ETag
"59ee522e-c9b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
2, 1
loader.min.js
loader-cdn.azureedge.net/prod/aim/
38 KB
11 KB
Script
General
Full URL
https://loader-cdn.azureedge.net/prod/aim/loader.min.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FBF) /
Resource Hash
75d28062099453a9c361ad464883b915ef7746363942dba858b7dcfdc2d9e526

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Aug 2021 15:57:27 GMT
content-encoding
gzip
content-md5
F6s4JKhy3yc+C0NBr5lGmw==
age
1282
x-cache
HIT
content-length
10852
x-ms-lease-status
unlocked
last-modified
Tue, 20 Apr 2021 15:06:51 GMT
server
ECAcc (frc/8FBF)
etag
0x8D9040DED3FF911
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
22610647-f01e-0138-7258-902173000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
script.js
www.greenfieldreporter.com/wp-content/plugins/GreenField/
2 KB
1 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-content/plugins/GreenField/script.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dad73df3a611649cc5af1d62326aaf63d1f99f171de7727f63a521de74a1e921

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
2003313
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
588
X-Served-By
cache-mdw17335-MDW, cache-fra19171-FRA
Access-Control-Allow-Origin
*
Last-Modified
Mon, 17 May 2021 20:02:58 GMT
Server
nginx
X-Timer
S1628870247.260391,VS0,VE1
ETag
"60a2cbf2-7f9"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
2, 1
localize.js
www.greenfieldreporter.com/wp-content/plugins/GreenField/
0
543 B
Script
General
Full URL
http://www.greenfieldreporter.com/wp-content/plugins/GreenField/localize.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Via
1.1 varnish, 1.1 varnish
Age
1929294
X-Cache
HIT, HIT
X-Cache-Hits
1, 1
Connection
keep-alive
Content-Length
0
X-Served-By
cache-mdw17370-MDW, cache-fra19160-FRA
Last-Modified
Mon, 17 May 2021 20:02:58 GMT
Server
nginx
X-Timer
S1628870247.263016,VS0,VE1
ETag
"60a2cbf2-0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Accept-Ranges
bytes
Expires
Thu, 31 Dec 2037 23:55:55 GMT
mg2nw.min.js
prodmg2.blob.core.windows.net/newsletterwidget/aim/
142 KB
143 KB
Script
General
Full URL
https://prodmg2.blob.core.windows.net/newsletterwidget/aim/mg2nw.min.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.82.152.48 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
953d92a07a626c6dec91932a1215fa2ba08d055d23399dbb90c44e1500c438d4

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 13 Aug 2021 15:57:27 GMT
Last-Modified
Wed, 11 Aug 2021 20:36:29 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
zNVd3kfk69jLZ8/5dXmLIQ==
ETag
0x8D95D07B2C33641
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
10ef8e00-f01e-0111-0b5b-905731000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
145531
2013-Daily-Reporter-logos.png
www.greenfieldreporter.com/wp-content/files/sites/11/2019/06/
22 KB
22 KB
Image
General
Full URL
http://www.greenfieldreporter.com/wp-content/files/sites/11/2019/06/2013-Daily-Reporter-logos.png
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9d067f10c8442292344bc0dbddaf5533e200c7b519e19caea61978638d2721b6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Via
1.1 varnish, 1.1 varnish
Age
3741421
X-Cache
HIT, HIT
X-Cache-Hits
221, 178
Connection
keep-alive
Content-Length
22292
X-Served-By
cache-mdw17373-MDW, cache-fra19160-FRA
Last-Modified
Tue, 25 Jun 2019 19:32:25 GMT
Server
nginx
X-Timer
S1628870247.375332,VS0,VE0
ETag
"5d1276c9-5714"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Accept-Ranges
bytes
Expires
Thu, 31 Dec 2037 23:55:55 GMT
thumbnail.jpg
d1bdhkmqqz901h.cloudfront.net/534x462/smart/http://www.greenfieldreporter.com/wp-content/themes/Newspaper/images/no-thumb/
3 KB
3 KB
Image
General
Full URL
https://d1bdhkmqqz901h.cloudfront.net/534x462/smart/http://www.greenfieldreporter.com/wp-content/themes/Newspaper/images/no-thumb/thumbnail.jpg
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:3200:1a:714c:dd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
08e0754743ae23d475bbe7af40b8b7f72939fdc57c6cf3279876d6cf0e7602a2

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 03:08:55 GMT
via
1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
server
nginx/1.4.6 (Ubuntu)
age
478637
etag
"4252b4f69296d8a7fdecc752d5d7e06ca1d1416d"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000,public
x-amz-cf-pop
AMS1-C1
content-length
3025
x-amz-cf-id
hOKG8qewF1q4IDuz-eGyb2enw4RECt1yNOtPw6SFM9QuGSFYoY4HVg==
expires
Tue, 07 Sep 2021 03:08:55 GMT
thumbnail.jpg
d1bdhkmqqz901h.cloudfront.net/533x261/smart/http://www.greenfieldreporter.com/wp-content/themes/Newspaper/images/no-thumb/
2 KB
2 KB
Image
General
Full URL
https://d1bdhkmqqz901h.cloudfront.net/533x261/smart/http://www.greenfieldreporter.com/wp-content/themes/Newspaper/images/no-thumb/thumbnail.jpg
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:3200:1a:714c:dd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
e6eb56b3ad53ca666383c0d6adcc5b350c69e6baa7a0e84159d0bdbfc5389320

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 03:17:06 GMT
via
1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
server
nginx/1.4.6 (Ubuntu)
age
996543
etag
"4d7b4cf51c2eaf31ce9147692df0dfa6ea64bd23"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000,public
x-amz-cf-pop
AMS1-C1
content-length
2141
x-amz-cf-id
0dBjxgj7r4WUdDo86k4AlOaoozzNgcsLU2WqJhui7sJkBYMEmvA6VQ==
expires
Wed, 01 Sep 2021 03:17:06 GMT
thumbnail.jpg
d1bdhkmqqz901h.cloudfront.net/265x198/smart/http://www.greenfieldreporter.com/wp-content/themes/Newspaper/images/no-thumb/
1 KB
2 KB
Image
General
Full URL
https://d1bdhkmqqz901h.cloudfront.net/265x198/smart/http://www.greenfieldreporter.com/wp-content/themes/Newspaper/images/no-thumb/thumbnail.jpg
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:3200:1a:714c:dd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
aaff39d300845b787ff11390a5532525a596ef35590ff9ae45289f35e18f448a

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 03:17:06 GMT
via
1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
server
nginx/1.4.6 (Ubuntu)
age
996543
etag
"0a2e546f11463cad3a56285a604cdc4a0a03bbb1"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000,public
x-amz-cf-pop
AMS1-C1
content-length
1331
x-amz-cf-id
EzX7iwmA_JkjUdCrwnV7k-NPMXCsArE7r6oA_nQsESPMGVXEpsvOkg==
expires
Wed, 01 Sep 2021 03:17:06 GMT
thumbnail.jpg
d1bdhkmqqz901h.cloudfront.net/100x70/smart/http://www.greenfieldreporter.com/wp-content/themes/Newspaper/images/no-thumb/
720 B
1 KB
Image
General
Full URL
https://d1bdhkmqqz901h.cloudfront.net/100x70/smart/http://www.greenfieldreporter.com/wp-content/themes/Newspaper/images/no-thumb/thumbnail.jpg
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:3200:1a:714c:dd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
ce514bf49fc8d78a676c4420fee48b71c0b0a467e641d1d818a70486ba227344

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 03:08:55 GMT
via
1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
server
nginx/1.4.6 (Ubuntu)
age
478637
etag
"6af1ff51920b0a9fd728d58feaee3d2f844e29a7"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000,public
x-amz-cf-pop
AMS1-C1
content-length
720
x-amz-cf-id
1WkB_e1Bfc4CB-N9uyOqnrl2n1Bh2SmNeu21rr-q8h_S-SPPFTegJA==
expires
Tue, 07 Sep 2021 03:08:55 GMT
thumbnail.jpg
d1bdhkmqqz901h.cloudfront.net/218x150/smart/http://www.greenfieldreporter.com/wp-content/themes/Newspaper/images/no-thumb/
1 KB
1 KB
Image
General
Full URL
https://d1bdhkmqqz901h.cloudfront.net/218x150/smart/http://www.greenfieldreporter.com/wp-content/themes/Newspaper/images/no-thumb/thumbnail.jpg
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:3200:1a:714c:dd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
7d779cde6b0fc8288d59c873a728628488b3d896bfb2ef9d02b0c0b06e7cf676

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 03:08:55 GMT
via
1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
server
nginx/1.4.6 (Ubuntu)
age
478637
etag
"da9fd1f46e03a81c247df5af16f0816fed4845b7"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000,public
x-amz-cf-pop
AMS1-C1
content-length
1080
x-amz-cf-id
Q5CTYMvW0W71rRU2yzUHiqmDw2uquyX1fihi1L8UE_pNS1deP1SLsg==
expires
Tue, 07 Sep 2021 03:08:55 GMT
GET-IT-NOW-BUTTON.png
www.greenfieldreporter.com/wp-content/files/sites/11/2021/02/
46 KB
46 KB
Image
General
Full URL
http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/02/GET-IT-NOW-BUTTON.png
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3fd9f5150166de3c3b97e0d7ba19f30a8f2c00aaf63d90fa1c3a8c0c202398e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Via
1.1 varnish, 1.1 varnish
Age
1836347
X-Cache
HIT, HIT
X-Cache-Hits
1, 1
Connection
keep-alive
Content-Length
46898
X-Served-By
cache-mdw17363-MDW, cache-fra19160-FRA
Last-Modified
Mon, 01 Feb 2021 21:16:22 GMT
Server
nginx
X-Timer
S1628870248.669569,VS0,VE1
ETag
"60186fa6-b732"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Accept-Ranges
bytes
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Digital-Editions-Open-Graphic.png
www.greenfieldreporter.com/wp-content/files/sites/11/2021/02/
156 KB
156 KB
Image
General
Full URL
http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/02/Digital-Editions-Open-Graphic.png
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
973f27a57e440a6943b98cad6d5a5e8ded0d9b473fcf14bdd35fd2bf9dde1094

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Via
1.1 varnish, 1.1 varnish
Age
2531394
X-Cache
HIT, HIT
X-Cache-Hits
1, 1
Connection
keep-alive
Content-Length
159562
X-Served-By
cache-mdw17345-MDW, cache-fra19160-FRA
Last-Modified
Mon, 01 Feb 2021 21:16:02 GMT
Server
nginx
X-Timer
S1628870248.678805,VS0,VE1
ETag
"60186f92-26f4a"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Accept-Ranges
bytes
Expires
Thu, 31 Dec 2037 23:55:55 GMT
DailyReporterlogo.jpg
www.greenfieldreporter.com/wp-content/files/sites/11/2016/07/
88 KB
89 KB
Image
General
Full URL
http://www.greenfieldreporter.com/wp-content/files/sites/11/2016/07/DailyReporterlogo.jpg
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9d971a8e4b7d8c6280fec49dfae6a5911b15c96a3092642310f4a3f4b1674dc0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Via
1.1 varnish, 1.1 varnish
Age
1934734
X-Cache
HIT, HIT
X-Cache-Hits
1, 1
Connection
keep-alive
Content-Length
90363
X-Served-By
cache-mdw17323-MDW, cache-fra19160-FRA
Last-Modified
Thu, 11 Mar 2021 21:49:02 GMT
Server
nginx
X-Timer
S1628870248.692655,VS0,VE1
ETag
"604a904e-160fb"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Accept-Ranges
bytes
Expires
Thu, 31 Dec 2037 23:55:55 GMT
addthis_widget.js
www.greenfieldreporter.com/wp-content/plugins/aim_seo_smo/cache/
336 KB
109 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-content/plugins/aim_seo_smo/cache/addthis_widget.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
47a22a9ef947a096bead2d2f616c5e10769fecd120cbaecd301dac6dfcfc0dfe

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
2534256
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
110595
X-Served-By
cache-mdw17367-MDW, cache-fra19160-FRA
Access-Control-Allow-Origin
*
Last-Modified
Fri, 23 Dec 2016 16:44:02 GMT
Server
nginx
X-Timer
S1628870248.701074,VS0,VE1
ETag
"585d5452-54070"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
18, 1
outbrain.js
widgets.outbrain.com/
183 KB
61 KB
Script
General
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5d7051652d1642d455733b7376ff8982521e19b44ea1d1636073c08672ba79e6

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:27 GMT
content-encoding
gzip
last-modified
Thu, 12 Aug 2021 07:41:08 GMT
etag
W/"2dda4-HoBMHd+3scpIU/pl71V5AZTTYQM"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
41f859d97897444938c22634bfa6276a
timing-allow-origin
*, *
content-length
62285
expires
Fri, 13 Aug 2021 19:57:27 GMT
aim-weather-201612070135.css
www.greenfieldreporter.com/wp-content/plugins/aim_media_weather/css/
3 KB
1 KB
Stylesheet
General
Full URL
http://www.greenfieldreporter.com/wp-content/plugins/aim_media_weather/css/aim-weather-201612070135.css
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f2767d03e1d32e4688327305a176c77b67c5221b92a5c6094923f401f65d03be

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
1083512
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
927
X-Served-By
cache-mdw17368-MDW, cache-fra19160-FRA
Access-Control-Allow-Origin
*
Last-Modified
Wed, 14 Dec 2016 16:20:59 GMT
Server
nginx
X-Timer
S1628870247.306430,VS0,VE47
ETag
"5851716b-a79"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
1, 1
tagdiv_theme.min.js
www.greenfieldreporter.com/wp-content/themes/Newspaper/js/
212 KB
51 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-content/themes/Newspaper/js/tagdiv_theme.min.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
37bd4f791a6febdf51e0ef5b9063f230e9a6b617a85148bba89157a51e5b67b2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
2534256
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
51198
X-Served-By
cache-mdw17323-MDW, cache-fra19160-FRA
Access-Control-Allow-Origin
*
Last-Modified
Tue, 23 Feb 2016 14:52:01 GMT
Server
nginx
X-Timer
S1628870248.805282,VS0,VE1
ETag
"56cc7211-34f1d"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
2, 1
wp-embed.min.js
www.greenfieldreporter.com/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-includes/js/wp-embed.min.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
892ecb8e84801900fbec1f9f340f9dd7d53a6444079d82dda76d41581c501891

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
3745678
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
750
X-Served-By
cache-mdw17321-MDW, cache-fra19160-FRA
Access-Control-Allow-Origin
*
Last-Modified
Sun, 29 May 2016 19:25:44 GMT
Server
nginx
X-Timer
S1628870248.818474,VS0,VE0
ETag
"574b4238-57b"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
5, 145
js_composer_front.min.js
www.greenfieldreporter.com/wp-content/plugins/js_composer/assets/js/dist/
19 KB
6 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
95a91e047817247386ced0e355c8870ddad9ed1190c6cf8492155d0d172b3cac

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
3740506
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
5581
X-Served-By
cache-mdw17377-MDW, cache-fra19160-FRA
Access-Control-Allow-Origin
*
Last-Modified
Mon, 06 Jun 2016 19:33:32 GMT
Server
nginx
X-Timer
S1628870247.360028,VS0,VE1
ETag
"5755d00c-4a83"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
1, 1
jquery.dfp.min.js
www.greenfieldreporter.com/wp-content/plugins/DoubleClick-for-WordPress-master/js/vendor/jquery.dfp.js/
6 KB
3 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-content/plugins/DoubleClick-for-WordPress-master/js/vendor/jquery.dfp.js/jquery.dfp.min.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
19d59443a557b7f35dca4a89ea494082dd23715d8ccdd9d6e19c0aad717565aa

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
1931649
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
2447
X-Served-By
cache-mdw17340-MDW, cache-fra19160-FRA
Access-Control-Allow-Origin
*
Last-Modified
Wed, 02 Mar 2016 14:59:53 GMT
Server
nginx
X-Timer
S1628870247.368087,VS0,VE0
ETag
"56d6ffe9-18f7"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
1, 3
jquery.dfw.js
www.greenfieldreporter.com/wp-content/plugins/DoubleClick-for-WordPress-master/js/
2 KB
1 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-content/plugins/DoubleClick-for-WordPress-master/js/jquery.dfw.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f060ce0778a914d560d5772a03a58c136aa18364385ddd0c7df91cbde83f1c54

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
2541749
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
777
X-Served-By
cache-mdw17320-MDW, cache-fra19171-FRA
Access-Control-Allow-Origin
*
Last-Modified
Wed, 12 Oct 2016 17:39:09 GMT
Server
nginx
X-Timer
S1628870248.821576,VS0,VE0
ETag
"57fe753d-633"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
14, 2
analytics.js
www.greenfieldreporter.com/wp-content/plugins/aim_seo_smo/cache/
27 KB
12 KB
Script
General
Full URL
http://www.greenfieldreporter.com/wp-content/plugins/aim_seo_smo/cache/analytics.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3ce672632d9ccd249014dc1bb913f7fa26ad5758fe180671e5cfb90b0f8a55d3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
3213434
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
11595
X-Served-By
cache-mdw17357-MDW, cache-fra19171-FRA
Access-Control-Allow-Origin
*
Last-Modified
Wed, 28 Sep 2016 20:19:01 GMT
Server
nginx
X-Timer
S1628870248.829232,VS0,VE0
ETag
"57ec25b5-6c9d"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
1, 1
debut_dark-80x60.png
www.greenfieldreporter.com/wp-content/uploads/sites/11/2019/06/
162 B
162 B
Image
General
Full URL
http://www.greenfieldreporter.com/wp-content/uploads/sites/11/2019/06/debut_dark-80x60.png
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.greenfieldreporter.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Via
1.1 varnish, 1.1 varnish
Server
nginx
Age
446
X-Served-By
cache-mdw17379-MDW, cache-fra19160-FRA
Vary
Accept-Encoding
X-Cache
HIT, HIT
Content-Type
text/html
Content-Encoding
gzip
Connection
keep-alive
Accept-Ranges
bytes
X-Timer
S1628870248.830908,VS0,VE0
Content-Length
123
X-Cache-Hits
8, 1
truncated
/
121 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
newspaper.woff
www.greenfieldreporter.com/wp-content/themes/Newspaper/images/icons/
14 KB
10 KB
Font
General
Full URL
http://www.greenfieldreporter.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?8
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/wp-content/themes/Newspaper/style.css
Protocol
HTTP/1.1
Server
2a04:4e42:3::204 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aba55d83602476cb099be3edff5d2264d00081c45f69e5ecef881a1cb8fbb6bd

Request headers

Pragma
no-cache
Origin
http://www.greenfieldreporter.com
Accept-Encoding
gzip, deflate
Host
www.greenfieldreporter.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.greenfieldreporter.com/wp-content/themes/Newspaper/style.css
Connection
keep-alive
Cache-Control
no-cache
Origin
http://www.greenfieldreporter.com
Referer
http://www.greenfieldreporter.com/wp-content/themes/Newspaper/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
Age
2002969
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
9730
X-Served-By
cache-mdw17363-MDW, cache-fra19160-FRA
Access-Control-Allow-Origin
*
Last-Modified
Mon, 15 Feb 2016 15:56:07 GMT
Server
nginx
X-Timer
S1628870248.865857,VS0,VE1
ETag
"56c1f517-37d8"
Vary
Accept-Encoding
Content-Type
application/font-woff
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
1, 1
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j47&a=1003808106&t=pageview&_s=1&dl=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ul=en-us&de=UTF-8&dt=Daily%20Reporter%20%E2%80%93%20Nobody%20covers%2...
  • https://www.google-analytics.com/r/collect?v=1&_v=j47&a=1003808106&t=pageview&_s=1&dl=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ul=en-us&de=UTF-8&dt=Daily%20Reporter%20%E2%80%93%20Nobody%20covers%...
35 B
112 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j47&a=1003808106&t=pageview&_s=1&dl=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ul=en-us&de=UTF-8&dt=Daily%20Reporter%20%E2%80%93%20Nobody%20covers%20Hancock%20County%20like%20the%20Daily%20Reporter&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AEAAAEABI~&jid=1033524054&cid=554517979.1628870248&tid=UA-5000778-1&_r=1&z=792448150
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 15:57:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j47&a=1003808106&t=pageview&_s=1&dl=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ul=en-us&de=UTF-8&dt=Daily%20Reporter%20%E2%80%93%20Nobody%20covers%20Hancock%20County%20like%20the%20Daily%20Reporter&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AEAAAEABI~&jid=1033524054&cid=554517979.1628870248&tid=UA-5000778-1&_r=1&z=792448150
Non-Authoritative-Reason
HSTS
1
greenfieldreporter.friends2follow.com/f2f/widget/async/socialstack/73/0/12/140/1/1/1/9/9/ Frame 8C17
52 KB
9 KB
Document
General
Full URL
https://greenfieldreporter.friends2follow.com/f2f/widget/async/socialstack/73/0/12/140/1/1/1/9/9/1?click=&cache=
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.255.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-255-24.compute-1.amazonaws.com
Software
Apache /
Resource Hash
6cf47c2fd5718b44799185c88cd0b4bf95afcd1496713789574ecef06deff888
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff

Request headers

Host
greenfieldreporter.friends2follow.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.greenfieldreporter.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.greenfieldreporter.com/

Response headers

Accept-Ranges
bytes
Age
21
Cache-Control
no-cache, must-revalidate
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 13 Aug 2021 15:57:28 GMT
Expires
Sun, 19 Nov 1978 05:00:00 GMT
Server
Apache
Vary
Accept-Encoding
Via
1.1 varnish
X-Content-Type-Options
nosniff nosniff
X-Varnish
663815763 663813194
X-Varnish-Cache
HIT
Content-Length
8896
Connection
keep-alive
gpt.js
www.googletagservices.com/tag/js/
72 KB
25 KB
Script
General
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/wp-content/plugins/DoubleClick-for-WordPress-master/js/vendor/jquery.dfp.js/jquery.dfp.min.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c33f17fdf8951c850ff300fc5f77417bfa1d42321c49477614f53aed8fca68c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"957 / 172 of 1000 / last-modified: 1628853339"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin
*
Content-Length
25251
X-XSS-Protection
0
Expires
Fri, 13 Aug 2021 15:57:27 GMT
polyfill.min.js
polyfill.io/v3/
101 B
588 B
Script
General
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2CString.prototype.endsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.26 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
http://www.greenfieldreporter.com
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1670390
detected-user-agent
HeadlessChrome/89.0.4389
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=2
content-length
89
referrer-policy
origin-when-cross-origin
last-modified
Sat, 24 Jul 2021 21:34:25 GMT
date
Fri, 13 Aug 2021 15:57:27 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
467285ccbda3c4867c0ff0da849e3ad0.jpg
d1bdhkmqqz901h.cloudfront.net/532x462/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/08/
75 KB
76 KB
Image
General
Full URL
http://d1bdhkmqqz901h.cloudfront.net/532x462/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/08/467285ccbda3c4867c0ff0da849e3ad0.jpg
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2600:9000:2104:3200:1a:714c:dd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
e6d4f5060ee235d834402e2a849b2e80b53a15986b21ec5f931f3e726f2eac09

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 09:47:10 GMT
Via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
Connection
keep-alive
Server
nginx/1.4.6 (Ubuntu)
Age
22746
ETag
"098e0a8663d0628a4bfd8334377f98acb6a6da3d"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000,public
X-Amz-Cf-Pop
AMS1-C1
Content-Length
77262
X-Amz-Cf-Id
tL9g00v6fCcrdR3oADgWYGX_TwIAHDtnmVTaxnYRySYK_zLtnKh-eA==
Expires
Sun, 12 Sep 2021 09:47:10 GMT
0eb534fe385826ce9378430a1e71176f-1.jpg
d1bdhkmqqz901h.cloudfront.net/533x261/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/08/
21 KB
21 KB
Image
General
Full URL
http://d1bdhkmqqz901h.cloudfront.net/533x261/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/08/0eb534fe385826ce9378430a1e71176f-1.jpg
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2600:9000:2104:3200:1a:714c:dd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
c42700ed55236acaa0b497e430b94582d6b41fa5a56ae3618dd3c65986b0f873

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 09:47:10 GMT
Via
1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
Connection
keep-alive
Server
nginx/1.4.6 (Ubuntu)
Age
22746
ETag
"7e0c26f13b4173b43f3d75ee0887563f9fa77322"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000,public
X-Amz-Cf-Pop
AMS1-C1
Content-Length
20999
X-Amz-Cf-Id
7TFtMDOWG7zW0OjFMnQ5N8IwRdev47rqLOsbZpWFhaMgdM5npj6Abw==
Expires
Sun, 12 Sep 2021 09:47:10 GMT
COVID-A.jpg
d1bdhkmqqz901h.cloudfront.net/265x198/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/08/
9 KB
9 KB
Image
General
Full URL
http://d1bdhkmqqz901h.cloudfront.net/265x198/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/08/COVID-A.jpg
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2600:9000:2104:3200:1a:714c:dd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
05c9fba4725ec21b66265940137942726b48e11db84d9bc7d0bdb606b2602ede

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 09:47:10 GMT
Via
1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
Connection
keep-alive
Server
nginx/1.4.6 (Ubuntu)
Age
22746
ETag
"e3fcc37f6c5bc012beafbf3666469c6798238d05"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000,public
X-Amz-Cf-Pop
AMS1-C1
Content-Length
8986
X-Amz-Cf-Id
xjOt3Iniu-7JFsbyAv7rYI1G4XMpnctw8oOMHcp_y4tvo3Eos4efPA==
Expires
Sun, 12 Sep 2021 09:47:10 GMT
b06893d17d83f2bd25cc737b2d2722e8-1.jpg
d1bdhkmqqz901h.cloudfront.net/265x198/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/08/
14 KB
15 KB
Image
General
Full URL
http://d1bdhkmqqz901h.cloudfront.net/265x198/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/08/b06893d17d83f2bd25cc737b2d2722e8-1.jpg
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2600:9000:2104:3200:1a:714c:dd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
25f85fdebcfcaecddcf817ab22144ea44ce19a3e1ae672daa713eab7fd56cffa

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 09:47:10 GMT
Via
1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
Connection
keep-alive
Server
nginx/1.4.6 (Ubuntu)
Age
22746
ETag
"3ed307439c5be9fff90a45ac1b489eec011cd582"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000,public
X-Amz-Cf-Pop
AMS1-C1
Content-Length
14507
X-Amz-Cf-Id
Fr-uvzBjTCIJfXZjRzCtivVIRMhufyLktsqHpUQmiJY4S0w-KY1aoQ==
Expires
Sun, 12 Sep 2021 09:47:10 GMT
AdobeStock_173755013.jpeg
d1bdhkmqqz901h.cloudfront.net/100x70/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2020/05/
3 KB
3 KB
Image
General
Full URL
http://d1bdhkmqqz901h.cloudfront.net/100x70/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2020/05/AdobeStock_173755013.jpeg
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2600:9000:2104:3200:1a:714c:dd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
978d27625aae1b6236db52c4bca9e51b3f7b58fc965f2061c6b1f3dd6233a9bf

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 16:24:16 GMT
Via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
Connection
keep-alive
Server
nginx/1.4.6 (Ubuntu)
Age
171719
ETag
"c46c1f923fac80a1d5c1bdaab16eeb96b6b2769f"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000,public
X-Amz-Cf-Pop
AMS1-C1
Content-Length
2860
X-Amz-Cf-Id
YNnVYSGjX-nt_6urC8I-vrIfwScFLDUXYvigxBnJrvgRyC0t4CEJeA==
Expires
Fri, 10 Sep 2021 16:24:16 GMT
6f9c957dbcdb823daa767f51e659bf8e.jpg
d1bdhkmqqz901h.cloudfront.net/100x70/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/08/
3 KB
3 KB
Image
General
Full URL
http://d1bdhkmqqz901h.cloudfront.net/100x70/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/08/6f9c957dbcdb823daa767f51e659bf8e.jpg
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2600:9000:2104:3200:1a:714c:dd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
e16596e8cae4796460d5ebc121d6c09e191b1b7b83c6260388c9a63ef58746e3

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:58:15 GMT
Via
1.1 9385401cebb473e4ed1da6c81b927c52.cloudfront.net (CloudFront)
Connection
keep-alive
Server
nginx/1.4.6 (Ubuntu)
Age
480
ETag
"71b29da1cc5e70da12a849e9c61c1a7ecf6879cc"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000,public
X-Amz-Cf-Pop
AMS1-C1
Content-Length
2612
X-Amz-Cf-Id
OseiwK779eYqlw-Uhm1nZr0gvOxoDdU6GkNmo8D6t0e4BIjvdK4EMg==
Expires
Sun, 12 Sep 2021 15:58:15 GMT
AdobeStock_86687377.jpeg
d1bdhkmqqz901h.cloudfront.net/100x70/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/04/
2 KB
2 KB
Image
General
Full URL
http://d1bdhkmqqz901h.cloudfront.net/100x70/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/04/AdobeStock_86687377.jpeg
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2600:9000:2104:3200:1a:714c:dd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
df38a383494a88a07ba0282b97064b947788d227662178821f3aa3f2d2a67ce1

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 03:08:55 GMT
Via
1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
Connection
keep-alive
Server
nginx/1.4.6 (Ubuntu)
Age
478638
ETag
"27b7669656a464d1e34d51eaaf89eba57b61a728"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000,public
X-Amz-Cf-Pop
AMS1-C1
Content-Length
1740
X-Amz-Cf-Id
BkMGmDw0nYCyTTMW7j89bRF183N6d3Eb4ZWgmCmWLLfuIMmTenGbdw==
Expires
Tue, 07 Sep 2021 03:08:55 GMT
e4fd983e4d0d63dd68c3bcd47d4f7d8b-1.jpg
d1bdhkmqqz901h.cloudfront.net/100x70/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/08/
3 KB
3 KB
Image
General
Full URL
http://d1bdhkmqqz901h.cloudfront.net/100x70/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/08/e4fd983e4d0d63dd68c3bcd47d4f7d8b-1.jpg
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2600:9000:2104:3200:1a:714c:dd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
27330767dcd6c64abad7ac3448a4b4693b10720a7b420d4159143ba742cab453

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:59:47 GMT
Via
1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
Connection
keep-alive
Server
nginx/1.4.6 (Ubuntu)
Age
389
ETag
"85a642504e9e041fc2f4421e81805d2dc15ace70"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000,public
X-Amz-Cf-Pop
AMS1-C1
Content-Length
2876
X-Amz-Cf-Id
xVnEUxcatLIeyCqJn2gzuIP7rk9jr6NSON0uqGFYkBUGMs_KqEnsAQ==
Expires
Sun, 12 Sep 2021 15:59:47 GMT
f94fc08070ab1f14c99bdd0dcd655834-3.jpg
d1bdhkmqqz901h.cloudfront.net/100x70/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/08/
3 KB
4 KB
Image
General
Full URL
http://d1bdhkmqqz901h.cloudfront.net/100x70/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/08/f94fc08070ab1f14c99bdd0dcd655834-3.jpg
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2600:9000:2104:3200:1a:714c:dd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
412234f3160cd0cfd632467c641114dae97642a218627e814faa7855d3fedd84

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:59:48 GMT
Via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
Connection
keep-alive
Server
nginx/1.4.6 (Ubuntu)
Age
388
ETag
"b241af885c44262f2c123c126afaf8f0d49b9e47"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000,public
X-Amz-Cf-Pop
AMS1-C1
Content-Length
3255
X-Amz-Cf-Id
7i-Ur-w5JT4EM2jGWLvPzSOT0zYlUYuq-pNVeqw6ZzscJi_m0r1O1Q==
Expires
Sun, 12 Sep 2021 15:59:48 GMT
762898a849682615fd1ef59ffa9a59f4-3.jpg
d1bdhkmqqz901h.cloudfront.net/100x70/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/08/
3 KB
3 KB
Image
General
Full URL
http://d1bdhkmqqz901h.cloudfront.net/100x70/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/08/762898a849682615fd1ef59ffa9a59f4-3.jpg
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2600:9000:2104:3200:1a:714c:dd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
3048e28f3c86c8dda902a0442d0d2c76fc22946a51a6a52c4cabd5cfd724689e

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:58:12 GMT
Via
1.1 9385401cebb473e4ed1da6c81b927c52.cloudfront.net (CloudFront)
Connection
keep-alive
Server
nginx/1.4.6 (Ubuntu)
Age
484
ETag
"f46565f11f1c75c90f3d718454472d28d9e749f5"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000,public
X-Amz-Cf-Pop
AMS1-C1
Content-Length
2796
X-Amz-Cf-Id
2YX5uamtRIH5i1dNU9TvXOkjNUy3k8stwoyh1UcaeWUZ7nGENzT-Mg==
Expires
Sun, 12 Sep 2021 15:58:12 GMT
6941a402f03b61422506e31177f29b19-3.jpg
d1bdhkmqqz901h.cloudfront.net/100x70/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/08/
3 KB
3 KB
Image
General
Full URL
http://d1bdhkmqqz901h.cloudfront.net/100x70/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/08/6941a402f03b61422506e31177f29b19-3.jpg
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2600:9000:2104:3200:1a:714c:dd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
d88b906b0772f8e268213a44380fd671d094c1c15e38b7d8c8f41981434670ba

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 12 Aug 2021 15:01:23 GMT
Via
1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
Connection
keep-alive
Server
nginx/1.4.6 (Ubuntu)
Age
90292
ETag
"7d5d32afb087d63d68286fc4f34ebeeb6fdeefe2"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000,public
X-Amz-Cf-Pop
AMS1-C1
Content-Length
2811
X-Amz-Cf-Id
h1JdTxi14xBvLuLFUwfW8QKvRkEc6pTHU1Hp2N_J1T0wEDNOoTfN-A==
Expires
Sat, 11 Sep 2021 15:01:23 GMT
092808fc07095beb8919b0c1fac3ca82.jpg
d1bdhkmqqz901h.cloudfront.net/100x70/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/08/
3 KB
4 KB
Image
General
Full URL
http://d1bdhkmqqz901h.cloudfront.net/100x70/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2021/08/092808fc07095beb8919b0c1fac3ca82.jpg
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2600:9000:2104:3200:1a:714c:dd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
9359e2533ddf2791ccd6dbb07ba85e384ae218674c6adbcd7af93b5ca8ed4842

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 14:55:45 GMT
Via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
Connection
keep-alive
Server
nginx/1.4.6 (Ubuntu)
Age
177030
ETag
"4b8ca0dc070a426885c3b5117634be58634e24ff"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000,public
X-Amz-Cf-Pop
AMS1-C1
Content-Length
3100
X-Amz-Cf-Id
jZMstD0InvKrz7xdpWK3R4g6vLbZ-3n-i8B9Ve5netxbKY8Byc0oWg==
Expires
Fri, 10 Sep 2021 14:55:45 GMT
high-school-coach-whistle-small.jpg
d1bdhkmqqz901h.cloudfront.net/100x70/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2016/07/
2 KB
3 KB
Image
General
Full URL
http://d1bdhkmqqz901h.cloudfront.net/100x70/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2016/07/high-school-coach-whistle-small.jpg
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2600:9000:2104:3200:1a:714c:dd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
f83a4b9a16072e05d61f4b5ecb1396ab254023313edb8038ada6738c3cde1cfb

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 16:24:16 GMT
Via
1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
Connection
keep-alive
Server
nginx/1.4.6 (Ubuntu)
Age
171719
ETag
"cdbbb2b6eddba4badc624e285365ba54cad3695f"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000,public
X-Amz-Cf-Pop
AMS1-C1
Content-Length
2149
X-Amz-Cf-Id
SXQZCYgii9ODbkQO1f_tZngnvBkKnH-Qdcp_tx57mh-l6ajlzMwiYQ==
Expires
Fri, 10 Sep 2021 16:24:16 GMT
444f8dd3f368b56ef3defbc002287403.jpg
d1bdhkmqqz901h.cloudfront.net/100x70/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2020/08/
3 KB
3 KB
Image
General
Full URL
http://d1bdhkmqqz901h.cloudfront.net/100x70/smart/http://www.greenfieldreporter.com/wp-content/files/sites/11/2020/08/444f8dd3f368b56ef3defbc002287403.jpg
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
2600:9000:2104:3200:1a:714c:dd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
e975ff80aaf72c08354cbe8a1c73d2195cdbbe397bd8728d87991092848bba2c

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 10 Aug 2021 22:48:53 GMT
Via
1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
Connection
keep-alive
Server
nginx/1.4.6 (Ubuntu)
Age
235042
ETag
"45af5d5c67c6f49c59d6581466ebbf7d8cc6cf7d"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000,public
X-Amz-Cf-Pop
AMS1-C1
Content-Length
2865
X-Amz-Cf-Id
TMZc7cKkEDJZ3zXpLXSMZIWhPDj4--0XdMzoS272N_bx346f9H40iA==
Expires
Thu, 09 Sep 2021 22:48:53 GMT
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame E908
416 B
799 B
Document
General
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/put.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.greenfieldreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.greenfieldreporter.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"c0311cf15c21ddda054005e92fad3f9e:1628756356.271721"
last-modified
Thu, 12 Aug 2021 07:40:47 GMT
server
AkamaiNetStorage
content-length
416
cache-control
max-age=345600
date
Fri, 13 Aug 2021 15:57:28 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1628870248~rv=62~id=67c0e1fabb9fd1b679f340ab7a994db3; path=/; Expires=Fri, 13 Aug 2021 15:57:28 GMT; Secure; SameSite=None
d3d3LmdyZWVuZmllbGRyZXBvcnRlci5jb20=
tcheck.outbrainimg.com/tcheck/check/
15 B
461 B
XHR
General
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LmdyZWVuZmllbGRyZXBvcnRlci5jb20=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:28 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=9669
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
a231a16f6d200846db2053abf6d76405
Content-Length
15
Expires
Fri, 13 Aug 2021 18:38:37 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/
43 B
451 B
Image
General
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=9.741771581715646
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:28 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Sun, 12 Sep 2021 15:57:28 GMT
loader-config.json
cdn.sbgsodufuosmmvsdf.info/prod/aim/
4 KB
2 KB
Fetch
General
Full URL
https://cdn.sbgsodufuosmmvsdf.info/prod/aim/loader-config.json
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E98) /
Resource Hash
97aa0739d429331d29e0a5223cef08808954da9572d3903988e0d924ca7e62c5

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
content-md5
6a99PjdP9Fia5nFWVZh9qw==
age
12465
x-cache
HIT
content-length
1253
x-ms-lease-status
unlocked
last-modified
Tue, 20 Apr 2021 15:12:07 GMT
server
ECAcc (frc/8E98)
etag
0x8D9040EAA11C53E
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
c816be48-401e-0084-353e-907057000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
pubads_impl_2021080901.js
securepubads.g.doubleclick.net/gpt/
330 KB
115 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062236
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
ee42c91f297eb0f204bf184600c3194d54e6908830639db14e37b5b158ea0ee7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 Aug 2021 08:37:52 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117636
x-xss-protection
0
expires
Fri, 13 Aug 2021 15:57:28 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
111 B
752 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.greenfieldreporter.com
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
8701638b5aa22d6258af6e1205a03d1069d69fa23ef6a959c76f17b2598b4dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
expires
Fri, 13 Aug 2021 15:57:28 GMT
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame E908
610 B
993 B
Document
General
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/test.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
thirdparty=yes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges
bytes
content-type
text/html
etag
"48053d50141031b1511dbd30f9a31288:1628756357.056635"
last-modified
Thu, 12 Aug 2021 07:40:47 GMT
server
AkamaiNetStorage
content-length
610
cache-control
max-age=345600
date
Fri, 13 Aug 2021 15:57:28 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1628870248~rv=60~id=827cc58d46dc8e12b04560e7b2160ebc; path=/; Expires=Fri, 13 Aug 2021 15:57:28 GMT; Secure; SameSite=None
ai.0.js
az416426.vo.msecnd.net/scripts/a/
94 KB
22 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1137
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/8FA5)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
61eb556a-a01e-0063-7059-90758e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Fri, 13 Aug 2021 16:27:28 GMT
fp.min.js
fp-cdn.azureedge.net/prod/aim/
62 KB
20 KB
Script
General
Full URL
https://fp-cdn.azureedge.net/prod/aim/fp.min.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC4) /
Resource Hash
678ba3b30abc8363927f1f706435fb1502722a2525007767d05b1b5a8652f13e

Request headers

Origin
http://www.greenfieldreporter.com
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
content-md5
vU8nkZRNnn2OJ2o2PJ2Q0g==
age
36163
x-cache
HIT
content-length
20554
x-ms-lease-status
unlocked
last-modified
Tue, 20 Apr 2021 15:05:49 GMT
server
ECAcc (frc/8FC4)
etag
0x8D9040DC86AC51D
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2ae4e22c-a01e-0120-7e07-900ce6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
g2i.min.js
g2insights-cdn.azureedge.net/prod/aim/
1 MB
216 KB
Script
General
Full URL
https://g2insights-cdn.azureedge.net/prod/aim/g2i.min.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FFD) /
Resource Hash
10ad0b3f5cb38dd38efaae7ca5c57e749a1de1cceca0ec7c624fe7694c3165f3

Request headers

Origin
http://www.greenfieldreporter.com
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
content-md5
G1E5O/OQn9v6w9QRkeLVTw==
age
36163
x-cache
HIT
content-length
220944
x-ms-lease-status
unlocked
last-modified
Tue, 20 Apr 2021 15:05:19 GMT
server
ECAcc (frc/8FFD)
etag
0x8D9040DB6AA77DB
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
934d7948-901e-00c2-5e07-90aec1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
t8y9347t.min.js
cdn.ayc0zsm69431gfebd.xyz/prod/aim/
645 KB
135 KB
Script
General
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/aim/t8y9347t.min.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E90) /
Resource Hash
459f26813859f6db8f9cde9e2c5b866da37a28d300f956ddafc94fc4955322e6

Request headers

Origin
http://www.greenfieldreporter.com
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
content-md5
zWBRVOoZ1DOHpA1auOlF3w==
age
24416
x-cache
HIT
content-length
137745
x-ms-lease-status
unlocked
last-modified
Tue, 20 Apr 2021 15:06:43 GMT
server
ECAcc (frc/8E90)
etag
0x8D9040DE8B90679
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3311bd28-601e-0136-7523-90cd78000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
t8y9347t.min.css
cdn.ayc0zsm69431gfebd.xyz/prod/aim/
341 KB
34 KB
Stylesheet
General
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/aim/t8y9347t.min.css
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA3) /
Resource Hash
1f0b3805ae7450b7f469a3ad8c3a1e5307a1b83c927544b120ff0b6806ce14ac

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
content-md5
kGSDiPpCwSzBM1fkzrZH7Q==
age
24150
x-cache
HIT
content-length
34515
x-ms-lease-status
unlocked
last-modified
Tue, 20 Apr 2021 15:06:43 GMT
server
ECAcc (frc/8FA3)
etag
0x8D9040DE8AE073D
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
e1c90fa5-301e-00c4-5323-9059b9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
placement_invocation
ob.cheqzone.com/
50 KB
19 KB
Script
General
Full URL
https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5e0aeb27ad5ec940a7b1049848d9ac96fcc00a34653745b7796d695f9f25f508

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 10:25:59 GMT
content-encoding
gzip
cheq_headers_order
Content-Type Cache-Control Expires Etag Content-Length Content-Encoding Date Connection
age
19889
etag
"c62f-zfp6hy/A0Hu4xWYKZo/YBOKVxgM"
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
max-age=43200
x-amz-cf-pop
AMS1-C1
content-length
19216
x-amz-cf-id
IL6Ea9dyfhQbBmacAvcbSOvvZktOUC2mMAE1LwWxfBtpbjIT30nOgQ==
expires
Fri, 13 Aug 2021 22:25:59 GMT
integrator.js
adservice.google.de/adsid/
107 B
853 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.greenfieldreporter.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
570 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.greenfieldreporter.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
74 KB
14 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=532943718320869&correlator=1014184408259276&output=ldjh&impl=fifs&eid=31061814%2C31062236%2C20211866%2C31062297&vrg=2021080901&ptt=17&sc=0&sfv=1-0-38&ecs=20210813&iu_parts=1052426%2CHNE-ROS-728x90-ATF%2CHNE-300x100-Home%2CHNE-ROS-300x250-AU%2CHNE-ROS-728x90-AU&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C300x100%2C300x250%2C728x90&cust_params=UrlHost%3Dwww.greenfieldreporter.com%26UrlPath%3D%252F%26UrlQuery%3D%26Page%3Dfront-page&cookie_enabled=1&bc=23&abxe=1&lmt=1628870248&dt=1628870248141&dlt=1628870247222&idt=896&frm=20&biw=1600&bih=1200&oid=3&adxs=606%2C1022%2C1022%2C436&adys=88%2C753%2C1164%2C2958&adks=851018243%2C2426205714%2C3725309000%2C196875090&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&vis=1&scr_x=0&scr_y=0&psz=728x90%7C324x0%7C324x1209%7C1116x1&msz=728x0%7C324x0%7C324x0%7C1068x0&ga_vid=554517979.1628870248&ga_sid=1628870248&ga_hid=1003808106&ga_fc=true&fws=4%2C4%2C4%2C4&ohw=1164%2C324%2C1164%2C1164&btvi=0%7C0%7C0%7C1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062236
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
8e2472bf4612bf09c687e0e8c3d265cf6fd01f05fc1a64c55bbe9b2013ee09e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14754
x-xss-protection
0
google-lineitem-id
499417006,5745422627,499418326,499413646
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138273903260,138357243196,138274162087,138273901844
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.greenfieldreporter.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E875
6 KB
3 KB
Document
General
Full URL
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.greenfieldreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.greenfieldreporter.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 13 Aug 2021 15:57:28 GMT
expires
Sat, 13 Aug 2022 15:57:28 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
show_pla
obs.cheqzone.com/
2 KB
2 KB
Script
General
Full URL
https://obs.cheqzone.com/show_pla?id=65349&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=23150501104076517101186648581157231951619981221292512328770712919695&nc=0&tsf=0&tsfmi=&pv=0&cb=1628870248265&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2826626440&at=&bid=e30%3D&di=W1siZWYiLDg0NzZdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFstMSwiLSJdLFstMiwiOSxY%0D%0ASHhnMWowekVsQVF3SjFRRWNrdnpvdmJjQUlaU0VFakFoSklRUUJ3Z2w5RjRDQkFnUVdnaWQwTEhC%0D%0AQmVPR2pidlgzcVl5TTYvK3Z6dlM3R29YR3doLytiTWxqYlR5YW83T1BmIl0sWy0zLCJbXSJdLFst%0D%0ANCwiLSJdLFstNSwiLSJdLFstNiwie1wid1wiOltcIjBcIixcIl9zZl9zdGFydHB0XCIsXCIkXCIs%0D%0AXCJqUXVlcnlcIixcIndwXCIsXCJ1aUF1dG9jb21wbGV0ZUwxMG5cIixcIkVNXCIsXCJlbV9sb2Fk%0D%0AX2pxdWVyeV9jc3NcIixcImVtX3NldHVwX2RhdGVwaWNrZXJcIixcImVtX3NldHVwX3RpbWVwaWNr%0D%0AZXJcIixcImVtX2FqYXhpZnlcIixcImVtX21hcHNfbG9hZGVkXCIsXCJtYXBzXCIsXCJtYXBzX21h%0D%0AcmtlcnNcIixcImluZm93aW5kb3dcIixcImVtX21hcHNfbG9hZFwiLFwiZW1fbWFwc19sb2FkX2xv%0D%0AY2F0aW9uc1wiLFwiZW1fbWFwc19sb2FkX2xvY2F0aW9uXCIsXCJlbV9tYXBzXCIsXCJlbV9tYXBf%0D%0AaW5mb2JveFwiLFwiTUcyTG9hZGVyXCIsXCJNRzJMb2FkZXJfb3B0aW9uc1wiLFwidGRCbG9ja3NB%0D%0AcnJheVwiLFwidGRCbG9ja1wiLFwidGRMb2NhbENhY2hlXCIsXCJ0ZF92aWV3cG9ydF9pbnRlcnZh%0D%0AbF9saXN0XCIsXCJ0ZHNfZ2VuZXJhbF9tb2RhbF9pbWFnZVwiLFwidGRfYWpheF91cmxcIixcInRk%0D%0AX2dldF90ZW1wbGF0ZV9kaXJlY3RvcnlfdXJpXCIsXCJ0ZHNfc25hcF9tZW51XCIsXCJ0ZHNfbG9n%0D%0Ab19vbl9zdGlja3lcIixcInRkc19oZWFkZXJfc3R5bGVcIixcInRkX3BsZWFzZV93YWl0XCIsXCJ0%0D%0AZF9lbWFpbF91c2VyX3Bhc3NfaW5jb3JyZWN0XCIsXCJ0ZF9lbWFpbF91c2VyX2luY29ycmVjdFwi%0D%0ALFwidGRfZW1haWxfaW5jb3JyZWN0XCIsXCJ0ZHNfbW9yZV9hcnRpY2xlc19vbl9wb3N0X2VuYWJs%0D%0AZVwiLFwidGRzX21vcmVfYXJ0aWNsZXNfb25fcG9zdF90aW1lX3RvX3dhaXRcIixcInRkc19tb3Jl%0D%0AX2FydGljbGVzX29uX3Bvc3RfcGFnZXNfZGlzdGFuY2VfZnJvbV90b3BcIixcInRkc190aGVtZV9j%0D%0Ab2xvcl9zaXRlX3dpZGVcIixcInRkc19zbWFydF9zaWRlYmFyXCIsXCJ0ZFRoZW1lTmFtZVwiLFwi%0D%0AdGRfbWFnbmlmaWNfcG9wdXBfdHJhbnNsYXRpb25fdFByZXZcIixcInRkX21hZ25pZmljX3BvcHVw%0D%0AX3RyYW5zbGF0aW9uX3ROZXh0XCIsXCJ0ZF9tYWduaWZpY19wb3B1cF90cmFuc2xhdGlvbl90Q291%0D%0AbnRlclwiLFwidGRfbWFnbmlmaWNfcG9wdXBfdHJhbnNsYXRpb25fYWpheF90RXJyb3JcIixcInRk%0D%0AX21hZ25pZmljX3BvcHVwX3RyYW5zbGF0aW9uX2ltYWdlX3RFcnJvclwiLFwidGRfYWRfYmFja2dy%0D%0Ab3VuZF9jbGlja19saW5rXCIsXCJ0ZF9hZF9iYWNrZ3JvdW5kX2NsaWNrX3RhcmdldFwiLFwiR29v%0D%0AZ2xlQW5hbHl0aWNzT2JqZWN0XCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstNywiLSJdLFstOCwi%0D%0ALSJdLFstOSwiLSJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXX0iXSxbLTEy%0D%0ALCJudWxsIl0sWy0xMywiLSJdLFstMTQsIntcIm9cIjowfSJdLFstMTUsIi0iXSxbLTE2LCIwIl0s%0D%0AWy0xNywiMTIiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxc%0D%0AIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1c%0D%0AIixcIi1cIl0iXSxbLTIwLCI1NTQ1MTc5NzkuMTYyODg3MDI0OCJdLFstMjEsImw5M1RTMEc4Il0s%0D%0AWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2%0D%0ALCJ7XCJ0amhzXCI6MTQzMDAwMDAsXCJ1amhzXCI6MTI3MDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAw%0D%0AMH0iXSxbLTI3LCJbMCw5LjYsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyJdLFstMjksIntc%0D%0AInZcIjpbMiwyLDIsMiwwLDAsMCwyLDAsMiwwLDIsMCwwLDIsMiwyLDIsMF19Il0sWy0zMCwiW1wi%0D%0AdlwiLDBdIl0sWy0zMSwidHJ1ZSJdLFstMzIsIjIiXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUs%0D%0AIlsxNjI4ODcwMjQ4MjAyLC0yXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywiLSJd%0D%0ALFstMzgsImksLTEsLTEsMjQ4LDAsMSwwLDEsNSwxMTMsNzEyLDAsMTAwOS4xLDEwMDkuMSwxMzUw%0D%0ALDEzNTEiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDAsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1v%0D%0AemlsbGFcIixudWxsLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzMiXSxb%0D%0ALTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMDAxMTAx%0D%0AMTAwIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIjYyMCwwLDAsMCwwLDAsNzYyLDAsNjQ4LDAsMCww%0D%0ALDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3%0D%0ALCJFdXJvcGUvQmVybGluLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0i%0D%0AXSxbImJuY2giLDk3XV0%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A0%2C%22w%22%3A1600%2C%22h%22%3A3461%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=pGHux1wTfo&sdd=%7B%7D&pto=1414
Requested by
Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d76cff079726e43f3d55a0065b2345d4c3bba127e87919ed4a0cf3346dd1bee8

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Set-Cookie Content-Type Cache-Control Pragma Expires Content-Length Content-Encoding Date Connection
content-length
1438
expires
Fri, 01 Jan 1990 00:00:00 GMT
self
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/
523 B
1 KB
XHR
General
Full URL
http://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1628870248331
Requested by
Host: fp-cdn.azureedge.net
URL: https://fp-cdn.azureedge.net/prod/aim/fp.min.js
Protocol
HTTP/1.1
Server
172.67.75.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
391b0b72a321dcd0734dd1c2be1f04396563b6b0bbfead2973c314ce5cf9c148

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:28 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebjqMUUAq6%2BngzAdCAkeYxH7gJfpGyuVKEL31gNSKriV4tVPXmaL1QBffhrE2%2FIfftlpy8C10BChYFY%2BPIOO76hgp8a1KHw1QDGjs2VH9221pm%2FpyDBow7RXNE3WwdC9B6a%2F"}],"group":"cf-nel","max_age":604800}
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-control
max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
67e323ac4f233a53-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
friends2follow_socialstack.min.css
greenfieldreporter.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 8C17
70 KB
10 KB
Stylesheet
General
Full URL
https://greenfieldreporter.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.css?v=20210720
Requested by
Host: greenfieldreporter.friends2follow.com
URL: https://greenfieldreporter.friends2follow.com/f2f/widget/async/socialstack/73/0/12/140/1/1/1/9/9/1?click=&cache=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.255.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-255-24.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b50fadf0848a8ad0115be0412bce0c1f998a0cdbdeb13b4aabb823d1e6bbc889
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://greenfieldreporter.friends2follow.com/f2f/widget/async/socialstack/73/0/12/140/1/1/1/9/9/1?click=&cache=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache
HIT
Date
Fri, 13 Aug 2021 15:57:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
542
Connection
keep-alive
Content-Length
10116
Last-Modified
Wed, 30 Jun 2021 21:15:37 GMT
Server
Apache
Vary
Accept-Encoding
X-Varnish
319358234 319309192
Via
1.1 varnish
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
text/css
Expires
Fri, 27 Aug 2021 15:48:26 GMT
css
fonts.googleapis.com/ Frame 8C17
4 KB
727 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: greenfieldreporter.friends2follow.com
URL: https://greenfieldreporter.friends2follow.com/f2f/widget/async/socialstack/73/0/12/140/1/1/1/9/9/1?click=&cache=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
87e5e6d5eea4dd359d5653e1e448a52c6ea8405acf6c97fc44d50aa6ec48bfc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://greenfieldreporter.friends2follow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 15:39:50 GMT
server
ESF
date
Fri, 13 Aug 2021 15:57:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Aug 2021 15:57:28 GMT
jquery.min.js
greenfieldreporter.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 8C17
91 KB
33 KB
Script
General
Full URL
https://greenfieldreporter.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210720
Requested by
Host: greenfieldreporter.friends2follow.com
URL: https://greenfieldreporter.friends2follow.com/f2f/widget/async/socialstack/73/0/12/140/1/1/1/9/9/1?click=&cache=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.255.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-255-24.compute-1.amazonaws.com
Software
Apache /
Resource Hash
de71fa7acfd31b2b19a4ee556a3772b9c6fe285606ba65830037a3e0670c3bd5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://greenfieldreporter.friends2follow.com/f2f/widget/async/socialstack/73/0/12/140/1/1/1/9/9/1?click=&cache=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache
HIT
Date
Fri, 13 Aug 2021 15:57:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
238
Connection
keep-alive
Content-Length
33080
Last-Modified
Sat, 26 May 2018 17:40:47 GMT
Server
Apache
Vary
Accept-Encoding
X-Varnish
663815790 663792973
Via
1.1 varnish
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Fri, 27 Aug 2021 15:53:30 GMT
friends2follow_tracking.min.js
tracking.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 8C17
6 KB
2 KB
Script
General
Full URL
https://tracking.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_tracking.min.js?v=20210720
Requested by
Host: greenfieldreporter.friends2follow.com
URL: https://greenfieldreporter.friends2follow.com/f2f/widget/async/socialstack/73/0/12/140/1/1/1/9/9/1?click=&cache=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.83.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
e157827ae082f67c8429ef20dd2a914e8391e72db67ddcf32baa2cfe5d44a447
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://greenfieldreporter.friends2follow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache
HIT
Date
Fri, 13 Aug 2021 15:57:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
169
Connection
keep-alive
Content-Length
1599
Last-Modified
Wed, 29 Jan 2020 16:49:38 GMT
Server
Apache
Vary
Accept-Encoding
X-Varnish
663815809 663799227
Via
1.1 varnish
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Fri, 27 Aug 2021 15:54:39 GMT
friends2follow_antifraud.min.js
antifraudjs.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 8C17
35 KB
11 KB
Script
General
Full URL
https://antifraudjs.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_antifraud.min.js?v=20210720
Requested by
Host: greenfieldreporter.friends2follow.com
URL: https://greenfieldreporter.friends2follow.com/f2f/widget/async/socialstack/73/0/12/140/1/1/1/9/9/1?click=&cache=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.255.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-255-24.compute-1.amazonaws.com
Software
Apache /
Resource Hash
35344c8fadf8cc7e65b9adc5e6f8a6ebaa48548dc006d8066052775b3e209310
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://greenfieldreporter.friends2follow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache
HIT
Date
Fri, 13 Aug 2021 15:57:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
173
Connection
keep-alive
Content-Length
10755
Last-Modified
Thu, 26 Dec 2019 16:40:28 GMT
Server
Apache
Vary
Accept-Encoding
X-Varnish
319358262 319343154
Via
1.1 varnish
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Fri, 27 Aug 2021 15:54:35 GMT
friends2follow_socialstack.min.js
greenfieldreporter.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 8C17
96 KB
31 KB
Script
General
Full URL
https://greenfieldreporter.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.js?v=20210720
Requested by
Host: greenfieldreporter.friends2follow.com
URL: https://greenfieldreporter.friends2follow.com/f2f/widget/async/socialstack/73/0/12/140/1/1/1/9/9/1?click=&cache=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.255.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-255-24.compute-1.amazonaws.com
Software
Apache /
Resource Hash
762dd25c58a7eac4dc6544abc73e20dacbe10cc8d4363776c4b7489ebbac5122
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://greenfieldreporter.friends2follow.com/f2f/widget/async/socialstack/73/0/12/140/1/1/1/9/9/1?click=&cache=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache
HIT
Date
Fri, 13 Aug 2021 15:57:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
70
Connection
keep-alive
Content-Length
31046
Last-Modified
Mon, 28 Jun 2021 18:23:38 GMT
Server
Apache
Vary
Accept-Encoding
X-Varnish
319358250 319352804
Via
1.1 varnish
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Fri, 27 Aug 2021 15:56:18 GMT
truncated
/ Frame 8C17
109 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ec75f5f81f8d9976ae985ba86f53f9a069e44f1ee66bc3595f97801abf582b3f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8C17
89 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5665f8390a5ed541cbfd66da58c3212dd18a200dc62a0bd6096e9d9cfd3da9c7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8C17
106 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
393dedb498c215b8d4c04eee2db2b6cecc8e90d97e11e6dded36026afaddf18a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8C17
122 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6472d4d999b1f10e007f0fa12aa9674ef55ec3527f21ab859945352aac4805e5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8C17
106 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdb837c261b2b8d8df4b4ec5555bf11d94db7208b96d249037326c5bd87e4c1f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ Frame 8C17
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://greenfieldreporter.friends2follow.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 00:32:27 GMT
x-content-type-options
nosniff
age
314701
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:34 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 00:32:27 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ Frame 8C17
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://greenfieldreporter.friends2follow.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 00:29:17 GMT
x-content-type-options
nosniff
age
314891
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 00:29:17 GMT
social.woff2
greenfieldreporter.friends2follow.com/sites/all/modules/friends2follow/font/ Frame 8C17
5 KB
6 KB
Font
General
Full URL
https://greenfieldreporter.friends2follow.com/sites/all/modules/friends2follow/font/social.woff2?49894406
Requested by
Host: greenfieldreporter.friends2follow.com
URL: https://greenfieldreporter.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.css?v=20210720
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.255.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-255-24.compute-1.amazonaws.com
Software
Apache /
Resource Hash
3ebd026647714647aaa1e9ce958a12670dee2ff940ac4b334d2d718f780400bf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://greenfieldreporter.friends2follow.com
Referer
https://greenfieldreporter.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.css?v=20210720
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache
MISS
Date
Fri, 13 Aug 2021 15:57:28 GMT
Via
1.1 varnish
X-Content-Type-Options
nosniff
Last-Modified
Fri, 14 Feb 2020 20:14:31 GMT
Server
Apache
Age
0
X-Varnish
663815800
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
5316
Expires
Fri, 27 Aug 2021 15:57:28 GMT
container.html
b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1046
6 KB
3 KB
Document
General
Full URL
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062236
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.greenfieldreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.greenfieldreporter.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 13 Aug 2021 15:57:28 GMT
expires
Sat, 13 Aug 2022 15:57:28 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 4DA8
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSngUn69LzBoQHcF4GysXoBnJ5GbxHoKgXuPXU_S27PrWfWv8axyek3N4NpP-nYbBUfLJizFxqXkytYqnMEZgeW_6UB5G6YPjXe3RKhHaioU0Wv6BPpNZYhCYBHJEyKpykmEVbyx0ZJ3pkEie3WGxU9WMc144rkQ0My3grKjehxwIS5AS_7jc93OEABkQfVnR81vPZbYu8UWISucgJxziNU1fAV8YWuuOhZ6x-yoykzzXSCHPw7dKtU0hav7f42AU45Dg__CXnHetONEZKGNqQP99YNqFd5eUWSkxbAJqoyeTU7dLYy2IkTfNfvg22vc2qwxOhveBW&sai=AMfl-YRkQX1f8dsQlJlcoPR0z5LQRSn4Mil4FQ-ig6sbit_Rb6SJyF78ZfWJaIzkknEIBYxO54FpzQuX2wcIbphkgr_chbGX1DdwsIRuwZg7jzUoTXsqzqvwvbG3GtV8eXdm&sig=Cg0ArKJSzKNCHF33NXbPEAE&adurl=
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 15:57:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 13 Aug 2021 15:57:28 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 4DA8
2 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Aug 2021 15:54:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4DA8
124 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
b8cbb54bbb0b069796d0f00768cebf9a55f8b794ba31b2f317633d3533155871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628681446738120"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38222
x-xss-protection
0
expires
Fri, 13 Aug 2021 15:57:28 GMT
14636715559712591508
tpc.googlesyndication.com/simgad/ Frame 4DA8
28 KB
28 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14636715559712591508
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c973a3f8d3736172bf626d596a6f6b98d7d0ce113ab7265d8bb82a7b98cab5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jul 2021 20:36:56 GMT
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28601
x-xss-protection
0
expires
Sat, 13 Aug 2022 15:57:28 GMT
container.html
b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5DCC
6 KB
3 KB
Document
General
Full URL
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062236
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.greenfieldreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.greenfieldreporter.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 13 Aug 2021 15:57:28 GMT
expires
Sat, 13 Aug 2022 15:57:28 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
ffa263f5d44762ba96ccf4475d6da0960f346183c533e582ca0140acadfea7d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628681433796959"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
expires
Fri, 13 Aug 2021 15:57:28 GMT
container.html
b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0AAC
6 KB
3 KB
Document
General
Full URL
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062236
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.greenfieldreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.greenfieldreporter.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 13 Aug 2021 15:57:28 GMT
expires
Sat, 13 Aug 2022 15:57:28 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4DA8
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03662cf6732fb52af1d6b5a2515f1982cb95f5a6313756d57308eebc4cb8ac95

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
dwce_cheq_events
log.outbrainimg.com/loggerServices/
4 B
325 B
XHR
General
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1628870248729&sessionId=ac224f9a-d993-fa20-24bd-67d10567950b&url=www.greenfieldreporter.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Aug 2021 15:57:29 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
4e7a649e5b35b8a01c811f521f45ea6e
Content-Length
4
Expires
0
gtm.js
www.googletagmanager.com/
83 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NS8286F&l=MG2DL
Requested by
Host: g2insights-cdn.azureedge.net
URL: https://g2insights-cdn.azureedge.net/prod/aim/g2i.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
59bff5f6f97d3a0cceb01d8177542fd9dd9373a6a799ab4a0ac02678cd48bc79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33870
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 13 Aug 2021 15:57:28 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/
94 KB
22 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/aim/t8y9347t.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1137
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/8FA5)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
61eb556a-a01e-0063-7059-90758e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Fri, 13 Aug 2021 16:27:28 GMT
index.js
d1wa9546y9kg0n.cloudfront.net/
6 KB
7 KB
Script
General
Full URL
http://d1wa9546y9kg0n.cloudfront.net/index.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/aim/t8y9347t.min.js
Protocol
HTTP/1.1
Server
13.224.89.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-214.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8431f4973d02bcceeadba217953b9a058dad0b1d958f9ba25f9fccfe95d7ae42

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 00:09:00 GMT
Via
1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
Last-Modified
Tue, 23 Feb 2016 09:35:10 GMT
Server
AmazonS3
Age
56909
ETag
"cf67eb51479caf3b57c3577a08b6a038"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
Content-Length
6494
X-Amz-Cf-Id
4eZ9RKJNoF7xSMywWvGwx0EAO4f-zQQF7147W0ayaXiORDGC1KSFrw==
DR__DRPRODDEFAULT.json
cdn.ayc0zsm69431gfebd.xyz/prod/data/aim/
51 KB
52 KB
Fetch
General
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/data/aim/DR__DRPRODDEFAULT.json?_=1628870248759
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/aim/t8y9347t.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
25d5d4f26dac85a8b49f0bbb5826acec77fe161b9dca3a20d8d50fe2c331bb09

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
AppendBlob
date
Fri, 13 Aug 2021 15:57:28 GMT
last-modified
Mon, 09 Aug 2021 16:39:07 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-committed-block-count
1
etag
0x8D95B5434DC23F7
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
bdf8d404-701e-004b-125b-9017e5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,x-ms-blob-committed-block-count,Content-Length,Date,Transfer-Encoding
cache-control
no-cache
x-ms-version
2009-09-19
content-length
52592
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/
631 B
1 KB
Image
General
Full URL
http://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Server
52.217.110.76 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:29 GMT
Last-Modified
Tue, 15 Oct 2019 13:44:16 GMT
Server
AmazonS3
x-amz-request-id
JWJAR7QJ183VW5JG
ETag
"ef2cc7f55b7ab677b023e36033e26471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
x-amz-id-2
y30gxLlxCujuFUP5eq6jhvPwoxL2waHpXzW2IIjNzgL+zIF+TasWVqFvlqrZhBGG8xE3YAC8LKY=
x-amz-meta-s3b-last-modified
20191015T134358Z
view
securepubads.g.doubleclick.net/pcs/ Frame 4DA8
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGGFjPZCqtX5_wXLhpG-RuMSDoXcqu6CN9iWNgjwTICAsAnvZtV-B_D1uVuSRhG87MfFwEWAnvF3pEdf78ExdvqTJ6XJ7EGy5nSQQaCX4CO2jW354unHVyK_01f2v-_EOEFS5jVgpSqLkg3EIqOOHYlxEBA89ND3qpKSqT0xfPVR1U5gnNGWJRy92aeIQ52NA7KYU0NcJu1EwagI7HZZslvtV_1wztsCgMYQfK3WVu7INYhativHS76pW_Wa82cE0SxQ2Ebj3ftJ18zbUO7MHX2sHgAnozX7Ksqpmhq356S5K4fzg-b3blQSOSPNz1T2xZMIvTGNGzaHI&sai=AMfl-YSwQVipi6iDAKfiDJk8XovU0kD3-9zffbAKLO-cVLUv9sFj4LJ0evlcrTapg3alCm8rY1OBUJLI63PbCd-3-0YpxkK35CXLFXISKRud8OYzhb2tH4cjKhzoeyZihpWC&sig=Cg0ArKJSzN759ffDBvFQEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 15:57:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 13 Aug 2021 15:57:28 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5DCC
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
URL: https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 07:41:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Aug 2022 07:41:24 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 5DCC
140 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
URL: https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd902c8972819fa72cbec32cc1e70809717d9a174b23ec0ce2cc831e4f82ae33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49916
x-xss-protection
0
server
cafe
etag
16652301563836661712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Aug 2021 15:57:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5DCC
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
URL: https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
b8cbb54bbb0b069796d0f00768cebf9a55f8b794ba31b2f317633d3533155871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628681446738120"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38222
x-xss-protection
0
expires
Fri, 13 Aug 2021 15:57:28 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1046
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
URL: https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 07:41:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Aug 2022 07:41:24 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 1046
140 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
URL: https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd902c8972819fa72cbec32cc1e70809717d9a174b23ec0ce2cc831e4f82ae33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49916
x-xss-protection
0
server
cafe
etag
16652301563836661712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Aug 2021 15:57:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1046
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
URL: https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
b8cbb54bbb0b069796d0f00768cebf9a55f8b794ba31b2f317633d3533155871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628681446738120"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38222
x-xss-protection
0
expires
Fri, 13 Aug 2021 15:57:28 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0AAC
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
URL: https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 07:41:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Aug 2022 07:41:24 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 0AAC
140 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
URL: https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd902c8972819fa72cbec32cc1e70809717d9a174b23ec0ce2cc831e4f82ae33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49916
x-xss-protection
0
server
cafe
etag
16652301563836661712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Aug 2021 15:57:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0AAC
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
URL: https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
b8cbb54bbb0b069796d0f00768cebf9a55f8b794ba31b2f317633d3533155871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628681446738120"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38222
x-xss-protection
0
expires
Fri, 13 Aug 2021 15:57:28 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/
4 B
325 B
XHR
General
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1628870248793&sessionId=ac224f9a-d993-fa20-24bd-67d10567950b&url=www.greenfieldreporter.com&cheqSource=1&cheqEvent=2&responseTime=697
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Aug 2021 15:57:29 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
54918ad07ba0b911fde13c30751248f3
Content-Length
4
Expires
0
imp.gif
obs.cheqzone.com/tracker/
43 B
135 B
Image
General
Full URL
https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e001368e6cf32ea458e959225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714593d60632fd78afe7d4e2474ebe48debd39e821da61c45085052aae2d05f91e46042cc95b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c1250616e9656ca0990a63ecc89825d957bd1fad811bc551c8c96dd82a77c3d835d27799d6b9fa8ee6e41879a72bb7bcab7f543cb5d56494e541e5114e04830c52d381c38681eb923bce6a88dee3d97cbc2e7a67d62c28c0cec11e73d1bf20f805b2c31a9776ae7a101d009835ff439cd0be71f8df78d209f2c3d9cb6089554066fa501243795b73d7ba64a409d5c18869e5d025fb976c82d1a7be6d88b3f6526a3ed0b81004cbb949023ba5a2b366a12699ea55f3e32cb460bd379555c817d6ab20da1c27e4b28f603f3e7c1e2c0b580bb7e78c6ebf1ea5165c493b8cc15dc38a4a1ef4b9c3a8f93dd0e7e0e094bbfab30d1a7e8818c3e81d37dd1477119321182470e438ef6413c2a6&cb=1628870248793&cri=pGHux1wTfo
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 15:57:28 GMT
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Cache-Control Pragma Expires Content-Type Date Connection Content-Length
content-type
image/gif
content-length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
friends2follow_socialstack_on_init.min.js
greenfieldreporter.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 8C17
87 KB
25 KB
XHR
General
Full URL
https://greenfieldreporter.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack_on_init.min.js
Requested by
Host: greenfieldreporter.friends2follow.com
URL: https://greenfieldreporter.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210720
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.255.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-255-24.compute-1.amazonaws.com
Software
Apache /
Resource Hash
2ef6098b152764c985338092267e7207676c7040d8f12187c4a9b419f1d41e83
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://greenfieldreporter.friends2follow.com/f2f/widget/async/socialstack/73/0/12/140/1/1/1/9/9/1?click=&cache=
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache
HIT
Date
Fri, 13 Aug 2021 15:57:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
64
Connection
keep-alive
Content-Length
25376
Last-Modified
Wed, 04 Oct 2017 17:48:57 GMT
Server
Apache
Vary
Accept-Encoding
X-Varnish
319358276 319353348
Via
1.1 varnish
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Fri, 27 Aug 2021 15:56:24 GMT
f2fi.php
tracking.friends2follow.com/ Frame 8C17
43 B
382 B
Image
General
Full URL
https://tracking.friends2follow.com/f2fi.php?domain=greenfieldreporter.friends2follow.com&wi=73&it=111/5406/7285,107/4344/7283,106/4343/7282,109/4350/7284,104/2342/7280,110/4351/7279,92/292/7275,108/4345/7274,107/4344/7281,111/5406/7278,107/4344/7277,106/4343/7276&ti=1628870227&ha=44588d471a3b031810c779375ce2453c&fi=59a1b796042b7c27ca0df7318423ccd9
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.83.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://greenfieldreporter.friends2follow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache
MISS
Date
Fri, 13 Aug 2021 15:57:28 GMT
Via
1.1 varnish
X-Content-Type-Options
nosniff
Server
Apache
Age
0
Content-Type
image/gif
Cache-Control
must-revalidate
X-Varnish
663815830
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Wed, 11 Nov 1998 11:11:11 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0AAC
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulzJYEGU-FLJw8j1rDfdTXO1A-6zZPMVD4Gxp3ooSL2zV-_NpJ49xrnr9aYHyR6ciEL0R2xqpRqsl3Q9xxl-TCbrFsEAC4qsrDlaGp9-Uspkl7W_wRzqeiUnkb8ulwhQLD8sbpXXVgd4I_al9xaE_Zhm_R_VutiludoWMBUcScTCo6en253oMyJOKIz42_iKrK0Fsef3RE2BFY9_s5sTbAj1cRd8ltHxKxdjsxS1KwR08-Hq9dudPwIs7YXkWn3sz96A92EBUtDlrtr2T4e1Bl5eMa113Ginx3XNSewBPn-5NjIsQlOFkJan-4NTNtCEKmdWcLGrYl8w29gA&sai=AMfl-YQRamVPyTGr0zIAMGFJ2H3kuzr-hw6UFWV0UDUVkd3jc6o2ZmGxXAOcato_E3hlbop1rZEnzt_sfO1xnrGKSQWQz6eHMc3pyIV11DYa-_gwc7ACVF1XxNXFQXaTAwEd&sig=Cg0ArKJSzLyNx8VUKwaHEAE&urlfix=1&adurl=
Requested by
Host: b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
URL: https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 15:57:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 1046
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNxBDPS_VOwyoDUUqLarqJetKJknWaPwsrmfG4QDpH6orj-CAuECkJNGywIyEX6zOKzPq5c6T3Pv1_mfirDjizeP8JIICkiP3f-oyhZ-_MtYASQT2ySIH1ncZYSoWSksgL-HGSP553KZ-ueI6vgaC8oqfx2kSdRHCbFCGpCzg2yTP6yaK00X8W8csxzsBsCXAYiK8pmrZKMkfmavowF70b9sMM3TGLLNFhsBX6tm_nO_ARl3qKBmAB3IAlGnn7Ns0yFnsekdlxIXJFYQ_aFirzj8Rn4QI4Qk0DRQ0ws20BF9TPsPC349ubhJl3oJD6nWzAgwF47WQqTz__yhU&sai=AMfl-YR3_UbFYVTbUCT7rafXvxi_2ZDikcd7VGYAtrqBxvfduHVqfwqg3bSWv2W7tNVyLkBwxMdzD59Ii7eU3mV3WY2IBwXqYVsRJqK7fTyN7xI3St9mFBQjOWpnHk6cOeOJ&sig=Cg0ArKJSzFgJrzXBnR_FEAE&urlfix=1&adurl=
Requested by
Host: b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
URL: https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 15:57:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 5DCC
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss44EsmnojxeYywMs0bvF3D2hhtcLmE2XRy8yWv2edjKI_O9kIEBZxvc2LHuuAKTpsAQ17OXmt3WLaa78R1MkWO19VeSUpvz6oje_XjGVpC-kRBOK-rq5k434yh8oDIrBgaMWXfx6fkTRT7g8Sbb2ZtXhAEiGLhgbfP4REZiAVI-s90Xdb_hyFugHnu4hb-RMRagcuN7tz0xNgzbNg39O4nHlgWbABm16CTpb2bZAkMkBn195wyYjy3o8B2C-gm33t6IwEpRLqjqIByHZR1HpUib7KV-ygccCvjquI10jnwbq0g4n2q58ylLKGy4GhSV9yEWLpgrv3qlvJgEpnb5dCd&sai=AMfl-YSl1xsl3oa3x3uR1QPjzuAS9tv28IRegdQEvgw6Q2qa9KtxiGFRgi_T_nqyhB8j4j2yoYwqOiFSUJBEezj-ZuRv20jyXw_LLtU_q1QyTZlrlmjIY5SatXkfcNUWAhyU&sig=Cg0ArKJSzJJl3v_Fa4PsEAE&urlfix=1&adurl=
Requested by
Host: b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
URL: https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 15:57:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ Frame 5DCC
252 KB
93 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8560941387472259&plah=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95570
x-xss-protection
0
server
cafe
etag
10066065015092213272
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 13 Aug 2021 15:57:28 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/ Frame 7FF0
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210809/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlfGA0e78z5SzbMczt7KDKq1Y-An7DmZaKP95t1Vka3bj2E9ULuUv9VRHgPlRc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 12 Aug 2021 22:05:12 GMT
expires
Thu, 26 Aug 2021 22:05:12 GMT
content-type
text/html; charset=UTF-8
etag
8999110079160743657
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4576
x-xss-protection
0
age
64336
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ Frame 0AAC
252 KB
93 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8560941387472259&plah=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95570
x-xss-protection
0
server
cafe
etag
10066065015092213272
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 13 Aug 2021 15:57:28 GMT
truncated
/ Frame 5DCC
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b8ef1f7c5b31efcaa6f80898adf49381a946a39879b3d092105b945681d30cf

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ Frame 1046
252 KB
93 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8560941387472259&plah=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95570
x-xss-protection
0
server
cafe
etag
10066065015092213272
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 13 Aug 2021 15:57:28 GMT
truncated
/ Frame 1046
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b174c3937e27c15c8614bd08807719bdcd578e2366519c09cb1542c0ecf2bd9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
masonry.pkgd.min.js
greenfieldreporter.friends2follow.com/sites/all/modules/friends2follow/js/ Frame 8C17
23 KB
7 KB
XHR
General
Full URL
https://greenfieldreporter.friends2follow.com/sites/all/modules/friends2follow/js/masonry.pkgd.min.js
Requested by
Host: greenfieldreporter.friends2follow.com
URL: https://greenfieldreporter.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210720
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.255.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-255-24.compute-1.amazonaws.com
Software
Apache /
Resource Hash
13aebf2418a90a3a408fd528fcf45f90027657e5db7cd180312135b639da37c4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://greenfieldreporter.friends2follow.com/f2f/widget/async/socialstack/73/0/12/140/1/1/1/9/9/1?click=&cache=
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache
HIT
Date
Fri, 13 Aug 2021 15:57:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
10
Connection
keep-alive
Content-Length
7034
Last-Modified
Thu, 10 Nov 2016 21:28:54 GMT
Server
Apache
Vary
Accept-Encoding
X-Varnish
663815847 663814738
Via
1.1 varnish
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Fri, 27 Aug 2021 15:57:19 GMT
truncated
/ Frame 0AAC
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57e777a0775190f5e68d747cf7c15b5cf95366d46cbb793a42bbed2028db6d07

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ Frame 5DCC
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8560941387472259&plah=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 15:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5DCC
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8560941387472259&plah=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 15:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B305
78 KB
28 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=4276895084&adk=1395521969&adf=3173046727&pi=t.ma~as.4276895084&w=300&psa=0&format=300x250&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248886&bpp=3&bdt=301&idt=122&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2888767822576&frm=24&ife=3&pv=2&ga_vid=411336925.1628870249&ga_sid=1628870249&ga_hid=2055035991&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2620777031&scr_x=-12245933&scr_y=-12245933&eid=44748449%2C20211866%2C31062297&oid=3&pvsid=4085466409989513&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.e91g8foak7hk&fsb=1&dtd=138
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8560941387472259&plah=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f01575257eee4080ab2e4badafc7ec0b68e6ac4661a9dfb9767729cddec843b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=4276895084&adk=1395521969&adf=3173046727&pi=t.ma~as.4276895084&w=300&psa=0&format=300x250&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248886&bpp=3&bdt=301&idt=122&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2888767822576&frm=24&ife=3&pv=2&ga_vid=411336925.1628870249&ga_sid=1628870249&ga_hid=2055035991&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2620777031&scr_x=-12245933&scr_y=-12245933&eid=44748449%2C20211866%2C31062297&oid=3&pvsid=4085466409989513&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.e91g8foak7hk&fsb=1&dtd=138
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlfGA0e78z5SzbMczt7KDKq1Y-An7DmZaKP95t1Vka3bj2E9ULuUv9VRHgPlRc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 13 Aug 2021 15:57:29 GMT
server
cafe
content-length
28461
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 5DCC
73 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8560941387472259&plah=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
ffa263f5d44762ba96ccf4475d6da0960f346183c533e582ca0140acadfea7d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:29 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628681433796959"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
expires
Fri, 13 Aug 2021 15:57:29 GMT
integrator.js
adservice.google.de/adsid/ Frame 0AAC
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8560941387472259&plah=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 15:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0AAC
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8560941387472259&plah=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 15:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7498
102 KB
37 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=1211748044&adk=3016629187&adf=3173046726&pi=t.ma~as.1211748044&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248909&bpp=2&bdt=317&idt=145&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2048775415397&frm=24&ife=3&pv=2&ga_vid=1102279058.1628870249&ga_sid=1628870249&ga_hid=1423830209&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062178%2C31062297&oid=3&pvsid=769119180703108&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.g9yxv37fb1n6&fsb=1&dtd=150
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8560941387472259&plah=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d13c57d64de527d206f2ae6589b688c6039e9ee9b9fb21fdfb1340ac5147adf
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIGj08SurvICFUsE4Aod7SIIzA&gqi=aZYWYZyGBMrG7_UPiNCWiA0&layout=/sadbundle/%24csp%253Der3%24/16330283978221309291/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=1211748044&adk=3016629187&adf=3173046726&pi=t.ma~as.1211748044&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248909&bpp=2&bdt=317&idt=145&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2048775415397&frm=24&ife=3&pv=2&ga_vid=1102279058.1628870249&ga_sid=1628870249&ga_hid=1423830209&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062178%2C31062297&oid=3&pvsid=769119180703108&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.g9yxv37fb1n6&fsb=1&dtd=150
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlfGA0e78z5SzbMczt7KDKq1Y-An7DmZaKP95t1Vka3bj2E9ULuUv9VRHgPlRc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIGj08SurvICFUsE4Aod7SIIzA&gqi=aZYWYZyGBMrG7_UPiNCWiA0&layout=/sadbundle/%24csp%253Der3%24/16330283978221309291/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 13 Aug 2021 15:57:29 GMT
server
cafe
content-length
37631
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 0AAC
73 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8560941387472259&plah=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
ffa263f5d44762ba96ccf4475d6da0960f346183c533e582ca0140acadfea7d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:29 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628681433796959"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
expires
Fri, 13 Aug 2021 15:57:29 GMT
integrator.js
adservice.google.de/adsid/ Frame 1046
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8560941387472259&plah=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 15:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1046
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8560941387472259&plah=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 15:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FA29
102 KB
37 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=6229514277&adk=3921771909&adf=3173046729&pi=t.ma~as.6229514277&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248945&bpp=1&bdt=358&idt=119&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=3368534226065&frm=24&ife=3&pv=2&ga_vid=174578696.1628870249&ga_sid=1628870249&ga_hid=837287916&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=242847332390508&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.1k4brr5o2jj0&fsb=1&dtd=125
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8560941387472259&plah=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d630c8b21d6d1c6448073fe6bcdc798108fc800194ec0e3f68845c333c0d4699
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJWN1MSurvICFQ653godF_sIyg&gqi=aZYWYYjsBIDF7_UPzeqEyAc&layout=/sadbundle/%24csp%253Der3%24/16330283978221309291/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=6229514277&adk=3921771909&adf=3173046729&pi=t.ma~as.6229514277&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248945&bpp=1&bdt=358&idt=119&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=3368534226065&frm=24&ife=3&pv=2&ga_vid=174578696.1628870249&ga_sid=1628870249&ga_hid=837287916&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=242847332390508&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.1k4brr5o2jj0&fsb=1&dtd=125
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlfGA0e78z5SzbMczt7KDKq1Y-An7DmZaKP95t1Vka3bj2E9ULuUv9VRHgPlRc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJWN1MSurvICFQ653godF_sIyg&gqi=aZYWYYjsBIDF7_UPzeqEyAc&layout=/sadbundle/%24csp%253Der3%24/16330283978221309291/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 13 Aug 2021 15:57:29 GMT
server
cafe
content-length
37483
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 1046
73 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8560941387472259&plah=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
ffa263f5d44762ba96ccf4475d6da0960f346183c533e582ca0140acadfea7d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:29 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628681433796959"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
expires
Fri, 13 Aug 2021 15:57:29 GMT
friends2follow_infinitescroll_and_share_follow.min.js
greenfieldreporter.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 8C17
24 KB
13 KB
XHR
General
Full URL
https://greenfieldreporter.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_infinitescroll_and_share_follow.min.js
Requested by
Host: greenfieldreporter.friends2follow.com
URL: https://greenfieldreporter.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210720
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.255.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-255-24.compute-1.amazonaws.com
Software
Apache /
Resource Hash
479789ebc7c7b79e6b0a3cd5769880403fedb19890b2c1a959cdd9a400f90db3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://greenfieldreporter.friends2follow.com/f2f/widget/async/socialstack/73/0/12/140/1/1/1/9/9/1?click=&cache=
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache
HIT
Date
Fri, 13 Aug 2021 15:57:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
478
Connection
keep-alive
Content-Length
13249
Last-Modified
Wed, 04 Oct 2017 17:48:57 GMT
Server
Apache
Vary
Accept-Encoding
X-Varnish
319358303 319316138
Via
1.1 varnish
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Fri, 27 Aug 2021 15:49:31 GMT
widgets.js
platform.twitter.com/ Frame 8C17
96 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67DF) /
Resource Hash
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Referer
https://greenfieldreporter.friends2follow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 20:34:57 GMT
Server
ECS (frb/67DF)
Age
946
Etag
"d405b816322f9770c70cbd10cfa87be4+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28872
platform.js
apis.google.com/js/ Frame 8C17
54 KB
21 KB
Script
General
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: greenfieldreporter.friends2follow.com
URL: https://greenfieldreporter.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7c0d08933537eec00050d60f0955e4088385a35bcb115e7d9d8fe9016cb17b2c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PdGqFrBHiqOZrAVLCJDXGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://greenfieldreporter.friends2follow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"30d1d2919676634bf2aebe648f84c2ce"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-PdGqFrBHiqOZrAVLCJDXGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Fri, 13 Aug 2021 15:57:29 GMT
widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html
platform.twitter.com/widgets/ Frame 1247
319 KB
103 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fgreenfieldreporter.friends2follow.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6752) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://greenfieldreporter.friends2follow.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://greenfieldreporter.friends2follow.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
349152
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 13 Aug 2021 15:57:29 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 02 Aug 2021 20:33:53 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6752)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
settings
syndication.twitter.com/ Frame 1247
232 B
432 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=9685a6fe8f3d75f1ff14f2b52be67803dd395660
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fgreenfieldreporter.friends2follow.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:28 GMT
content-encoding
gzip
last-modified
Fri, 13 Aug 2021 15:57:29 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
1665b9c607e3edc7e3c5718d2aa4ed376a17d9798d9d0411079077e54545a35e
content-length
166
truncated
/ Frame 8C17
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
views
prod-aim-proxy-connext.azurewebsites.net/api/
64 B
1 KB
Fetch
General
Full URL
https://prod-aim-proxy-connext.azurewebsites.net/api/views?UserId=98471b02304339174932744b91e35555&ConfigCode=DRPRODDEFAULT&SiteCode=DR
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/aim/t8y9347t.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash
26a3fabdf71141620385737bed9c17655464346664a470a1bdd006c96660d940

Request headers

source-system
Plugin
site-code
DR
autoqa
false
ssid
02812616b616384f0a0cd45191856512
settingskey
null
authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2Mjg4ODQ2NDh9.XnDrJZqfPKMs0K32KBiZt3irQhccFcdqS1k-2Z0aJbk
location
System
content-type
application/json
access-control-allow-origin
*
accept
application/json
environment
prod
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
config-code
DRPRODDEFAULT
version
Version: 2.7

Response headers

Pragma
no-cache
Date
Fri, 13 Aug 2021 15:57:29 GMT
Content-Encoding
gzip
Expires
-1
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Server-Time,Request-Context
Cache-Control
no-cache
Content-Length
176
X-Server-Time
8/13/2021 3:57:30 PM
Request-Context
appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019
views
prod-aim-proxy-connext.azurewebsites.net/api/ Frame
0
0
Preflight
General
Full URL
https://prod-aim-proxy-connext.azurewebsites.net/api/views?UserId=98471b02304339174932744b91e35555&ConfigCode=DRPRODDEFAULT&SiteCode=DR
Protocol
HTTP/1.1
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Origin
http://www.greenfieldreporter.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
X-Powered-By
ASP.NET
Date
Fri, 13 Aug 2021 15:57:28 GMT
Content-Length
0
like.php
www.facebook.com/plugins/ Frame D797
0
1 KB
Document
General
Full URL
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F169226043087676&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
Requested by
Host: greenfieldreporter.friends2follow.com
URL: https://greenfieldreporter.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F169226043087676&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://greenfieldreporter.friends2follow.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://greenfieldreporter.friends2follow.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com fbsbx.com *.atdmt.com;report-uri https://www.facebook.com/csp/reporting/;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
+YSGzYCU3UoJYUYOrWpW895SD+2pdOut/YeUuHQCZJ+2RYjXbCw7Xqx37muFNqC2g5QClgGwWpPy2y9RGcZDCQ==
content-length
0
date
Fri, 13 Aug 2021 15:57:29 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
236442913_4792238054119762_7508245506506899737_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/l/t1.6435-9/p720x720/ Frame 8C17
119 KB
119 KB
Image
General
Full URL
https://scontent-iad3-1.xx.fbcdn.net/v/l/t1.6435-9/p720x720/236442913_4792238054119762_7508245506506899737_n.jpg?_nc_cat=100&ccb=1-4&_nc_sid=8024bb&_nc_ohc=1xv72GwuXC8AX-BjSAD&_nc_ht=scontent-iad3-1.xx&edm=AKK4YLsEAAAA&oh=fce272bbfb82eb87de6b07ee76cdc6d4&oe=613AE051
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8d041ab2ed7a65f5e35d8f34327e294350f5040feff005b3d35bfa54b2584205

Request headers

Referer
https://greenfieldreporter.friends2follow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
734051792
date
Fri, 13 Aug 2021 15:57:29 GMT
x-fb-trip-id
1814657579
last-modified
Fri, 13 Aug 2021 12:46:50 GMT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3325673574
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
122037
197665421_4597106243632945_5323833254818106824_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/ Frame 8C17
950 B
1 KB
Image
General
Full URL
https://scontent-iad3-1.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/197665421_4597106243632945_5323833254818106824_n.jpg?_nc_cat=110&ccb=1-4&_nc_sid=dbb9e7&_nc_ohc=euoxveai2KAAX8JeCWw&_nc_ht=scontent-iad3-1.xx&edm=AOf6bZoEAAAA&oh=57a80d4af0ede6ad2dd9e675d01ae70a&oe=613B8B72
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
babd317954f3fbacd29e37e1580ad4642902284e960f327de155b4f8176e200e

Request headers

Referer
https://greenfieldreporter.friends2follow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1847814281
date
Fri, 13 Aug 2021 15:57:29 GMT
x-fb-trip-id
1814657579
last-modified
Mon, 07 Jun 2021 16:19:08 GMT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1867289984
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
950
ec3ea30333ad1110b4d8ff996853622218c351c7574f31c7a1d414635221f9a6
friends2follow-us.s3.amazonaws.com/external-images/ Frame 8C17
20 KB
20 KB
Image
General
Full URL
https://friends2follow-us.s3.amazonaws.com/external-images/ec3ea30333ad1110b4d8ff996853622218c351c7574f31c7a1d414635221f9a6
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.67.84 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4e64229dff9fbad03ec96b616f3f05f989e50899738a32b320521a9c08985d96

Request headers

Referer
https://greenfieldreporter.friends2follow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:30 GMT
x-amz-expiration
expiry-date="Sun, 12 Dec 2021 00:00:00 GMT", rule-id="Rule for : external-images/"
Last-Modified
Fri, 13 Aug 2021 06:15:06 GMT
Server
AmazonS3
x-amz-request-id
CNK571FGJHFHGACC
ETag
"baeb5a842ed2c8a30e578b20bbb007d6"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
20088
x-amz-id-2
YsNYxk6hBFbsfmQ0rqp1YEsfa0PEBBf4q2ypJm9hrVprA5eKeMqj3ukI9oCQaSb196zQPNQLMs8=
b992d571fdc28364065a3deebd5e0687489fc98097406458733b3a1f874bc4e4
friends2follow-us.s3.amazonaws.com/external-avatars/ Frame 8C17
3 KB
3 KB
Image
General
Full URL
https://friends2follow-us.s3.amazonaws.com/external-avatars/b992d571fdc28364065a3deebd5e0687489fc98097406458733b3a1f874bc4e4
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.67.84 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
010d94a7426c714aaf7d4ebd0a50f95a8ece791c111710256949fd8bb7303513

Request headers

Referer
https://greenfieldreporter.friends2follow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:30 GMT
Last-Modified
Sun, 13 Jun 2021 02:21:24 GMT
Server
AmazonS3
x-amz-request-id
CNKCE2ZESERX6SGP
ETag
"d3e582311c0f73b223fede2c07e1c4a7"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2927
x-amz-id-2
uim3MpexVejch/Epug1uTjQGdJ/7/oMTBLFrkr/nCg7KqEVdksv7ibn9hcJzvljku6PW1OMeyrw=
d6eb494dff3fb21f0f1794776fd56f8768c45908ccc24acb9bd7b3ffdaf889c7
friends2follow-us.s3.amazonaws.com/external-images/ Frame 8C17
26 KB
26 KB
Image
General
Full URL
https://friends2follow-us.s3.amazonaws.com/external-images/d6eb494dff3fb21f0f1794776fd56f8768c45908ccc24acb9bd7b3ffdaf889c7
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.67.84 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f6bc60a2236521da275b572615694792a721d87b9e7c8aa28dcf9a66dff29f7e

Request headers

Referer
https://greenfieldreporter.friends2follow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:30 GMT
x-amz-expiration
expiry-date="Sun, 12 Dec 2021 00:00:00 GMT", rule-id="Rule for : external-images/"
Last-Modified
Fri, 13 Aug 2021 03:51:05 GMT
Server
AmazonS3
x-amz-request-id
CNK9ZSM39B03EXX1
ETag
"5d8890d276f5c776a8251b922bfd7b81"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
26268
x-amz-id-2
5TvIo8Yr0g5BETnngyKWdOfJyF2bzolww0LBk9F6pUSsNdBgDayEGqOHE59tBC9QFiZdG9mU+l4=
css
fonts.googleapis.com/ Frame B305
6 KB
669 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=4276895084&adk=1395521969&adf=3173046727&pi=t.ma~as.4276895084&w=300&psa=0&format=300x250&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248886&bpp=3&bdt=301&idt=122&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2888767822576&frm=24&ife=3&pv=2&ga_vid=411336925.1628870249&ga_sid=1628870249&ga_hid=2055035991&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2620777031&scr_x=-12245933&scr_y=-12245933&eid=44748449%2C20211866%2C31062297&oid=3&pvsid=4085466409989513&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.e91g8foak7hk&fsb=1&dtd=138
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 15:35:48 GMT
server
ESF
date
Fri, 13 Aug 2021 15:57:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Aug 2021 15:57:29 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame B305
1 KB
857 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=4276895084&adk=1395521969&adf=3173046727&pi=t.ma~as.4276895084&w=300&psa=0&format=300x250&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248886&bpp=3&bdt=301&idt=122&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2888767822576&frm=24&ife=3&pv=2&ga_vid=411336925.1628870249&ga_sid=1628870249&ga_hid=2055035991&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2620777031&scr_x=-12245933&scr_y=-12245933&eid=44748449%2C20211866%2C31062297&oid=3&pvsid=4085466409989513&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.e91g8foak7hk&fsb=1&dtd=138
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:46:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
634
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Aug 2021 15:46:55 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame B305
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=4276895084&adk=1395521969&adf=3173046727&pi=t.ma~as.4276895084&w=300&psa=0&format=300x250&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248886&bpp=3&bdt=301&idt=122&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2888767822576&frm=24&ife=3&pv=2&ga_vid=411336925.1628870249&ga_sid=1628870249&ga_hid=2055035991&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2620777031&scr_x=-12245933&scr_y=-12245933&eid=44748449%2C20211866%2C31062297&oid=3&pvsid=4085466409989513&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.e91g8foak7hk&fsb=1&dtd=138
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:56:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7614
x-xss-protection
0
server
cafe
etag
9899176843389144697
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Aug 2021 15:56:46 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame B305
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=4276895084&adk=1395521969&adf=3173046727&pi=t.ma~as.4276895084&w=300&psa=0&format=300x250&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248886&bpp=3&bdt=301&idt=122&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2888767822576&frm=24&ife=3&pv=2&ga_vid=411336925.1628870249&ga_sid=1628870249&ga_hid=2055035991&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2620777031&scr_x=-12245933&scr_y=-12245933&eid=44748449%2C20211866%2C31062297&oid=3&pvsid=4085466409989513&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.e91g8foak7hk&fsb=1&dtd=138
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Aug 2021 15:54:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B305
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=4276895084&adk=1395521969&adf=3173046727&pi=t.ma~as.4276895084&w=300&psa=0&format=300x250&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248886&bpp=3&bdt=301&idt=122&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2888767822576&frm=24&ife=3&pv=2&ga_vid=411336925.1628870249&ga_sid=1628870249&ga_hid=2055035991&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2620777031&scr_x=-12245933&scr_y=-12245933&eid=44748449%2C20211866%2C31062297&oid=3&pvsid=4085466409989513&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.e91g8foak7hk&fsb=1&dtd=138
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
b8cbb54bbb0b069796d0f00768cebf9a55f8b794ba31b2f317633d3533155871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:29 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628681446738120"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38222
x-xss-protection
0
expires
Fri, 13 Aug 2021 15:57:29 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame B305
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=4276895084&adk=1395521969&adf=3173046727&pi=t.ma~as.4276895084&w=300&psa=0&format=300x250&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248886&bpp=3&bdt=301&idt=122&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2888767822576&frm=24&ife=3&pv=2&ga_vid=411336925.1628870249&ga_sid=1628870249&ga_hid=2055035991&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2620777031&scr_x=-12245933&scr_y=-12245933&eid=44748449%2C20211866%2C31062297&oid=3&pvsid=4085466409989513&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.e91g8foak7hk&fsb=1&dtd=138
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:54:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6204
x-xss-protection
0
server
cafe
etag
11055049251678278959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Aug 2021 15:54:29 GMT
b0784018e1fbf9b21026a03ef4bd1046.js
www.gstatic.com/mysidia/ Frame B305
26 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/b0784018e1fbf9b21026a03ef4bd1046.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=4276895084&adk=1395521969&adf=3173046727&pi=t.ma~as.4276895084&w=300&psa=0&format=300x250&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248886&bpp=3&bdt=301&idt=122&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2888767822576&frm=24&ife=3&pv=2&ga_vid=411336925.1628870249&ga_sid=1628870249&ga_hid=2055035991&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2620777031&scr_x=-12245933&scr_y=-12245933&eid=44748449%2C20211866%2C31062297&oid=3&pvsid=4085466409989513&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.e91g8foak7hk&fsb=1&dtd=138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
357839b656a38b688c109822362a471abf0cfa1c50b94f913e8c141fba7f59bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 09:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
197625
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10788
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 03:04:34 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 09:03:44 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B305
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CwIZDaZYWYaqRA_mQ7_UPvKyCiArA1Pi2ZIeazIrlDsza9pj-DhABIIKq8w5glQKgAeKa8Y4DyAEJqQKNrTy1HruzPqgDAcgDywSqBMgBT9AFp7gl6X1A8VkGSmg-KrnWcbnYbgEISWH0C7zngKUWOkOuBGAB8YM376bn767x_H9Mmc-P81pMVhuf9sATpWY_WtNEB2cCUFphIppPBeWuavLFbp0Nm_3PUh0gZ7GU4Tfh0QK655A379J8Iz265A1kGs8tkjztsqsVF_OAcSJtJh2sUHgYQkUHRAqnPybuI7vygh0LKwJipThqByM1fXWfH56LeigAVU9qfTVjglRTwROi7QoD35Z5PwEfy84BkqAOD6g8OJrABKPGs6XMA5IFBAgEGAGSBQQIBRgEoAYugAeG5Y5xqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEIbSA9IICQiA4YAQEAEYH4AKAcgLAdgTDIgUA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi04NTYwOTQxMzg3NDcyMjU5GAA&sigh=4H0JfiEJhHk&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=4276895084&adk=1395521969&adf=3173046727&pi=t.ma~as.4276895084&w=300&psa=0&format=300x250&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248886&bpp=3&bdt=301&idt=122&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2888767822576&frm=24&ife=3&pv=2&ga_vid=411336925.1628870249&ga_sid=1628870249&ga_hid=2055035991&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2620777031&scr_x=-12245933&scr_y=-12245933&eid=44748449%2C20211866%2C31062297&oid=3&pvsid=4085466409989513&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.e91g8foak7hk&fsb=1&dtd=138
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=4276895084&adk=1395521969&adf=3173046727&pi=t.ma~as.4276895084&w=300&psa=0&format=300x250&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248886&bpp=3&bdt=301&idt=122&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2888767822576&frm=24&ife=3&pv=2&ga_vid=411336925.1628870249&ga_sid=1628870249&ga_hid=2055035991&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2620777031&scr_x=-12245933&scr_y=-12245933&eid=44748449%2C20211866%2C31062297&oid=3&pvsid=4085466409989513&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.e91g8foak7hk&fsb=1&dtd=138
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 13 Aug 2021 15:57:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
2076313506083323656
tpc.googlesyndication.com/simgad/1266052335823918215/ Frame B305
62 KB
63 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1266052335823918215/2076313506083323656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=4276895084&adk=1395521969&adf=3173046727&pi=t.ma~as.4276895084&w=300&psa=0&format=300x250&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248886&bpp=3&bdt=301&idt=122&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2888767822576&frm=24&ife=3&pv=2&ga_vid=411336925.1628870249&ga_sid=1628870249&ga_hid=2055035991&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2620777031&scr_x=-12245933&scr_y=-12245933&eid=44748449%2C20211866%2C31062297&oid=3&pvsid=4085466409989513&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.e91g8foak7hk&fsb=1&dtd=138
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35c67a1a1ac36782b2363ead5bcafd11a49b115b0e3c7d0fda304bcf05227e72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 14:08:09 GMT
x-content-type-options
nosniff
age
92960
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63993
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 12:48:36 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Aug 2022 14:08:09 GMT
truncated
/ Frame B305
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
485d1972851f2bd02a4f7953f5e0f66d954b3a7cc12e4e3cfd403b4ecaddc5d4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0E82
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=4276895084&adk=1395521969&adf=3173046727&pi=t.ma~as.4276895084&w=300&psa=0&format=300x250&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248886&bpp=3&bdt=301&idt=122&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2888767822576&frm=24&ife=3&pv=2&ga_vid=411336925.1628870249&ga_sid=1628870249&ga_hid=2055035991&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2620777031&scr_x=-12245933&scr_y=-12245933&eid=44748449%2C20211866%2C31062297&oid=3&pvsid=4085466409989513&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.e91g8foak7hk&fsb=1&dtd=138
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 13 Aug 2021 03:09:05 GMT
expires
Sat, 14 Aug 2021 03:09:05 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
46104
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame 7498
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=1211748044&adk=3016629187&adf=3173046726&pi=t.ma~as.1211748044&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248909&bpp=2&bdt=317&idt=145&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2048775415397&frm=24&ife=3&pv=2&ga_vid=1102279058.1628870249&ga_sid=1628870249&ga_hid=1423830209&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062178%2C31062297&oid=3&pvsid=769119180703108&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.g9yxv37fb1n6&fsb=1&dtd=150
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:56:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7614
x-xss-protection
0
server
cafe
etag
9899176843389144697
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Aug 2021 15:56:46 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 7498
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=1211748044&adk=3016629187&adf=3173046726&pi=t.ma~as.1211748044&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248909&bpp=2&bdt=317&idt=145&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2048775415397&frm=24&ife=3&pv=2&ga_vid=1102279058.1628870249&ga_sid=1628870249&ga_hid=1423830209&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062178%2C31062297&oid=3&pvsid=769119180703108&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.g9yxv37fb1n6&fsb=1&dtd=150
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Aug 2021 15:54:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7498
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=1211748044&adk=3016629187&adf=3173046726&pi=t.ma~as.1211748044&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248909&bpp=2&bdt=317&idt=145&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2048775415397&frm=24&ife=3&pv=2&ga_vid=1102279058.1628870249&ga_sid=1628870249&ga_hid=1423830209&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062178%2C31062297&oid=3&pvsid=769119180703108&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.g9yxv37fb1n6&fsb=1&dtd=150
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
b8cbb54bbb0b069796d0f00768cebf9a55f8b794ba31b2f317633d3533155871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:29 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628681446738120"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38222
x-xss-protection
0
expires
Fri, 13 Aug 2021 15:57:29 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 7498
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=1211748044&adk=3016629187&adf=3173046726&pi=t.ma~as.1211748044&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248909&bpp=2&bdt=317&idt=145&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2048775415397&frm=24&ife=3&pv=2&ga_vid=1102279058.1628870249&ga_sid=1628870249&ga_hid=1423830209&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062178%2C31062297&oid=3&pvsid=769119180703108&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.g9yxv37fb1n6&fsb=1&dtd=150
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:54:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6204
x-xss-protection
0
server
cafe
etag
11055049251678278959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Aug 2021 15:54:29 GMT
l
www.google.com/ads/measurement/ Frame 7498
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJLXeaA9sNK4OSR3ItRJjssYEYLh8G_HZsJIPgZZ6xOimivTjVQ3N4dx1AxKWuR0N3c8uqHpB4JTqYg3eWJMs-a1UyHA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=1211748044&adk=3016629187&adf=3173046726&pi=t.ma~as.1211748044&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248909&bpp=2&bdt=317&idt=145&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2048775415397&frm=24&ife=3&pv=2&ga_vid=1102279058.1628870249&ga_sid=1628870249&ga_hid=1423830209&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062178%2C31062297&oid=3&pvsid=769119180703108&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.g9yxv37fb1n6&fsb=1&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/ Frame 4435
12 KB
3 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=1211748044&adk=3016629187&adf=3173046726&pi=t.ma~as.1211748044&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248909&bpp=2&bdt=317&idt=145&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2048775415397&frm=24&ife=3&pv=2&ga_vid=1102279058.1628870249&ga_sid=1628870249&ga_hid=1423830209&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062178%2C31062297&oid=3&pvsid=769119180703108&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.g9yxv37fb1n6&fsb=1&dtd=150
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e4b75816c1b2088ba5305eea405c0cddeeebee0f30ca09801724ea60ff49a35
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/16330283978221309291/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3379
date
Tue, 10 Aug 2021 07:20:32 GMT
expires
Wed, 10 Aug 2022 07:20:32 GMT
last-modified
Thu, 01 Apr 2021 16:57:02 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
290217
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 7498
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C_g0XaZYWYcHKBMuIgAftxaDgDMuK26likaDnotgN29keEAEggqrzDmCVAqABtZDEwAPIAQmoAwHIA0iqBM8BT9Bd_rZDDXpNgq46mIPZjc7QMyNwrgIEFQvkq0pZ0qYHoiM-u4R3jnemJicp2O9Mm0rXfO1MTLtCEzFe2VIYHhiZNWUJCNT1PTdXCPXgnXUyjtYZWhz-UAh3dEZ_lxVzGghYiuNexZmjHNHgOvfYXI-moy_xOK3QBwO8jo9_Zz1Cy483yXIhQLTuHmoDiBTTVo-g73kZGQX_JPn8oj3g2UUPRB5uE3Ap127zS0S26a51TjMPWaV-NFPL-CeUTSeterhuXDawDQjeegtQvQ-qwAS_lY_zzQOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHs--7P6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCB_gTSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItODU2MDk0MTM4NzQ3MjI1ORgA&sigh=2Z9wLtzPf7Q&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=1211748044&adk=3016629187&adf=3173046726&pi=t.ma~as.1211748044&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248909&bpp=2&bdt=317&idt=145&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2048775415397&frm=24&ife=3&pv=2&ga_vid=1102279058.1628870249&ga_sid=1628870249&ga_hid=1423830209&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062178%2C31062297&oid=3&pvsid=769119180703108&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.g9yxv37fb1n6&fsb=1&dtd=150
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=1211748044&adk=3016629187&adf=3173046726&pi=t.ma~as.1211748044&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248909&bpp=2&bdt=317&idt=145&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2048775415397&frm=24&ife=3&pv=2&ga_vid=1102279058.1628870249&ga_sid=1628870249&ga_hid=1423830209&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062178%2C31062297&oid=3&pvsid=769119180703108&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.g9yxv37fb1n6&fsb=1&dtd=150
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 13 Aug 2021 15:57:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame B305
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ddc3ac8ef0b6ae7c4b2b0cb8a3a33d688ae7b36df803ad369a97472bbba37f9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B305
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 18:26:24 GMT
x-content-type-options
nosniff
age
336665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Aug 2022 18:26:24 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B305
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 12:00:01 GMT
x-content-type-options
nosniff
age
273448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 12:00:01 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B305
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 01:45:21 GMT
x-content-type-options
nosniff
age
310328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 01:45:21 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 01DA
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=1211748044&adk=3016629187&adf=3173046726&pi=t.ma~as.1211748044&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248909&bpp=2&bdt=317&idt=145&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2048775415397&frm=24&ife=3&pv=2&ga_vid=1102279058.1628870249&ga_sid=1628870249&ga_hid=1423830209&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062178%2C31062297&oid=3&pvsid=769119180703108&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.g9yxv37fb1n6&fsb=1&dtd=150
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=1211748044&adk=3016629187&adf=3173046726&pi=t.ma~as.1211748044&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248909&bpp=2&bdt=317&idt=145&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2048775415397&frm=24&ife=3&pv=2&ga_vid=1102279058.1628870249&ga_sid=1628870249&ga_hid=1423830209&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062178%2C31062297&oid=3&pvsid=769119180703108&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.g9yxv37fb1n6&fsb=1&dtd=150
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlfGA0e78z5SzbMczt7KDKq1Y-An7DmZaKP95t1Vka3bj2E9ULuUv9VRHgPlRc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=1211748044&adk=3016629187&adf=3173046726&pi=t.ma~as.1211748044&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248909&bpp=2&bdt=317&idt=145&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2048775415397&frm=24&ife=3&pv=2&ga_vid=1102279058.1628870249&ga_sid=1628870249&ga_hid=1423830209&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062178%2C31062297&oid=3&pvsid=769119180703108&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.g9yxv37fb1n6&fsb=1&dtd=150

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 13 Aug 2021 15:16:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2465
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 7498
0
20 B
Other
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIGj08SurvICFUsE4Aod7SIIzA&gqi=aZYWYZyGBMrG7_UPiNCWiA0&layout=/sadbundle/%24csp%253Der3%24/16330283978221309291/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=1211748044&adk=3016629187&adf=3173046726&pi=t.ma~as.1211748044&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248909&bpp=2&bdt=317&idt=145&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2048775415397&frm=24&ife=3&pv=2&ga_vid=1102279058.1628870249&ga_sid=1628870249&ga_hid=1423830209&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062178%2C31062297&oid=3&pvsid=769119180703108&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.g9yxv37fb1n6&fsb=1&dtd=150
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 15:57:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 7498
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b0ec6aa4700a370fd379ec9b3e62e28468e0e471782e36c34bc540e1a391a51

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 4435
9 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 19:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73299
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 13 Aug 2021 19:35:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4435
26 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 12:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11996
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 14 Aug 2021 12:37:33 GMT
2b9bca78717e44645984f4bd46ca7462.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/ Frame 4435
71 KB
19 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/2b9bca78717e44645984f4bd46ca7462.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05a6817c5341d7fb32880cf79cc5b3ed89340d3bdf5d240c1c1a14349a16e759
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
290217
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19087
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 16:57:02 GMT
server
sffe
date
Tue, 10 Aug 2021 07:20:32 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 07:20:32 GMT
dpixel
cms.quantserve.com/ Frame 0E82
35 B
464 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEQkssMxLYgHRTimVg5vlgU&google_cver=1&google_push=AYg5qPJ2mvozy1ZprpGlz6vzkOdM2h4GzKlxrpC0Tri5PFXvbJ1yu4LzlkcxXJNKn6p2fUbLz1m-_PvaPRqiv4jyv_aELP23cM9X
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=4276895084&adk=1395521969&adf=3173046727&pi=t.ma~as.4276895084&w=300&psa=0&format=300x250&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248886&bpp=3&bdt=301&idt=122&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2888767822576&frm=24&ife=3&pv=2&ga_vid=411336925.1628870249&ga_sid=1628870249&ga_hid=2055035991&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2620777031&scr_x=-12245933&scr_y=-12245933&eid=44748449%2C20211866%2C31062297&oid=3&pvsid=4085466409989513&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.e91g8foak7hk&fsb=1&dtd=138
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 15:57:30 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0E82
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJo_JWNjsgd-rM4sBXFqBOVKeZMHpci1gPosUp_Mgljzc6wkVskohtXqYrAG0nf8WfkzouZemjG7u564WRNtZoxCwskkYo&google_gid=CAESEHGzlKnZ1DlZMqUHw5LFlFM&goog...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOms2ogGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBKb19KV05qc2dkLXJNNHNCWEZxQk9WS2VaTUhwY2kxZ1Bvc1VwX01nbGp6YzZ3a1Zza29odFhxWXJBRzBuZjhXZmt6b3VaZW1qRzd1NTY0V1...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMUJqdURSMGExWG5uTmp2WTZ6TWRmazZEaVNtRjktck0tT1dWSFd5aDBnVQ==&google_push
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMUJqdURSMGExWG5uTmp2WTZ6TWRmazZEaVNtRjktck0tT1dWSFd5aDBnVQ==&google_push
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 15:57:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 13 Aug 2021 15:57:29 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMUJqdURSMGExWG5uTmp2WTZ6TWRmazZEaVNtRjktck0tT1dWSFd5aDBnVQ==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
sync
odr.mookie1.com/t/v2/ Frame 0E82
43 B
324 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEMGzRYYwyBD7wCMM4VOoqJ8&google_push=AYg5qPJZrxEw_etW5PoshCLh2tGfyPSEixeGKNiO7qLtaGj9B31olev7_BmfEkp92EWPm2WJaVoOYhkTIRXSLvgabOVkq5IxwRXM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=4276895084&adk=1395521969&adf=3173046727&pi=t.ma~as.4276895084&w=300&psa=0&format=300x250&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248886&bpp=3&bdt=301&idt=122&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2888767822576&frm=24&ife=3&pv=2&ga_vid=411336925.1628870249&ga_sid=1628870249&ga_hid=2055035991&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2620777031&scr_x=-12245933&scr_y=-12245933&eid=44748449%2C20211866%2C31062297&oid=3&pvsid=4085466409989513&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.e91g8foak7hk&fsb=1&dtd=138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 15:57:29 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0E82
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGomtww1hP72Dyb1fmWms2E&google_cver=1&google_push=AYg5qPL4A5mKKtqBzBwaMQWcqOw1pqs0cPabeW3Urzut3b_kNwY3lMyUHk5LODE0o5Y7wPx3TPQGR72B3G1w-NS_KaV7oqJoBVmf
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGomtww1hP72Dyb1fmWms2E&google_cver=1&google_push=AYg5qPL4A5mKKtqBzBwaMQWcqOw1pqs0cPabeW3Urzut3b_kNwY3lMyUHk5LODE0o5Y7wPx3TPQGR72B3G1w-NS_KaV7oqJoBVmf&...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL4A5mKKtqBzBwaMQWcqOw1pqs0cPabeW3Urzut3b_kNwY3lMyUHk5LODE0o5Y7wPx3TPQGR72B3G1w-NS_KaV7oqJoBVmf&google_hm=LCAenGt3zE0RcAozvPT0oQ==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL4A5mKKtqBzBwaMQWcqOw1pqs0cPabeW3Urzut3b_kNwY3lMyUHk5LODE0o5Y7wPx3TPQGR72B3G1w-NS_KaV7oqJoBVmf&google_hm=LCAenGt3zE0RcAozvPT0oQ==
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 15:57:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 13 Aug 2021 15:57:29 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL4A5mKKtqBzBwaMQWcqOw1pqs0cPabeW3Urzut3b_kNwY3lMyUHk5LODE0o5Y7wPx3TPQGR72B3G1w-NS_KaV7oqJoBVmf&google_hm=LCAenGt3zE0RcAozvPT0oQ==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
efrj0smpv65qhq7glvd85ktagmi536cm
pixel
cm.g.doubleclick.net/ Frame 0E82
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IYHJ-cu3S3mMTzaa7ZniTg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IYHJ-cu3S3mMTzaa7ZniTg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIAtQR_CM1JAzef8LjlFNzhA50r9v6GQTelKe9LiUlnjI16cGd57vgqo3QfJzI6TeUpj7w8FOgbRA3qiCUZjPj7xZqsUh0
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 15:57:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IYHJ-cu3S3mMTzaa7ZniTg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIAtQR_CM1JAzef8LjlFNzhA50r9v6GQTelKe9LiUlnjI16cGd57vgqo3QfJzI6TeUpj7w8FOgbRA3qiCUZjPj7xZqsUh0
date
Fri, 13 Aug 2021 15:57:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 0E82
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELrJzl7i3j0kk6flaXlALOQ&google_cver=1&google_push=AYg5qPLDHEtXsEsuozMCxThdskfeXGtrepuLVOQBty6uhN9mKfHeBDbwW9zl7otQ-RH8VFBtzyY...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NBSkFHSFotMU4tQkJMQQ==&google_push=AYg5qPLDHEtXsEsuozMCxThdskfeXGtrepuLVOQBty6uhN9mKfHeBDbwW9zl7otQ-RH8VFBtzyY3m5RjieoClvT9aoqscPiwPniC
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NBSkFHSFotMU4tQkJMQQ==&google_push=AYg5qPLDHEtXsEsuozMCxThdskfeXGtrepuLVOQBty6uhN9mKfHeBDbwW9zl7otQ-RH8VFBtzyY3m5RjieoClvT9aoqscPiwPniC
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 15:57:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NBSkFHSFotMU4tQkJMQQ==&google_push=AYg5qPLDHEtXsEsuozMCxThdskfeXGtrepuLVOQBty6uhN9mKfHeBDbwW9zl7otQ-RH8VFBtzyY3m5RjieoClvT9aoqscPiwPniC
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 0E82
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELEYoq1mz6laeKNo33tHyjg&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELEYoq1mz6laeKNo33tHyjg&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVr...
0
0

attr
cm.g.doubleclick.net/pixel/ Frame 0E82
0
253 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K-FsYZfH-xwHJU-UrIF8Ia6tUsCeLh2OP-L2ZrxZtWL0mVhxD311glXyoBdlymLx37UVVj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=4276895084&adk=1395521969&adf=3173046727&pi=t.ma~as.4276895084&w=300&psa=0&format=300x250&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248886&bpp=3&bdt=301&idt=122&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2888767822576&frm=24&ife=3&pv=2&ga_vid=411336925.1628870249&ga_sid=1628870249&ga_hid=2055035991&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2620777031&scr_x=-12245933&scr_y=-12245933&eid=44748449%2C20211866%2C31062297&oid=3&pvsid=4085466409989513&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.e91g8foak7hk&fsb=1&dtd=138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
securepubads.g.doubleclick.net/pcs/ Frame 5DCC
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWzaG85LVf3-wiA8_twOLpKocfBhW-FBpxVfp4oi3VRM_u6gcUnFDqtsN4IVKNxalmQjBLy7ICLcAkqpvqq1Xg_9Dnch2It60y1if8f2Yt7IoyIgL9NLu4ueGS0-OsLlJ7_vdVu9OOLFnmWqxXYJ1Wzb4d_-QTAshhprRidn9SRhAdN56Gguf9FGW93Fdsf01jlK3GYUSJhu6By8gZaX6wohFv0KDVJhiIRY8OhHrrmyQ5wprAiCYgdW2pjH9b5jABkMtrF2OWdM904PvB4_p_Zmav93mWG8wqFn5y5YwTCzqIqL0kqFuE7vShmj2YfyspcCOcxfoVGv6MImKDMl1-Cx0&sai=AMfl-YT1knqM8A83T5ULjBQ-olab8IvUuBfYDLn_PXJIVBRsifB4KFafPnKHtel01cFXhK0laonST7CKIJOsl9D7drVylAtCVn8V0U54B5ZZy9UhB4FpM1GCe3frQslQ_6ZA&sig=Cg0ArKJSzGAW4stoFbqQEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 15:57:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 13 Aug 2021 15:57:29 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5DCC
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210809&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8560941387472259&plah=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ca87b5c5a7368bd31afdfa92371643c784c73e731e632f65b1847ea10585d92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 15:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8528
x-xss-protection
0
1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js
pagead2.googlesyndication.com/bg/ Frame B3BC
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=4276895084&adk=1395521969&adf=3173046727&pi=t.ma~as.4276895084&w=300&psa=0&format=300x250&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248886&bpp=3&bdt=301&idt=122&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2888767822576&frm=24&ife=3&pv=2&ga_vid=411336925.1628870249&ga_sid=1628870249&ga_hid=2055035991&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2620777031&scr_x=-12245933&scr_y=-12245933&eid=44748449%2C20211866%2C31062297&oid=3&pvsid=4085466409989513&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.e91g8foak7hk&fsb=1&dtd=138
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 16:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
86227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13373
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 09:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 16:00:22 GMT
css
fonts.googleapis.com/ Frame 4435
5 KB
588 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:700|Montserrat:600|Montserrat:500
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/2b9bca78717e44645984f4bd46ca7462.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
375d9787714fe296f561c6a6b186998d8bf3dcf3869a546e61df76c8b0b656b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 14:35:41 GMT
server
ESF
date
Fri, 13 Aug 2021 15:57:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Aug 2021 15:57:29 GMT
4024ca9ddfe08ebef89b56fbf44d5fab.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/media/ Frame 4435
19 KB
19 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/media/4024ca9ddfe08ebef89b56fbf44d5fab.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
185e2bff3b9f7b597f819010519c5e3fd7f57abcfc4a0d0d9a5c8b93b230a580
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
288405
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19007
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 16:57:02 GMT
server
sffe
date
Tue, 10 Aug 2021 07:50:44 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 07:50:44 GMT
7d66114e00a5f076622403af191d9798.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/media/ Frame 4435
4 KB
4 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/media/7d66114e00a5f076622403af191d9798.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0478a5c2d7ff284928ccfb76d44fff3741326b35e11b39e4002223424b805844
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
283475
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3920
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 16:57:02 GMT
server
sffe
date
Tue, 10 Aug 2021 09:12:54 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 09:12:54 GMT
eb164a53945ab4b13219d589cbebdaa7.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/media/ Frame 4435
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/media/eb164a53945ab4b13219d589cbebdaa7.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c3bb4b0dc50c421daa6ffd15f9c2fa5477f1dcbeca3d8ab68ebd7a60f030157
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
288405
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1660
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 16:57:02 GMT
server
sffe
date
Tue, 10 Aug 2021 07:50:44 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 07:50:44 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 01DA
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=1211748044&adk=3016629187&adf=3173046726&pi=t.ma~as.1211748044&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248909&bpp=2&bdt=317&idt=145&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=2048775415397&frm=24&ife=3&pv=2&ga_vid=1102279058.1628870249&ga_sid=1628870249&ga_hid=1423830209&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062178%2C31062297&oid=3&pvsid=769119180703108&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.g9yxv37fb1n6&fsb=1&dtd=150
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlfGA0e78z5SzbMczt7KDKq1Y-An7DmZaKP95t1Vka3bj2E9ULuUv9VRHgPlRc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 13 Aug 2021 15:57:29 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 13-Aug-2021 16:57:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 13 Aug 2021 15:57:29 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 13 Aug 2021 15:57:29 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5DCC
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8560941387472259&plah=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 13 Aug 2021 15:57:29 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame FA29
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=6229514277&adk=3921771909&adf=3173046729&pi=t.ma~as.6229514277&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248945&bpp=1&bdt=358&idt=119&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=3368534226065&frm=24&ife=3&pv=2&ga_vid=174578696.1628870249&ga_sid=1628870249&ga_hid=837287916&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=242847332390508&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.1k4brr5o2jj0&fsb=1&dtd=125
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:56:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7614
x-xss-protection
0
server
cafe
etag
9899176843389144697
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Aug 2021 15:56:46 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame FA29
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=6229514277&adk=3921771909&adf=3173046729&pi=t.ma~as.6229514277&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248945&bpp=1&bdt=358&idt=119&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=3368534226065&frm=24&ife=3&pv=2&ga_vid=174578696.1628870249&ga_sid=1628870249&ga_hid=837287916&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=242847332390508&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.1k4brr5o2jj0&fsb=1&dtd=125
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Aug 2021 15:54:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FA29
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=6229514277&adk=3921771909&adf=3173046729&pi=t.ma~as.6229514277&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248945&bpp=1&bdt=358&idt=119&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=3368534226065&frm=24&ife=3&pv=2&ga_vid=174578696.1628870249&ga_sid=1628870249&ga_hid=837287916&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=242847332390508&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.1k4brr5o2jj0&fsb=1&dtd=125
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
b8cbb54bbb0b069796d0f00768cebf9a55f8b794ba31b2f317633d3533155871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:29 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628681446738120"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38222
x-xss-protection
0
expires
Fri, 13 Aug 2021 15:57:29 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame FA29
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=6229514277&adk=3921771909&adf=3173046729&pi=t.ma~as.6229514277&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248945&bpp=1&bdt=358&idt=119&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=3368534226065&frm=24&ife=3&pv=2&ga_vid=174578696.1628870249&ga_sid=1628870249&ga_hid=837287916&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=242847332390508&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.1k4brr5o2jj0&fsb=1&dtd=125
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:54:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6204
x-xss-protection
0
server
cafe
etag
11055049251678278959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Aug 2021 15:54:29 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/ Frame 6018
12 KB
3 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=6229514277&adk=3921771909&adf=3173046729&pi=t.ma~as.6229514277&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248945&bpp=1&bdt=358&idt=119&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=3368534226065&frm=24&ife=3&pv=2&ga_vid=174578696.1628870249&ga_sid=1628870249&ga_hid=837287916&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=242847332390508&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.1k4brr5o2jj0&fsb=1&dtd=125
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e4b75816c1b2088ba5305eea405c0cddeeebee0f30ca09801724ea60ff49a35
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/16330283978221309291/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3379
date
Tue, 10 Aug 2021 07:20:32 GMT
expires
Wed, 10 Aug 2022 07:20:32 GMT
last-modified
Thu, 01 Apr 2021 16:57:02 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
290217
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame FA29
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CObEZaZYWYdW0BY7y-gaX9qPQDMuK26likaDnotgN29keEAEggqrzDmCVAqABtZDEwAPIAQmoAwHIA0iqBM8BT9BJTAiSVIAcIwtDLWZV-TOxZZz6o0B6RTWnjO8fn17pqgk-jjZcWrOHDwfvjOHrg4GRRl32u5ouVZbXawBJf4SafF9PAKFoGVGh_xVqZY1z4aZut4LDjd0SU9wtrvFcIeYTSvz5qLF3EY7xDPEH0eSLbwChWBEgvtOiHUda4WeMiDSX2VyM5-9rTdUBOY8kPVTqGXH0Cwy1rYDlNy71y9-Hkg1Yr_zP7SrFT5l9-jmR-1FjW1rE8Y69A7xFNjicPB4InOuKyai_QYcO-lXbwAS_lY_zzQOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHs--7P6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCTtwTSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItODU2MDk0MTM4NzQ3MjI1ORgA&sigh=OxWZNTCi--g&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=6229514277&adk=3921771909&adf=3173046729&pi=t.ma~as.6229514277&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248945&bpp=1&bdt=358&idt=119&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=3368534226065&frm=24&ife=3&pv=2&ga_vid=174578696.1628870249&ga_sid=1628870249&ga_hid=837287916&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=242847332390508&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.1k4brr5o2jj0&fsb=1&dtd=125
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=6229514277&adk=3921771909&adf=3173046729&pi=t.ma~as.6229514277&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248945&bpp=1&bdt=358&idt=119&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=3368534226065&frm=24&ife=3&pv=2&ga_vid=174578696.1628870249&ga_sid=1628870249&ga_hid=837287916&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=242847332390508&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.1k4brr5o2jj0&fsb=1&dtd=125
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 13 Aug 2021 15:57:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame 4435
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700|Montserrat:600|Montserrat:500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 00:32:15 GMT
x-content-type-options
nosniff
age
314714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19868
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:31 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 00:32:15 GMT
JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame 4435
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700|Montserrat:600|Montserrat:500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 00:32:15 GMT
x-content-type-options
nosniff
age
314714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19824
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:37 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 00:32:15 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame 4435
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700|Montserrat:600|Montserrat:500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 00:31:26 GMT
x-content-type-options
nosniff
age
314763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 00:31:26 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 038C
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=6229514277&adk=3921771909&adf=3173046729&pi=t.ma~as.6229514277&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248945&bpp=1&bdt=358&idt=119&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=3368534226065&frm=24&ife=3&pv=2&ga_vid=174578696.1628870249&ga_sid=1628870249&ga_hid=837287916&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=242847332390508&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.1k4brr5o2jj0&fsb=1&dtd=125
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=6229514277&adk=3921771909&adf=3173046729&pi=t.ma~as.6229514277&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248945&bpp=1&bdt=358&idt=119&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=3368534226065&frm=24&ife=3&pv=2&ga_vid=174578696.1628870249&ga_sid=1628870249&ga_hid=837287916&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=242847332390508&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.1k4brr5o2jj0&fsb=1&dtd=125
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlfGA0e78z5SzbMczt7KDKq1Y-An7DmZaKP95t1Vka3bj2E9ULuUv9VRHgPlRc; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=6229514277&adk=3921771909&adf=3173046729&pi=t.ma~as.6229514277&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248945&bpp=1&bdt=358&idt=119&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=3368534226065&frm=24&ife=3&pv=2&ga_vid=174578696.1628870249&ga_sid=1628870249&ga_hid=837287916&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=242847332390508&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.1k4brr5o2jj0&fsb=1&dtd=125

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 13 Aug 2021 15:16:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2465
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame FA29
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0170454d7e585c14da486d989ebf67e78351352f4adab60dd89846e030c28f9f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 69A6
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 13 Aug 2021 14:21:00 GMT
expires
Sat, 13 Aug 2022 14:21:00 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
5789
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 4C39
783 B
532 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5c7c510fe48b55809437914e200f6b830a60ddaec1d8b29d3b6f15cd82c728ec
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PCLCmKDpBkbLJGnrPOww4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=221=2DtkDNTGWLn1PzDD_RapFj97hB1FcWFFsDZS2C1TyTb7vIwsvuxDUjeZqZ9Ti2TD1p9qfnhabYBfmUT9evPwFV-nN9ebwdCezSnVqVnxpmKcMhkfauhwo5MyicbeXau9hBpvpcKgyZ4TupenW87PTEKrPuYKjrZUVsAzwoxyQNQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/

Response headers

expires
Fri, 13 Aug 2021 15:57:29 GMT
date
Fri, 13 Aug 2021 15:57:29 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-PCLCmKDpBkbLJGnrPOww4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_csp
pagead2.googlesyndication.com/pagead/ Frame FA29
0
20 B
Other
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJWN1MSurvICFQ653godF_sIyg&gqi=aZYWYYjsBIDF7_UPzeqEyAc&layout=/sadbundle/%24csp%253Der3%24/16330283978221309291/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=6229514277&adk=3921771909&adf=3173046729&pi=t.ma~as.6229514277&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248945&bpp=1&bdt=358&idt=119&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=3368534226065&frm=24&ife=3&pv=2&ga_vid=174578696.1628870249&ga_sid=1628870249&ga_hid=837287916&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=242847332390508&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.1k4brr5o2jj0&fsb=1&dtd=125
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 15:57:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0AAC
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWuIZPO_2AUXaAVUiKMS5EhJ6ALoDwVjHodQyEtIrs4Meiri7DWykxCDDkHIO7LwHEbKDIaNvyXO53nk1zZ_ozyTmFmi4258Pdb2C9gWrGPSDieRKEy3pmauqZOalpOfC4mtLuArT2-wcnRNewm5OUozQ9oNNWQOdE46CQ1CVCACEiIyBZSCHa0r_cfQs499DNgZz4eTX7uOtQnT-JCnMWSWEwoFllNnq72ffGJeOMRroPmSXmcP1WIZh9Sn-lQ00Jhzzh58CbeBYDH2OW4cxCOk5sz8aBcJpsIYSA2PUL0FJFt6fCH47_hnMFv3PX5txutsmSVr73jSItzPOE&sai=AMfl-YTExiN1_CcVtJm4568Fb1Kdt-CmIuEyZzQB4zLSsGvnoHvtOu68d6csN_kM5sEQLCNGzj30rVf66QjEu7FDIk8jfe_KduI1cqAGIjkkaRIKEZVDIFSdO71_jewkgqze&sig=Cg0ArKJSzG-ZERSkOBVCEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 15:57:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 13 Aug 2021 15:57:29 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0AAC
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210809&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8560941387472259&plah=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b66edf25b586a09d430ae7ac7caba4e1050c3f29de5d44541fb104ba2755ef85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 15:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8433
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 4DA8
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOfGZ1HF0LEBdXCpcqwXxUcW3ICX86c9jpEk8-OdzzVQlxkUPM9cUru0aOu7zCXDdclyE6lD56RGyvOxUEMP9FcH-NDFGMBsa8-zwErQjpw3B1h473&sig=Cg0ArKJSzBHb9IntQcKeEAE&id=lidar2&mcvt=1053&p=753,1022,853,1322&asp=753,1022,853,1322&mtos=1053,1053,1053,1053,1053&tos=1053,0,0,0,0&v=20210811&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2426205714&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1628870248540&rpt=239&isd=0&lsd=0&msd=0&r=v&speed=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 15:57:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0AAC
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8560941387472259&plah=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 13 Aug 2021 15:57:29 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 6018
9 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 19:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73299
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 13 Aug 2021 19:35:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6018
26 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 12:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11996
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 14 Aug 2021 12:37:33 GMT
2b9bca78717e44645984f4bd46ca7462.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/ Frame 6018
71 KB
19 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/2b9bca78717e44645984f4bd46ca7462.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05a6817c5341d7fb32880cf79cc5b3ed89340d3bdf5d240c1c1a14349a16e759
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
290217
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19087
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 16:57:02 GMT
server
sffe
date
Tue, 10 Aug 2021 07:20:32 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 07:20:32 GMT
1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js
pagead2.googlesyndication.com/bg/ Frame 4435
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 16:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
86227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13373
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 09:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 16:00:22 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 038C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=6229514277&adk=3921771909&adf=3173046729&pi=t.ma~as.6229514277&w=728&psa=0&format=728x90&url=http%3A%2F%2Fwww.greenfieldreporter.com%2F&ea=0&flash=0&wgl=1&dt=1628870248945&bpp=1&bdt=358&idt=119&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&correlator=3368534226065&frm=24&ife=3&pv=2&ga_vid=174578696.1628870249&ga_sid=1628870249&ga_hid=837287916&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4267245903&scr_x=-12245933&scr_y=-12245933&eid=20211866%2C31062179%2C31062297&oid=3&pvsid=242847332390508&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.1k4brr5o2jj0&fsb=1&dtd=125
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlfGA0e78z5SzbMczt7KDKq1Y-An7DmZaKP95t1Vka3bj2E9ULuUv9VRHgPlRc; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 13 Aug 2021 15:57:29 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 13-Aug-2021 16:57:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 13 Aug 2021 15:57:29 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 13 Aug 2021 15:57:29 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
4024ca9ddfe08ebef89b56fbf44d5fab.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/media/ Frame 6018
19 KB
19 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/media/4024ca9ddfe08ebef89b56fbf44d5fab.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/2b9bca78717e44645984f4bd46ca7462.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
185e2bff3b9f7b597f819010519c5e3fd7f57abcfc4a0d0d9a5c8b93b230a580
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
288405
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19007
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 16:57:02 GMT
server
sffe
date
Tue, 10 Aug 2021 07:50:44 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 07:50:44 GMT
7d66114e00a5f076622403af191d9798.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/media/ Frame 6018
4 KB
4 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/media/7d66114e00a5f076622403af191d9798.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/2b9bca78717e44645984f4bd46ca7462.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0478a5c2d7ff284928ccfb76d44fff3741326b35e11b39e4002223424b805844
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
283475
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3920
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 16:57:02 GMT
server
sffe
date
Tue, 10 Aug 2021 09:12:54 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 09:12:54 GMT
eb164a53945ab4b13219d589cbebdaa7.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/media/ Frame 6018
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/media/eb164a53945ab4b13219d589cbebdaa7.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/2b9bca78717e44645984f4bd46ca7462.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c3bb4b0dc50c421daa6ffd15f9c2fa5477f1dcbeca3d8ab68ebd7a60f030157
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
288405
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1660
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 16:57:02 GMT
server
sffe
date
Tue, 10 Aug 2021 07:50:44 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 07:50:44 GMT
css
fonts.googleapis.com/ Frame 6018
5 KB
588 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:700|Montserrat:600|Montserrat:500
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16330283978221309291/2b9bca78717e44645984f4bd46ca7462.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
375d9787714fe296f561c6a6b186998d8bf3dcf3869a546e61df76c8b0b656b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 15:14:13 GMT
server
ESF
date
Fri, 13 Aug 2021 15:57:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Aug 2021 15:57:29 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 231A
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 13 Aug 2021 14:21:00 GMT
expires
Sat, 13 Aug 2022 14:21:00 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
5789
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7483
783 B
531 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b2c409eaebd4c3c73de13db69c66fc7e1df7b39b1a03a0370d50e2ac9d4afbe5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TxLtQI78sP5ginWVgXu0Sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=221=2DtkDNTGWLn1PzDD_RapFj97hB1FcWFFsDZS2C1TyTb7vIwsvuxDUjeZqZ9Ti2TD1p9qfnhabYBfmUT9evPwFV-nN9ebwdCezSnVqVnxpmKcMhkfauhwo5MyicbeXau9hBpvpcKgyZ4TupenW87PTEKrPuYKjrZUVsAzwoxyQNQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/

Response headers

expires
Fri, 13 Aug 2021 15:57:29 GMT
date
Fri, 13 Aug 2021 15:57:29 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-TxLtQI78sP5ginWVgXu0Sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js
pagead2.googlesyndication.com/bg/ Frame 69A6
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 16:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
86227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13373
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 09:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 16:00:22 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame 6018
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700|Montserrat:600|Montserrat:500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 00:32:15 GMT
x-content-type-options
nosniff
age
314714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19868
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:31 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 00:32:15 GMT
JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame 6018
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700|Montserrat:600|Montserrat:500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 00:32:15 GMT
x-content-type-options
nosniff
age
314714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19824
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:37 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 00:32:15 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame 6018
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700|Montserrat:600|Montserrat:500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 00:31:26 GMT
x-content-type-options
nosniff
age
314763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 00:31:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1046
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvr6Cojmw_uf0jtPqCoanp9wu4wkGr-4avX7obWXDmmZj7xls6hw9tZHCtGILRaWlytMMpcIRDu2VEup8oqnnGKdqo3al1QijPCuxjnEFRo85BZxrPiKoYomLee8eUKHnRLJXIN3TsWfs1yEyE57WApvbuSn922RJW-YH0BJwzkAN_vRpYVuPlTcCNQmLSnzpZntIEinpSG7pGsIoQAtFzReF22IOMgMwh_N-FAzeZkJffZ0Ig3neEGlneEFGNFS5rNfRCW2QF97y92oyTqu-TqCW-nmA8YMdw4h6OhHlMpDk_G0UZcrZw93iDNhohlrz0ODB05wocwo3Py0lvWVA&sai=AMfl-YQmoa8W17vVwD18y88tWZ13dl21c-rkzF5haP3xg16RF4gMXs0FlX_hFwLakIVo5wt0oZO6tNLC_qfFKOakSyu0kZrkXVXTktiJJV5hs0xLzo5_0fX_GMeJanyTecaK&sig=Cg0ArKJSzO_7SxvP4FyPEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 15:57:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 13 Aug 2021 15:57:29 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1046
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210809&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8560941387472259&plah=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c4d920f74790e35932c7606ce7bb4511fe371767aeec5142e9ca3acafac920a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 15:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8516
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1046
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8560941387472259&plah=b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 13 Aug 2021 15:57:30 GMT
_ate.track.config_resp
m.addthisedge.com/live/boost/ra-52b4a11e59fc3f6d/
Redirect Chain
  • http://m.addthisedge.com/live/boost/ra-52b4a11e59fc3f6d/_ate.track.config_resp
  • https://m.addthisedge.com/live/boost/ra-52b4a11e59fc3f6d/_ate.track.config_resp
3 KB
948 B
Script
General
Full URL
https://m.addthisedge.com/live/boost/ra-52b4a11e59fc3f6d/_ate.track.config_resp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2538e2c9a9fdead23e61c8dbb066e10a0f5c4249f4bbb8d13e1fc1b6a7e5747d

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:30 GMT
content-encoding
gzip
etag
1250998096--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=58, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
772

Redirect headers

Location
https://m.addthisedge.com/live/boost/ra-52b4a11e59fc3f6d/_ate.track.config_resp
Pragma
no-cache
Date
Fri, 13 Aug 2021 15:57:30 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Fri, 13 Aug 2021 15:57:30 GMT
300lo.json
m.addthis.com/live/red_lojson/
Redirect Chain
  • http://m.addthis.com/live/red_lojson/300lo.json?si=61169668801eacd0&bkl=0&bl=1&sid=61169668801eacd0&pub=ra-52b4a11e59fc3f6d&rev=v7.8.6-wp&ln=en&pc=men&cb=0&ab=-&dp=www.greenfieldreporter.com&fp=&fr...
  • https://m.addthis.com/live/red_lojson/300lo.json?si=61169668801eacd0&bkl=0&bl=1&sid=61169668801eacd0&pub=ra-52b4a11e59fc3f6d&rev=v7.8.6-wp&ln=en&pc=men&cb=0&ab=-&dp=www.greenfieldreporter.com&fp=&f...
87 B
247 B
Script
General
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=61169668801eacd0&bkl=0&bl=1&sid=61169668801eacd0&pub=ra-52b4a11e59fc3f6d&rev=v7.8.6-wp&ln=en&pc=men&cb=0&ab=-&dp=www.greenfieldreporter.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1628870250004&jsl=1&uvs=611696687998abc4000&skipb=1&callback=addthis.cbs.oln9_98898962815760140
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
13dde69d1c426cba02f611fe2d66a5abff5ade0c5911fc1bcef55712fcf7df77

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 15:57:30 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
87
content-type
application/javascript;charset=utf-8

Redirect headers

Location
https://m.addthis.com/live/red_lojson/300lo.json?si=61169668801eacd0&bkl=0&bl=1&sid=61169668801eacd0&pub=ra-52b4a11e59fc3f6d&rev=v7.8.6-wp&ln=en&pc=men&cb=0&ab=-&dp=www.greenfieldreporter.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1628870250004&jsl=1&uvs=611696687998abc4000&skipb=1&callback=addthis.cbs.oln9_98898962815760140
Pragma
no-cache
Date
Fri, 13 Aug 2021 15:57:30 GMT
Cache-Control
max-age=0, no-cache, no-store, no-transform
Connection
keep-alive
Content-Length
0
sh.54c6626dbe9f22c083627c06.html
s7.addthis.com/static/ Frame 576D
0
0

sh.54c6626dbe9f22c083627c06.html
s7.addthis.com/static/ Frame 42F2
Redirect Chain
  • http://s7.addthis.com/static/sh.54c6626dbe9f22c083627c06.html
  • https://s7.addthis.com/static/sh.54c6626dbe9f22c083627c06.html
67 KB
25 KB
Document
General
Full URL
https://s7.addthis.com/static/sh.54c6626dbe9f22c083627c06.html
Requested by
Host: www.greenfieldreporter.com
URL: http://www.greenfieldreporter.com/wp-content/plugins/aim_seo_smo/cache/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
bce1e7961e588d49d0a5f66dbd507a7239d50ea292eb10557e5645fc18fa1efa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
s7.addthis.com
:scheme
https
:path
/static/sh.54c6626dbe9f22c083627c06.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.greenfieldreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.greenfieldreporter.com/

Response headers

server
nginx/1.15.8
content-type
text/html
last-modified
Mon, 26 Oct 2020 18:11:28 GMT
etag
W/"5f971150-10d94"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
25288
date
Fri, 13 Aug 2021 15:57:30 GMT
vary
Accept-Encoding
x-host
s7.addthis.com

Redirect headers

Server
nginx/1.15.8
Content-Type
text/html
Content-Length
171
Location
https://s7.addthis.com/static/sh.54c6626dbe9f22c083627c06.html
Date
Fri, 13 Aug 2021 15:57:30 GMT
Connection
keep-alive
X-Host
s7.addthis.com
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021080901&st=env
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46a3b07bf02fd4fb89077df999fc0cb4fc471967d753cfd92705f7e4a43cc564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Aug 2021 15:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8481
x-xss-protection
0
1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js
pagead2.googlesyndication.com/bg/ Frame 231A
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 16:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
86228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13373
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 09:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 16:00:22 GMT
1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js
pagead2.googlesyndication.com/bg/ Frame 6018
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 16:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
86228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13373
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 09:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 16:00:22 GMT
track
dc.services.visualstudio.com/v2/ Frame
0
0
Preflight
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Server
13.69.106.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
http://www.greenfieldreporter.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Fri, 13 Aug 2021 15:57:29 GMT
content-length
0
track
dc.services.visualstudio.com/v2/
415 B
556 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
feb16b2155b0e928d6b042e2f51bdae41580afd66888402dc1ec151cea6690d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://www.greenfieldreporter.com/
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
8A822871-278F-4C0D-A34A-938B147F4EAE
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Fri, 13 Aug 2021 15:57:30 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length
415
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js?31062236
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 13 Aug 2021 15:57:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A555
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 13 Aug 2021 14:21:00 GMT
expires
Sat, 13 Aug 2022 14:21:00 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
5790
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 506D
783 B
531 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e5893bc1d44deadc6b2e6c6106b801df5f38aa9674a0e118f5814cc0860a831a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-76dgdxB+rO6MfEmhcgVp7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=221=2DtkDNTGWLn1PzDD_RapFj97hB1FcWFFsDZS2C1TyTb7vIwsvuxDUjeZqZ9Ti2TD1p9qfnhabYBfmUT9evPwFV-nN9ebwdCezSnVqVnxpmKcMhkfauhwo5MyicbeXau9hBpvpcKgyZ4TupenW87PTEKrPuYKjrZUVsAzwoxyQNQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/

Response headers

expires
Fri, 13 Aug 2021 15:57:30 GMT
date
Fri, 13 Aug 2021 15:57:30 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-76dgdxB+rO6MfEmhcgVp7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B327
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.greenfieldreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.greenfieldreporter.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 13 Aug 2021 14:21:00 GMT
expires
Sat, 13 Aug 2022 14:21:00 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
5790
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A495
783 B
531 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ce20dacd88bec40f4294a11d633ee30a489be0e4ece14e285584e90066d41314
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Yw9hFxyIh23dwrrw5cS4Hw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.greenfieldreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=221=2DtkDNTGWLn1PzDD_RapFj97hB1FcWFFsDZS2C1TyTb7vIwsvuxDUjeZqZ9Ti2TD1p9qfnhabYBfmUT9evPwFV-nN9ebwdCezSnVqVnxpmKcMhkfauhwo5MyicbeXau9hBpvpcKgyZ4TupenW87PTEKrPuYKjrZUVsAzwoxyQNQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.greenfieldreporter.com/

Response headers

expires
Fri, 13 Aug 2021 15:57:30 GMT
date
Fri, 13 Aug 2021 15:57:30 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Yw9hFxyIh23dwrrw5cS4Hw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js
pagead2.googlesyndication.com/bg/ Frame A555
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 16:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
86228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13373
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 09:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 16:00:22 GMT
1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js
pagead2.googlesyndication.com/bg/ Frame B327
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 16:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
86228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13373
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 09:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 16:00:22 GMT
views
prod-aim-proxy-connext.azurewebsites.net/api/ Frame
0
0
Preflight
General
Full URL
https://prod-aim-proxy-connext.azurewebsites.net/api/views
Protocol
HTTP/1.1
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Origin
http://www.greenfieldreporter.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
X-Powered-By
ASP.NET
Date
Fri, 13 Aug 2021 15:57:29 GMT
Content-Length
0
views
prod-aim-proxy-connext.azurewebsites.net/api/
0
777 B
Fetch
General
Full URL
https://prod-aim-proxy-connext.azurewebsites.net/api/views
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/aim/t8y9347t.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

source-system
Plugin
site-code
DR
autoqa
false
ssid
02812616b616384f0a0cd45191856512
settingskey
null
authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2Mjg4ODQ2NDh9.XnDrJZqfPKMs0K32KBiZt3irQhccFcdqS1k-2Z0aJbk
location
System
content-type
application/json
access-control-allow-origin
*
accept
application/json
environment
prod
Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
config-code
DRPRODDEFAULT
version
Version: 2.7

Response headers

Pragma
no-cache
Date
Fri, 13 Aug 2021 15:57:29 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Server-Time,Request-Context
Cache-Control
no-cache
Request-Context
appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019
Content-Length
0
X-Server-Time
8/13/2021 3:57:30 PM
Expires
-1
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5DCC
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210809&jk=4085466409989513&bg=!iIuli8_NAAbOj6irzo87ACkAdvg8WupQfHIuvQo__efA41FZqyzOYn9KKP6_KwMYu2cOplvUOxsYNwIAAAC6UgAAACdoAQcKAKmBcbqLvmiRXTgs9vfDq14gpzEzzL5gZwD-ADfLf7_Rk4LF4Seq4Ibtrj4QM-Dy6M4pOmVAhaxKXhKsmawlgC_cyslEoLFJCnwJen97Kal07wSTWMwon9tUVFX244Z4scsNhN4sW5AzV0MCboY7sWBg9rL8sWgyciBlbz4EQOgi4GvNHVKIR3LQ0MCUIlkrkKlDjWSAVXKfaVutYjWxag3HTbvs8NMbrFe5mQLO-yAllpH4sV2mSdt8gSIk6Dor1N8jMAX-iHZ27OaUVQ7ea5l48wnAgncH2k8ZL-HA0jtSrD-koCct2O5KHuLWQMQdFalcS-oYdKfyx4poCMMj2q78qi8lDZpe_uHYs1ZiTYOTp6GAx7OtF0vcNlVEQLAnfmNVWw-g41NjdA4SYCiilrJpR92HDdk9q_3IcTywilhhesqb1QNvOY2wP1kULF-ykgCuVH5qBE8a7jikLnsiGmjyVkaVpB0HbNFXWGb2H_bcvuFIp08PgNQi1GAbnVZOES4qJj-pvJirrlX8DG3rG10mJj77t2fUzBRz5_GBlpOcd0kZST6Dbyfxs4QueFSWZlbCokf4sjKIa2FQpTUb4CiEurL_MPmgabqYmZw9MG7_AeJaNHqg2fH1qvDqb8pFIZ3c-L252lJOjtZb_IGJ8e1HdioVNui1m8N5lPAxmjhQd1Z3bo9eYMLWjjravdKLgW_3ZprjO6s4RhGbVpk5U5LsY1d1KwsAvfBpbgqTltMKQ5-ZP6m4mm4Hnme3y4kYW4AYHYHd4yHGBijZYYWCEH_7lfHaVRkfqt4z6CFBtIzpvUcaydHhMdqqcBfccub525FYREZALVRfWjpxEBq45Sp9evxXvMC-vtx_gYzBBX7K6ylu7DXGbdiFwPODfLwVxNbmoUchNsVXL3adeifspF6KgDO2wLseYeUY-knQHo5S3bzT6djVfpMeawDELS-RYeMlk-mUbJMa3agjzYS0vAP7mjOKRxdfLXE_9XjHboFAJCyWuL0Q4B3MsNxLoJj78L66qUk5npyo83lCSXcK2sBBEp37wRGbjU8Cf0EJEzGKyvH60GKCvYmD4ut_V4Nh2TPKCiuf9-DBq0Ia4JtLs9pKBF3b31_jeGC78IecbZzRp8ZjTcKHSXWFlt0_wkQeJp8Py5yfeGHu1cphVSVmTOpMJOsGHdzpj3YIRw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 15:57:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0AAC
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210809&jk=769119180703108&bg=!nZ6lntrNAAbOj6irzo87ACkAdvg8Wv5b9tMs3QLPlkfBM-x0dWc18jAKt1opvvnVDkvka2LhRFlaCwIAAACfUgAAAB1oAQeZAs8ogRT2DB3CTMdyJEA27Mo__QoMQBMNGwhU53SRkNxP-gpe1cAQw56m6XLxXCMxus3YMeLHdpuEZNTOwZqDyqiADXv6-nBgqv1xSeuJaReWY4g7mGzMWmqYyimB625omYuAaSpKsHNfjxe2F-z4hB1X2Gj0EdrRKICx0J_h8gMtAk71dd8jN3UgBlUhAUKF3etgaCF4YIcaK3BnJmNLYrKO9YT-YH9Tsqmr9KjhskbPLbtapcoXD0ts6ZdVjw1MEU-Yjxx2oLbIQ8ZaHzLCXqimn-OEwuruvWijF94EJQFItRzCWIlmEZesEcZW1S5gxz3Ncl1BRkVYaH2j5udFIaCHYTx-JSnECqEBvBjlUVaJkHYIvj9ptuY8igH1gMwGlbtRWK0gDBmp8Ah1smZf-gOQoEcmt9ajq4AtUvcM1yHzA3KJ66MAAIGV_Sl7KcDeB92AuVykj7c-7jeGzibHqQufaT8RUiRjIAWRGkXeoUsep3-gC2NcoUqP96HpaWV8RPVdj9zc9HW1sgvBpN1muLPDiba6rj-fP9vzu_Gll8q-xUOon45NYReZVMGFfHRbiw66sFk_U8Yvg4YH88WUFSGzXO3kxrL-VH5bGb65KGrpf5kri_a8nTB1cgGzDJO9XNbR51IUIIAtc-g3oOmnRZtwiQ1_YSUWTZa2cV3LKjXKxHvpBKOZvuoqjqpPsEu_XcsgMKKJNi4VPzcXP1TGQGoBr6M4iA03llqpvz6RXW0VCFGVkCuMC4xT28FHN7JWREtMyiuFLyPzg9RhjE8icOjGuGWwRTpSf-u4Kjfg26NBILxqRhYQeHEgQoDkLQaJg7AAFekCjwaltXfJUrcd13qK4A7HdqbCUD99tREbpGcGw7sdPH1GVIzNBqDcitnSbA1Y8e9h_IT5yQHoTDm1-PRuCrcaAOw2pepBj60OU-74zOUy_kNdhszhobdgOQhksw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 15:57:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1046
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210809&jk=242847332390508&bg=!9vWl9bHNAAbOj6irzo87ACkAdvg8WhldI4hYFAhX8z4GB1xaLnt37P9lWW6nNiQVyD0TypwFg5ad6AIAAACZUgAAABtoAQcKAEFvFLVMKq988rKyHi70TMgJhcH1Bn4bDNSwf0m17Kx3eUWC4wYnHDJj9sMg2EJUZoQExYNsg6AA6eaZv8gRbU6S4ZkC0CEZy9INBcmoYtb-Di_wGY0PMs4sQC-ctiirrST3_t2cwpS4py2aVaF5vX-hMDLWiFm0DdQunjaC1aauSOfDLRLzXK6Bktt21LQIjPAWCve4cbGUa4ZQ6HGOK0dwwfz8hGl6vWJgjwOmUsiiseeXQZdmkNkj3fSF9pXXJAFuC3v3UVJlJUHrhqzCelKsK8m18UTMRkL1Q7RxO3jL_Re42w-IjBZcDFugG1psymA9e1SWohPyjSXG2hbEMpatgVJ4b3aa2zMPEuLE9qYEQJ1eJhjsbQ8GszORQm35OWy0pXtRmceZ-0RupPd-m4jYHzesfMBcKBi8Xr_yL1fFCjwFI7uuXY1HVgxQEAPBp2cdgsE7A5HvPnJcfiRYHTRi44hWri9Z3iHLeDro8he5iLRO042F9mty7Z-Y_YneyzghVO41DKEH-yIkB7jpwhs-o8JG6__C-qLgHlFe9YJn42h-7BKByRvAi0wDOLnjjToAX4VPdRw7YafjyN_dsr9_65NeIcFf_MaVRJM67zpl9MeriFysfmAPSw-qqIMdtMFbFSbW_JLAM24njBeNi9ZfwoJfrJO-sDAZKa1Py4_ohbkgj0w3ysfAsBxWin-cwTiZEij9wIZVbdKXunPxCno1o2zY1SUGaMGWeEqKQ5yRo9uzmwDrpCH0afmMDnWT2_VB8rK2HLBMN7ojs79kcX6ZpGFf5TZxEqI26Y-NGKvsgvuslgZJuTsmq6rY6kgwlRBGhx1mPc84pOwj5pX0WiSo8g1ex7beY4kjb_VTSQsqyoMXkIOeuEOecG2lrMRRffedCuSeMUk7mUx3pQQATAkbN7RmLcPiKpHUBtfgj4Mk22YFnrnAekGZwomgiIgWyzfGZffZdkQqxlFRH3rb9geEan8maxT_7NKw6pUU0m_kyr66qgsHNVP_h4E192dJtoXQTqPmzFr40nXykCz0fhIbY6OIcw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 15:57:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021080901&jk=532943718320869&bg=!aWqlai7NAAbOj6irzo87ACkAdvg8WnOyNkTGMgHDwr-JN6ORjVLL7hk84ad-NemY3QmuF3hQ1x30-QIAAABxUgAAAApoAQcKAGBvaLeD5k1t2HJzbaCwothq3Q3JMW30PhIunkSk8SqvrTam1OSNBK92A0CxYdTcyc1VoQeuFnyxsmEFXnrwmM3VGwKo9z8N3M0YatxZuWss4nC7gjuF8Qnua4CqaqepJpOZAoY5ggTVxQXPcxPF9Y0dqvk2uQ0yHXjWpXJkpmzUgZg8ZSxelP64F67IaXJfS80I0xCjhqLmVfcLLW765oqQm37S8IlZCW6O1-MWrpKrsLsQHmZYMDxxjirbKbNZnj9mj3JOi-lz7AdctQtTyn73SiysrTJuoDG1dISxrSlAmuA3s0rEMJPXgci18oXzIL5di3eiVOBrWeC32NjOeUEnqAQKGH3wE7XKwJeoRaQPdlmzVeqD9Hskc1rNF4Vfw6PvtIkZXh5N8LJ15matJV5Hf2ZjtSOlU0K2dS9RrRcw3N04-15cP0zoeeBlYDKwvL-N7uqgIdKh_zxHqff1ljWvdvG6Dqom4lbKpsTwghpP1ihz10fNZSvkn1ZuYj8p-gxk7JEznbWgqE8Z3TvdafwFtWIbN8HXqAnC0SwG6neDf5kLjhsj6XJdV-iNvZbniWpjQSo-dE0zGgkFBNJ3hcoG4mlFAarodB1LlWejkJck2lNCrcAuixj9I771u_a1lM0KPCIIhrwLm3NgVfnZ3BR_-7osauZq_jkJbYwPx3GMfLtB5UcJSSXTgV1dvO7xoB574hmpO56WF-MSeEJPflued3seriwSY6C4xZJnfwur3RmIWx0um4IGqIufd0cuSRb4gKcL4ADsVOkLmfz-RBPQJeOaIWWFGgpbZjmX8IbI3of7RsgT45G4j4TL6NTJ2AhNz87-ThH8OVfA5O7eQCuJjJKH4jJTcLXz-DIunmISyCnvx_Cmg9uW0W6oYHofZy8OqwOJpN1M_SFcZ4MXqVAj1KGmNfXlslBsHVQ6A4sGXmIwQidb7eVDoRsDT7oKiQLNmxnAl33g3yMUmKtERXyF_bY5Y9O8PPh1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 15:57:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
layers.136713430e8d2517734e.js
s7.addthis.com/static/
Redirect Chain
  • http://s7.addthis.com/static/layers.136713430e8d2517734e.js
  • https://s7.addthis.com/static/layers.136713430e8d2517734e.js
283 KB
81 KB
Script
General
Full URL
https://s7.addthis.com/static/layers.136713430e8d2517734e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
97f10e45fa6028b8621196336c2fc1ec94ebb918af86875051ea625aaa24bc60
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
http://www.greenfieldreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:28 GMT
server
nginx/1.15.8
etag
W/"5f971150-46d20"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Fri, 13 Aug 2021 15:57:30 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
82183

Redirect headers

Location
https://s7.addthis.com/static/layers.136713430e8d2517734e.js
Non-Authoritative-Reason
HSTS
activeview
pagead2.googlesyndication.com/pcs/ Frame FA29
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssadKatgpe4IUggeQF6X581XhuqWtjUrWX3OcdF8GvQKpE1M6OXq45l_I2qAiBNNLL3iIRZipuvTmf82QPL-JlOKBOGxWZzTD3ovu27rQd6CN0XInHG9GZiUBCANzaLEGCY_zgynC4Gk4a6vI4ai2ST&sai=AMfl-YTErTvorHgkp_nPta-LfKCh0txl2Q9bSGHCl1cEODTQ2M-AIcgA5zOyhWBBUP50FMXdjlPsbQumnyEX2q_9ReLdJfbhZq3lgVY&sig=Cg0ArKJSzEFCBdTEjyCYEAE&cid=CAASF-RoiSnTyb5VzJVyHwY0R6myidDx0xY7&id=lidar2&mcvt=1006&p=0,0,90,728&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20210811&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3921771909&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1628870249071&dlt=591&rpt=737&r=v&speed=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 15:57:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1046
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtmZm-4uJyqUWiYNwzEoHvu6xSBa_TPn77arl1JEeAbyMRTEkRMZGm6cDeeh7CJq0exBmUtNPO_15gebW1a1NwurMyQ0BmaI2LkAbbqRb-dxTyXkIY&sig=Cg0ArKJSzGO0PDWnCn2YEAE&id=lidar2&mcvt=1000&p=88,606,178,1334&asp=88,606,178,1334&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210811&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=851018243&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1628870248538&dlt=37&rpt=1418&isd=0&lsd=0&msd=0&r=v&speed=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 15:57:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bf2cfd830b91a8ce703d3f3286795fe1d05dcf5c51c6a498387ab9e7ed1a3fa1
friends2follow-us.s3.amazonaws.com/external-avatars/ Frame 8C17
1 KB
2 KB
Image
General
Full URL
https://friends2follow-us.s3.amazonaws.com/external-avatars/bf2cfd830b91a8ce703d3f3286795fe1d05dcf5c51c6a498387ab9e7ed1a3fa1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.67.84 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e9a99010b087ed43ff726bbd7b6ef7b7ba55f6f1c70ee1634e749924e6c0d505

Request headers

Referer
https://greenfieldreporter.friends2follow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:39 GMT
Last-Modified
Fri, 25 Jun 2021 10:33:13 GMT
Server
AmazonS3
x-amz-request-id
Y82PFK1FV7AEYVZD
ETag
"53ad602a3f4fcf7b3e08873a8a0b4507"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1432
x-amz-id-2
mEVI/ggV/oy+Ag5XseczSoeDBcGHeoRhBB7VsJ8w8e5vA6WSpugNo3aTuke/U252gEgnF5lPpQ4=
37b124b6d7c1bd3d60d1a2e3b583a7128ee04e142dd67eb9bccc0db3ea9249cc
friends2follow-us.s3.amazonaws.com/external-images/ Frame 8C17
33 KB
33 KB
Image
General
Full URL
https://friends2follow-us.s3.amazonaws.com/external-images/37b124b6d7c1bd3d60d1a2e3b583a7128ee04e142dd67eb9bccc0db3ea9249cc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.67.84 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7d5b216dd5fd3acefe5123a0a90535a789f36e82b479a676bb6cc4844377bd10

Request headers

Referer
https://greenfieldreporter.friends2follow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:39 GMT
x-amz-expiration
expiry-date="Sun, 12 Dec 2021 00:00:00 GMT", rule-id="Rule for : external-images/"
Last-Modified
Fri, 13 Aug 2021 08:33:10 GMT
Server
AmazonS3
x-amz-request-id
Y82KH3CAJR10KXMW
ETag
"be242c33d07e969543ec56c302e70143"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
33751
x-amz-id-2
eunl6PKz6k4A7guyW8t/mzldKF06loO/xhrbDSYEKbwaxQ8JCDa25sRNLHw/SDR9he9hQk/6Azg=
2e4edb69e4d75532d8b98aaba1aa10fa92dec8f4d6bd8c677de2ad42aba363e8
friends2follow-us.s3.amazonaws.com/external-avatars/ Frame 8C17
2 KB
3 KB
Image
General
Full URL
https://friends2follow-us.s3.amazonaws.com/external-avatars/2e4edb69e4d75532d8b98aaba1aa10fa92dec8f4d6bd8c677de2ad42aba363e8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.67.84 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ada69dbeb003b77c2242a7ae8311c734ae85682cc6f7b6c0210a0e65958ccb5e

Request headers

Referer
https://greenfieldreporter.friends2follow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:57:39 GMT
Last-Modified
Tue, 10 Aug 2021 19:51:11 GMT
Server
AmazonS3
x-amz-request-id
Y82PB2JNH9AC81BZ
ETag
"47bc5c931351e09a992dee43a25c92d9"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2325
x-amz-id-2
OqjMCXemgwyEs/Uutbqg+fbwix39op+n6ge8CDIj9bLOQD3t3HSEePftCtaVMY2+jMn2+A9jzaM=

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaWafoWG4fvheI51ejTcgAABIsAAAIB&google_push=AYg5qPKIlU3IouC7YdHlHe9rE2OthHXgjQyiYqT59NsNuOIgZXJJrrAKJRqcwcAuCELEmI2_83_34skQzwvciSJUVrVqKs1USHg-&google_cver=1&google_gid=CAESELEYoq1mz6laeKNo33tHyjg
Domain
s7.addthis.com
URL
http://s7.addthis.com/static/sh.54c6626dbe9f22c083627c06.html

Verdicts & Comments Add Verdict or Comment

255 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated number| _sf_startpt undefined| $ function| jQuery object| wp object| uiAutocompleteL10n object| EM function| em_load_jquery_css function| em_setup_datepicker function| em_setup_timepicker function| em_ajaxify boolean| em_maps_loaded object| maps object| maps_markers undefined| infowindow function| em_maps_load function| em_maps_load_locations function| em_maps_load_location function| em_maps function| em_map_infobox object| MG2Loader object| MG2Loader_options object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| tds_general_modal_image string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| td_ad_background_click_link string| td_ad_background_click_target string| GoogleAnalyticsObject function| ga function| mg2WidgetAPI object| block_td_uid_2_61166281a629b object| block_td_uid_3_61166281cc517 object| gaplugins object| gaGlobal object| gaData object| block_td_uid_4_61166281e0014 object| f2f object| block_td_uid_5_611662820a9f6 object| block_td_uid_6_611662821aa3f object| block_td_uid_7_611662822a317 function| vc_js function| getSizeName function| loadScript function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer string| screen_size function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content object| dfw object| googletag function| td_smooth_scroll object| tdDetect object| tdViewport object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height object| tdLoadingBox object| td_ajax_search string| tdModalImageLastEl function| tdModalImage object| tdBlocks object| td_mod_pattern_email function| handle_login_for_modal_window function| handle_register_for_modal_window function| handle_forgot_password_for_modal_window function| show_hide_content_modala function| modala_swich_tabs function| modala_add_remove_class function| td_modala_empty_err_div function| td_modala_write_err_div function| td_modala_empty_all_fields function| td_modala_call_ajax object| td_current_panel_stat object| tdTrendingNowObject object| td_history object| tdSmartSidebar object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdAjaxCount object| tdYoutubePlayer object| tdVimeoPlaylistObj object| tdPlaylistGeneralFunctions function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdBackstr object| tdAnimationStack object| td_backstretch_items function| td_compute_backstretch_item object| tdAjaxLoop object| tdWeather object| tdAnimationSprite object| $ULs object| jQuery112302534035835901567 function| $f function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| ggeac object| google_js_reporting_queue object| appInsights function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| AI object| Microsoft function| __extends function| _endsWith object| __ctcg_65349_0_exec string| fpVersion string| fpBuild object| DeviceDetector object| Fingerprint object| g2ExtendInits object| G2Analytics object| G2Insights object| MG2Insights object| nxtBundle object| webpackJsonpnxtBundle function| setImmediate function| clearImmediate object| NxtInner object| Connext object| CnnXt object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| MG2DL function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_tag_manager object| gPartners object| addthis_share object| addthis_config function| _at_plusonecallback function| _at_pluscallback object| GoogleGcLKhOms object| google_image_requests object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options string| addthis_ssh object| __callbacks

10 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 221=2DtkDNTGWLn1PzDD_RapFj97hB1FcWFFsDZS2C1TyTb7vIwsvuxDUjeZqZ9Ti2TD1p9qfnhabYBfmUT9evPwFV-nN9ebwdCezSnVqVnxpmKcMhkfauhwo5MyicbeXau9hBpvpcKgyZ4TupenW87PTEKrPuYKjrZUVsAzwoxyQNQ
www.greenfieldreporter.com/ Name: __atuvs
Value: 611696687998abc4000
www.greenfieldreporter.com/ Name: __atuvc
Value: 1%7C32
.doubleclick.net/ Name: DSID
Value: NO_DATA
.greenfieldreporter.com/ Name: _ga
Value: GA1.2.554517979.1628870248
www.greenfieldreporter.com/ Name: ai_session
Value: RcGaX|1628870249306.5|1628870249306.5
.doubleclick.net/ Name: IDE
Value: AHWqTUlfGA0e78z5SzbMczt7KDKq1Y-An7DmZaKP95t1Vka3bj2E9ULuUv9VRHgPlRc
.greenfieldreporter.com/ Name: _gat
Value: 1
.greenfieldreporter.com/ Name: __gads
Value: ID=f4a0b31764ed85a7-22f127649fc800d0:T=1628870248:S=ALNI_Mb_78QPV-s94svZn9-0Mpuv1JqlVg
www.greenfieldreporter.com/ Name: ai_user
Value: uGIxI|2021-08-13T15:57:28.156Z

16 Console Messages

Source Level URL
Text
console-api log URL: http://www.greenfieldreporter.com/wp-includes/js/jquery/jquery-migrate.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.0
console-api log URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js(Line 1)
Message:
onload https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2CString.prototype.endsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
console-api log URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js(Line 1)
Message:
onload https://fp-cdn.azureedge.net/prod/aim/fp.min.js
console-api log URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js(Line 1)
Message:
>>Loader<< | FP loaded by path - https://fp-cdn.azureedge.net/prod/aim/fp.min.js
console-api log URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js(Line 1)
Message:
onload https://g2insights-cdn.azureedge.net/prod/aim/g2i.min.js
console-api log URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js(Line 1)
Message:
>>Loader<< | DL loaded by path - https://g2insights-cdn.azureedge.net/prod/aim/g2i.min.js
console-api log URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js(Line 1)
Message:
onload https://cdn.ayc0zsm69431gfebd.xyz/prod/aim/t8y9347t.min.js
console-api log URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js(Line 1)
Message:
>>Loader<< | NXT loaded by path - https://cdn.ayc0zsm69431gfebd.xyz/prod/aim/t8y9347t.min.js
console-api log URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js(Line 1)
Message:
>>Loader<< | NXT loaded by path - https://cdn.ayc0zsm69431gfebd.xyz/prod/aim/t8y9347t.min.css
console-api log URL: https://fp-cdn.azureedge.net/prod/aim/fp.min.js(Line 8)
Message:
Location is ready [object Object]
console-api log URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js(Line 1)
Message:
>>Loader<< | Plugin FP is initialized
console-api log URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js(Line 1)
Message:
>>Loader<< | Plugin DL is initialized
console-api log URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js(Line 1)
Message:
>>Loader<< | Plugin NXT is initialized
console-api log URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js(Line 1)
Message:
<<Loader>> | Init time 793 ms
console-api log URL: https://antifraudjs.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_antifraud.min.js?v=20210720(Line 1)
Message:
Skipping WebGL fingerprinting because it is not supported in this browser
console-api error URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/aim/t8y9347t.min.js(Line 1)
Message:
DebugPanel: Debug panel is turned off in configuration

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
antifraudjs.friends2follow.com
api-mg2.db-ip.com
apis.google.com
az416426.vo.msecnd.net
b325f3235d02fba98bea1a6478ebe728.safeframe.googlesyndication.com
cdn.ayc0zsm69431gfebd.xyz
cdn.sbgsodufuosmmvsdf.info
cm.g.doubleclick.net
cms.quantserve.com
d1bdhkmqqz901h.cloudfront.net
d1wa9546y9kg0n.cloudfront.net
dc.services.visualstudio.com
fonts.googleapis.com
fonts.gstatic.com
fp-cdn.azureedge.net
friends2follow-us.s3.amazonaws.com
g2insights-cdn.azureedge.net
googleads.g.doubleclick.net
greenfieldreporter.com
greenfieldreporter.friends2follow.com
id.rlcdn.com
image6.pubmatic.com
loader-cdn.azureedge.net
log.outbrainimg.com
m.addthis.com
m.addthisedge.com
ob.cheqzone.com
obs.cheqzone.com
odr.mookie1.com
pagead2.googlesyndication.com
paywall-ad-bucket.s3.amazonaws.com
pixel.rubiconproject.com
platform.twitter.com
polyfill.io
prod-aim-proxy-connext.azurewebsites.net
prodmg2.blob.core.windows.net
rtb.openx.net
s7.addthis.com
scontent-iad3-1.xx.fbcdn.net
securepubads.g.doubleclick.net
syndication.twitter.com
tcheck.outbrainimg.com
tpc.googlesyndication.com
tracking.friends2follow.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.greenfieldreporter.com
www.gstatic.com
cm.g.doubleclick.net
s7.addthis.com
104.244.42.72
104.75.88.126
13.224.89.214
13.69.106.211
13.82.152.48
13.85.16.224
142.250.185.226
142.250.186.98
151.101.1.26
172.67.75.166
185.64.190.78
2.18.232.28
2.18.234.190
2600:1f18:e8a:cd04:9b88:a313:d24d:af44
2600:9000:2104:3200:1a:714c:dd40:21
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:2800:234:46c:e8b:1e2f:2bd:694
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2003
2a00:1450:4001:811::2003
2a00:1450:4001:812::2004
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200a
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::204
34.193.255.24
34.98.67.61
35.227.252.103
35.244.174.68
52.217.110.76
52.217.161.101
52.217.67.84
52.6.83.111
65.9.73.122
69.173.144.138
70.42.32.63
91.228.74.134
010d94a7426c714aaf7d4ebd0a50f95a8ece791c111710256949fd8bb7303513
0170454d7e585c14da486d989ebf67e78351352f4adab60dd89846e030c28f9f
03662cf6732fb52af1d6b5a2515f1982cb95f5a6313756d57308eebc4cb8ac95
0478a5c2d7ff284928ccfb76d44fff3741326b35e11b39e4002223424b805844
05a6817c5341d7fb32880cf79cc5b3ed89340d3bdf5d240c1c1a14349a16e759
05c9fba4725ec21b66265940137942726b48e11db84d9bc7d0bdb606b2602ede
069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
08e0754743ae23d475bbe7af40b8b7f72939fdc57c6cf3279876d6cf0e7602a2
0ac0d8dae396eed714b53c15ed0d4e8699fe0809b91da48fb1075a6403cc8b65
0b174c3937e27c15c8614bd08807719bdcd578e2366519c09cb1542c0ecf2bd9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c973a3f8d3736172bf626d596a6f6b98d7d0ce113ab7265d8bb82a7b98cab5f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10ad0b3f5cb38dd38efaae7ca5c57e749a1de1cceca0ec7c624fe7694c3165f3
132153fc8ff2cbe5c6cecc682083658bd1d0faaaa5730cb2b7598d63f8cbde13
13aebf2418a90a3a408fd528fcf45f90027657e5db7cd180312135b639da37c4
13dde69d1c426cba02f611fe2d66a5abff5ade0c5911fc1bcef55712fcf7df77
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185e2bff3b9f7b597f819010519c5e3fd7f57abcfc4a0d0d9a5c8b93b230a580
191622240e7646a2e888eb318557bcca854828b59b5b2e960545ee08ae142382
19d59443a557b7f35dca4a89ea494082dd23715d8ccdd9d6e19c0aad717565aa
1c33f17fdf8951c850ff300fc5f77417bfa1d42321c49477614f53aed8fca68c
1e1a77f9f30b38dc1bd684a10c1bda12b47b498992553ea78c4ca6f7eb14781e
1eb8b0b461886b58a6d7a704ffc72912c4268363deecd5c963ed266c0fd709fd
1f0b3805ae7450b7f469a3ad8c3a1e5307a1b83c927544b120ff0b6806ce14ac
2538e2c9a9fdead23e61c8dbb066e10a0f5c4249f4bbb8d13e1fc1b6a7e5747d
25d5d4f26dac85a8b49f0bbb5826acec77fe161b9dca3a20d8d50fe2c331bb09
25f85fdebcfcaecddcf817ab22144ea44ce19a3e1ae672daa713eab7fd56cffa
26984d8013ad2ad66660f5f0a36618d084230786b139b0b95b665ff879fdd717
26a3fabdf71141620385737bed9c17655464346664a470a1bdd006c96660d940
27330767dcd6c64abad7ac3448a4b4693b10720a7b420d4159143ba742cab453
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ef6098b152764c985338092267e7207676c7040d8f12187c4a9b419f1d41e83
2f01575257eee4080ab2e4badafc7ec0b68e6ac4661a9dfb9767729cddec843b
3048e28f3c86c8dda902a0442d0d2c76fc22946a51a6a52c4cabd5cfd724689e
31c214d8a4efb2d50baaee8356c0c6bbeba0d536d4dab0d602d479a60dda1cba
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
35344c8fadf8cc7e65b9adc5e6f8a6ebaa48548dc006d8066052775b3e209310
357839b656a38b688c109822362a471abf0cfa1c50b94f913e8c141fba7f59bf
35c67a1a1ac36782b2363ead5bcafd11a49b115b0e3c7d0fda304bcf05227e72
375d9787714fe296f561c6a6b186998d8bf3dcf3869a546e61df76c8b0b656b9
37bd4f791a6febdf51e0ef5b9063f230e9a6b617a85148bba89157a51e5b67b2
391b0b72a321dcd0734dd1c2be1f04396563b6b0bbfead2973c314ce5cf9c148
393dedb498c215b8d4c04eee2db2b6cecc8e90d97e11e6dded36026afaddf18a
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3a5031e567b8e2746e312346fd42a28e53585747550a1c1545822ef3fb1246cb
3ad6569f439422f0263c3471356a5ded62df94a689f308c6ca906b907408a605
3b8ef1f7c5b31efcaa6f80898adf49381a946a39879b3d092105b945681d30cf
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3ce672632d9ccd249014dc1bb913f7fa26ad5758fe180671e5cfb90b0f8a55d3
3ebd026647714647aaa1e9ce958a12670dee2ff940ac4b334d2d718f780400bf
412234f3160cd0cfd632467c641114dae97642a218627e814faa7855d3fedd84
459f26813859f6db8f9cde9e2c5b866da37a28d300f956ddafc94fc4955322e6
46a3b07bf02fd4fb89077df999fc0cb4fc471967d753cfd92705f7e4a43cc564
479789ebc7c7b79e6b0a3cd5769880403fedb19890b2c1a959cdd9a400f90db3
47a22a9ef947a096bead2d2f616c5e10769fecd120cbaecd301dac6dfcfc0dfe
485d1972851f2bd02a4f7953f5e0f66d954b3a7cc12e4e3cfd403b4ecaddc5d4
4b0ec6aa4700a370fd379ec9b3e62e28468e0e471782e36c34bc540e1a391a51
4ca87b5c5a7368bd31afdfa92371643c784c73e731e632f65b1847ea10585d92
4e64229dff9fbad03ec96b616f3f05f989e50899738a32b320521a9c08985d96
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5665f8390a5ed541cbfd66da58c3212dd18a200dc62a0bd6096e9d9cfd3da9c7
57e777a0775190f5e68d747cf7c15b5cf95366d46cbb793a42bbed2028db6d07
59bff5f6f97d3a0cceb01d8177542fd9dd9373a6a799ab4a0ac02678cd48bc79
5c7c510fe48b55809437914e200f6b830a60ddaec1d8b29d3b6f15cd82c728ec
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5d7051652d1642d455733b7376ff8982521e19b44ea1d1636073c08672ba79e6
5e0aeb27ad5ec940a7b1049848d9ac96fcc00a34653745b7796d695f9f25f508
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6472d4d999b1f10e007f0fa12aa9674ef55ec3527f21ab859945352aac4805e5
678ba3b30abc8363927f1f706435fb1502722a2525007767d05b1b5a8652f13e
6a873ec2fcf8748b20c3794ca506fa4c4de97073e553e30c77d860faef12ca31
6cf47c2fd5718b44799185c88cd0b4bf95afcd1496713789574ecef06deff888
6d13c57d64de527d206f2ae6589b688c6039e9ee9b9fb21fdfb1340ac5147adf
6e4b75816c1b2088ba5305eea405c0cddeeebee0f30ca09801724ea60ff49a35
71b245301927acbc68a3cbfcae185df3c246d46b3156d21af04b7a309ede01b7
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
75d28062099453a9c361ad464883b915ef7746363942dba858b7dcfdc2d9e526
762dd25c58a7eac4dc6544abc73e20dacbe10cc8d4363776c4b7489ebbac5122
7c0d08933537eec00050d60f0955e4088385a35bcb115e7d9d8fe9016cb17b2c
7c3bb4b0dc50c421daa6ffd15f9c2fa5477f1dcbeca3d8ab68ebd7a60f030157
7c4d920f74790e35932c7606ce7bb4511fe371767aeec5142e9ca3acafac920a
7d5b216dd5fd3acefe5123a0a90535a789f36e82b479a676bb6cc4844377bd10
7d779cde6b0fc8288d59c873a728628488b3d896bfb2ef9d02b0c0b06e7cf676
7dc46bf2c9857125c6fecd128c0e201bab4b2e4841abed12d6c1b262040d5513
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
8431f4973d02bcceeadba217953b9a058dad0b1d958f9ba25f9fccfe95d7ae42
8701638b5aa22d6258af6e1205a03d1069d69fa23ef6a959c76f17b2598b4dba
87e5e6d5eea4dd359d5653e1e448a52c6ea8405acf6c97fc44d50aa6ec48bfc3
892ecb8e84801900fbec1f9f340f9dd7d53a6444079d82dda76d41581c501891
8d041ab2ed7a65f5e35d8f34327e294350f5040feff005b3d35bfa54b2584205
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
8e2472bf4612bf09c687e0e8c3d265cf6fd01f05fc1a64c55bbe9b2013ee09e5
9359e2533ddf2791ccd6dbb07ba85e384ae218674c6adbcd7af93b5ca8ed4842
953d92a07a626c6dec91932a1215fa2ba08d055d23399dbb90c44e1500c438d4
95a91e047817247386ced0e355c8870ddad9ed1190c6cf8492155d0d172b3cac
973f27a57e440a6943b98cad6d5a5e8ded0d9b473fcf14bdd35fd2bf9dde1094
978d27625aae1b6236db52c4bca9e51b3f7b58fc965f2061c6b1f3dd6233a9bf
97aa0739d429331d29e0a5223cef08808954da9572d3903988e0d924ca7e62c5
97f10e45fa6028b8621196336c2fc1ec94ebb918af86875051ea625aaa24bc60
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d067f10c8442292344bc0dbddaf5533e200c7b519e19caea61978638d2721b6
9d971a8e4b7d8c6280fec49dfae6a5911b15c96a3092642310f4a3f4b1674dc0
9ddc3ac8ef0b6ae7c4b2b0cb8a3a33d688ae7b36df803ad369a97472bbba37f9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aaff39d300845b787ff11390a5532525a596ef35590ff9ae45289f35e18f448a
aba55d83602476cb099be3edff5d2264d00081c45f69e5ecef881a1cb8fbb6bd
ada69dbeb003b77c2242a7ae8311c734ae85682cc6f7b6c0210a0e65958ccb5e
b2c409eaebd4c3c73de13db69c66fc7e1df7b39b1a03a0370d50e2ac9d4afbe5
b4c341aaecc72f090e18ce3fc29c104fcfd8adb27e31f46f71d7266d6832264f
b50fadf0848a8ad0115be0412bce0c1f998a0cdbdeb13b4aabb823d1e6bbc889
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b66edf25b586a09d430ae7ac7caba4e1050c3f29de5d44541fb104ba2755ef85
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b8cbb54bbb0b069796d0f00768cebf9a55f8b794ba31b2f317633d3533155871
b97cbd1c9d7651291f6c80205703d7bacf4881dfd56a1751605eb9857223777c
babd317954f3fbacd29e37e1580ad4642902284e960f327de155b4f8176e200e
bce1e7961e588d49d0a5f66dbd507a7239d50ea292eb10557e5645fc18fa1efa
c4234f93bd894572069745f51d2804d462c5a392ff47993fb592e420fa9b76a1
c42700ed55236acaa0b497e430b94582d6b41fa5a56ae3618dd3c65986b0f873
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdb837c261b2b8d8df4b4ec5555bf11d94db7208b96d249037326c5bd87e4c1f
ce20dacd88bec40f4294a11d633ee30a489be0e4ece14e285584e90066d41314
ce514bf49fc8d78a676c4420fee48b71c0b0a467e641d1d818a70486ba227344
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf70d14e543cc6d2c59a90614f84c34d4dcd6d0a66813cf5a046a249a3d1a2a3
d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d630c8b21d6d1c6448073fe6bcdc798108fc800194ec0e3f68845c333c0d4699
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85
d76cff079726e43f3d55a0065b2345d4c3bba127e87919ed4a0cf3346dd1bee8
d88b906b0772f8e268213a44380fd671d094c1c15e38b7d8c8f41981434670ba
dad73df3a611649cc5af1d62326aaf63d1f99f171de7727f63a521de74a1e921
dc569104765dc63add573c1e2256369b5330d5a252efae5cb8b4c531dca84100
dd902c8972819fa72cbec32cc1e70809717d9a174b23ec0ce2cc831e4f82ae33
de71fa7acfd31b2b19a4ee556a3772b9c6fe285606ba65830037a3e0670c3bd5
df38a383494a88a07ba0282b97064b947788d227662178821f3aa3f2d2a67ce1
e157827ae082f67c8429ef20dd2a914e8391e72db67ddcf32baa2cfe5d44a447
e16596e8cae4796460d5ebc121d6c09e191b1b7b83c6260388c9a63ef58746e3
e2cd4914edda4d5f8a0562d5137cbf98fb89d2286d33b89f720571dc584834d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fd9f5150166de3c3b97e0d7ba19f30a8f2c00aaf63d90fa1c3a8c0c202398e
e5893bc1d44deadc6b2e6c6106b801df5f38aa9674a0e118f5814cc0860a831a
e6d4f5060ee235d834402e2a849b2e80b53a15986b21ec5f931f3e726f2eac09
e6eb56b3ad53ca666383c0d6adcc5b350c69e6baa7a0e84159d0bdbfc5389320
e975ff80aaf72c08354cbe8a1c73d2195cdbbe397bd8728d87991092848bba2c
e9a99010b087ed43ff726bbd7b6ef7b7ba55f6f1c70ee1634e749924e6c0d505
ec75f5f81f8d9976ae985ba86f53f9a069e44f1ee66bc3595f97801abf582b3f
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ee42c91f297eb0f204bf184600c3194d54e6908830639db14e37b5b158ea0ee7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f060ce0778a914d560d5772a03a58c136aa18364385ddd0c7df91cbde83f1c54
f2767d03e1d32e4688327305a176c77b67c5221b92a5c6094923f401f65d03be
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee
f6412288a06f5b354674ebf8b3b1c732f40567f536bed66d859ddf69a0ace4ff
f6bc60a2236521da275b572615694792a721d87b9e7c8aa28dcf9a66dff29f7e
f83a4b9a16072e05d61f4b5ecb1396ab254023313edb8038ada6738c3cde1cfb
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
feb16b2155b0e928d6b042e2f51bdae41580afd66888402dc1ec151cea6690d9
ff6d900c437f03dff77033a65462cae784791ceb56620f3ffcc846eed71d29b0
ffa263f5d44762ba96ccf4475d6da0960f346183c533e582ca0140acadfea7d6