ricowhaz.com Open in urlscan Pro
67.213.82.10 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ricowhaz.com/
Submission: On December 08 via api (December 8th 2023, 10:37:48 pm UTC) from US — Scanned from US

Summary HTTP 138 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 27 domains to perform 138 HTTP transactions. The main IP is 67.213.82.10, located in Toronto, Canada and belongs to AS40028, CA. The main domain is ricowhaz.com.
TLS certificate: Issued by R3 on November 10th 2023. Valid for: 3 months.

This is the only time ricowhaz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	67.213.82.10 67.213.82.10	40028 (AS40028) (AS40028)
12	2607:f8b0:400... 2607:f8b0:4004:c09::9b	15169 (GOOGLE) (GOOGLE)
3	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2 10	2607:f8b0:400... 2607:f8b0:4004:c08::9a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c07::5f	15169 (GOOGLE) (GOOGLE)
20	2607:f8b0:400... 2607:f8b0:4004:c08::84	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c1b::9b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c06::5e	15169 (GOOGLE) (GOOGLE)
8	23.50.124.22 23.50.124.22	16625 (AKAMAI-AS) (AKAMAI-AS)
8	23.46.192.28 23.46.192.28	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2607:f8b0:400... 2607:f8b0:4004:c08::93	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800b... 2620:116:800b:21:c1e8:5385:5098:6bf0	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.86.237.52 52.86.237.52	14618 (AMAZON-AES) (AMAZON-AES)
2 20	172.253.62.157 172.253.62.157	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a07:7e1:1718:4d2a:54ab	14618 (AMAZON-AES) (AMAZON-AES)
2	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2 2	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
3	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
4	184.31.48.28 184.31.48.28	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.205.106.147 23.205.106.147	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	172.253.62.154 172.253.62.154	15169 (GOOGLE) (GOOGLE)
2	213.155.156.164 213.155.156.164	1299 (TWELVE99 ...) (TWELVE99 Arelion)
4 4	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
1 1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1 1	69.90.254.78 69.90.254.78	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	23.220.132.230 23.220.132.230	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:445... 2600:1f18:445b:900:40c9:bc07:67b9:741c	14618 (AMAZON-AES) (AMAZON-AES)
138	24

24 67.213.82.10 (Toronto, Canada)

ASN40028 (AS40028, CA)
PTR: buy1.baseservers.com

ricowhaz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4004:c09::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4004:c08::9a (Ashburn, United States) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2607:f8b0:4004:c08::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.50.124.22 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-124-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.46.192.28 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-192-28.deploy.static.akamaitechnologies.com

warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c08::93 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:c1e8:5385:5098:6bf0 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.86.237.52 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-237-52.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 172.253.62.157 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (Seattle, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a07:7e1:1718:4d2a:54ab (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.208.249.213 (Council Bluffs, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.31.48.28 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-48-28.deploy.static.akamaitechnologies.com

lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.106.147 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-205-106-147.deploy.static.akamaitechnologies.com

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.164 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.167.164.49 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway) 1 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.90.254.78 (Herndon, United States) 1 redirects

ASN13768 (COGECO-PEER1, CA)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.220.132.230 (Ashburn, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-132-230.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:445b:900:40c9:bc07:67b9:741c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	528 KB
28	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	134 KB
24	ricowhaz.com ricowhaz.com	241 KB
20	media.net contextual.media.net — Cisco Umbrella Rank: 665 warp.media.net — Cisco Umbrella Rank: 2561 lg3.media.net — Cisco Umbrella Rank: 6606 hblg.media.net — Cisco Umbrella Rank: 2037 cs.media.net — Cisco Umbrella Rank: 1381	252 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	78 KB
5	wp.com stats.wp.com — Cisco Umbrella Rank: 2814 pixel.wp.com — Cisco Umbrella Rank: 2796 i0.wp.com — Cisco Umbrella Rank: 3858	3 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 560	3 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
4	google.com www.google.com — Cisco Umbrella Rank: 2	560 B
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	255 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 331	1 KB
3	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 2168 0.gravatar.com — Cisco Umbrella Rank: 8413	7 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1786	1 KB
2	de17a.com d5p.de17a.com — Cisco Umbrella Rank: 4497	250 B
2	akamaihd.net qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1939	592 B
2	mediago.io 2 redirects trace.mediago.io — Cisco Umbrella Rank: 902	752 B
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	725 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 818	2 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 749	802 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1771	297 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1209	684 B
1	opera.com 1 redirects t.adx.opera.com — Cisco Umbrella Rank: 1072	673 B
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 7973	543 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	714 B
0	aura-dsp.com Failed sync-dmp.aura-dsp.com Failed
138	27

	Domain	Requested by
24	ricowhaz.com	ricowhaz.com
20	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
18	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
12	pagead2.googlesyndication.com	ricowhaz.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
8	contextual.media.net	googleads.g.doubleclick.net contextual.media.net
4	c1.adform.net	4 redirects
4	www.googleadservices.com	ricowhaz.com
4	hblg.media.net	googleads.g.doubleclick.net
4	lg3.media.net	googleads.g.doubleclick.net contextual.media.net
4	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	match.adsrvr.org	3 redirects
3	i0.wp.com	ricowhaz.com
2	cs.media.net	contextual.media.net
2	e.dlx.addthis.com	2 redirects
2	d5p.de17a.com	googleads.g.doubleclick.net
2	qsearch-a.akamaihd.net	googleads.g.doubleclick.net
2	trace.mediago.io	2 redirects
2	dis.criteo.com	googleads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	warp.media.net	googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	secure.gravatar.com	ricowhaz.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	ums.acuityplatform.com	1 redirects
1	t.adx.opera.com	1 redirects
1	dsp.adkernel.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	0.gravatar.com	secure.gravatar.com
1	pixel.wp.com	ricowhaz.com
1	stats.wp.com	ricowhaz.com
0	sync-dmp.aura-dsp.com Failed	googleads.g.doubleclick.net
138	38

This site contains links to these domains. Also see Links.

Domain
www.update.microsoft.com
www.chiark.greenend.org.uk
partedmagic.com
en-gb.wordpress.org

Subject Issuer	Validity	Valid
buy1.baseservers.com R3	`2023-11-10` - `2024-02-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-30` - `2023-12-30`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://ricowhaz.com/
Frame ID: 9A4E4F719F5A259053FA94D3493A8BEF
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: 7B205618460DF9B1321D7B36603A9244
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&adk=1812271804&adf=3025194257&lmt=1702075063&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063197&bpp=14&bdt=345&idt=163&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2605771768445&frm=20&pv=2&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=183
Frame ID: 6DB48416FFC84A515EEF1E451E7706B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=3363353524&adf=2437083605&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702075063&rafmt=1&to=qs&pwprc=5754973339&format=1200x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063212&bpp=2&bdt=360&idt=171&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=175
Frame ID: 6C8195E53AD9B35B3D3D70C271AFBFE9
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=2838257118&adf=3369603303&pi=t.aa~a.248616470~i.7~rp.4&w=600&fwrn=4&fwrnh=100&lmt=1702075063&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5754973339&ad_type=text_image&format=600x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rh=150&rw=600&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063633&bpp=2&bdt=781&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=26
Frame ID: 9E623D1C496E19FB93B38926450F4226
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=1148830916&adf=1508840718&pi=t.aa~a.3193222342~i.3~rp.4&w=600&fwrn=4&fwrnh=100&lmt=1702075063&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5754973339&ad_type=text_image&format=600x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rh=150&rw=600&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063633&bpp=1&bdt=782&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C600x280&nras=4&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3221&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=53
Frame ID: 1AF9E46A8748FDAC735FFEABA479D508
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=2341355190&adf=4244749459&pi=t.aa~a.1085383348~i.3~rp.4&w=600&fwrn=4&fwrnh=100&lmt=1702075063&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5754973339&ad_type=text_image&format=600x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rh=150&rw=600&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063633&bpp=1&bdt=782&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C600x280%2C600x280&nras=5&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=4292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=58
Frame ID: 631F1ADD63541F74D985455F75841682
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV&ydspr=1
Frame ID: 55713E0E390B82B68690C2751C8CF9A6
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 26A8B185CFB28858E0D2110618D49DDC
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV&ydspr=1
Frame ID: 5E6C5D5970D392A834B0D833959D314A
Requests: 12 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2792&&kkdd=*9%7Ch%7C3un*H9A&J1=QyiCiyXi_YCCiQCyXQX&!acP=i&tOc6=i&WaJ=QQC*&4OWF=vhYQ&W1a=-KRXLrQUo&WcWa=(hF*qV89GQewRs!9Sja(1Z%3D%3D&WP1a=yyC-C-_hy&O1GF=hh_9C-i&WW=R7&OW=Ev&W(wt=OttTt1!P6415wT4FO4&c1a=-UurY8C-n&4c1a=eQeXedu&(44cO=Q&PPP=4GLx(vWkxvTVriryjCZta07ehUJCsZ!4&wOF=X&kZ=Q&0!a=Y&6a4Q=-KRQ7nDYh&6a4C=hhy_*QXh-&qa646=OaC%3Dw0kkl10PkTk%3DQil5!FPct%3Di~C_la5tTq%3Di~y_lOWa%3DwVlP6F%3Di%2Cila5tTk%3DCilJkCPTOa%3DCiChQCi-QQl10PkTq%3D*X*~Yyl0PkT4BW%3Dil0PkTPC6Tq%3DilO4a%3DChYQhXXQ*iltwTqF(Tq55O4%3Di~*QlP64%3Di~iii%2Cil1c%3DQ*rYeU6qcKB.1QJKEqRXGCljqq%3DQYlq(T1t%3DYhlP11c06%3D*Q%2C*QlPW%3DQlP1O01a%3Di%2CilPcOTOa%3DCiChQCi-QylP6aJ%3Di~iii%2Cil0PkTq%3DQ~iQlJkCPT0PkTq%3DilOttTZP%3D_~*i-Cl0PkTk%3DQilOkJ%3DQ-~Xyl!W64%3DxQlqq%3DQ*_lOttTt0k%3Di~_YlFPct%3Di~C_lJkCPT0PkTBW%3DipilcO1TW%3Dy%2C_%2Ci%2Ci%2Ci%2Ci%2Ci%2CQlqt%3DQlcO1Ta%3DQ_QlPBF%3Di%2Cil6hcTq%3DQi~Y%2CQC*~iXlOa%3DQl01a%3DCE6n1Us7OEH.ohVUiklWJkCPTq%3DX~hClq4a%3DCCh*-Qhh_iy_hY_X*Yiyh_i*hhCQyX-CQ-QQh_QQC*-iQ-C*_*Qiyy-_*yChY_-ChhhYhXyYC*yYh--hYiiiyy-CYhi-Q_CQ**X*C*_l01t%3DilPB4%3Di~iii%2Cil5!aCcTq%3Di~*-lOO%3D8blWW%3DR7lBqTak%3DFwl01Z%3DxQlWF%3DilPWJ%3DYC~iylKE%3DhiXYlBqT0W%3Dilw4O%3DQlBqT0k%3Dw%2F6lBqTWWBO%3DQlW4%3Dq0jj6k5lqOOTHeg%3D8b%2C8blq6O1OC%3DQ*_lq6O1OQ%3DQ*_lBqT44%3D*lq(TOa%3DCiChQCi-iQlaW%3D-lJkCPTq%3DQi~Yl44%3DQ_il0ktTc%3Di~QYlJZTF9W%3Di~CYlOttTq1a%3Di~QylJ1OTOa%3DCi_l0PkTPcOTq%3DQC~-Clq(TW5%3DilO5q.%3DilaWC%3DQlJT6Ow%3DCiCy-lk6O4%3DlWJ5!%3DX~hClJ1OT0PkTq%3Di~XlJkCPT1TOa%3DCiChQCi-QQlJ1OT0PkTk%3DilF4%3DCylJkCPT1Tq%3Di~iYlJ1OTq%3DQ*h~*_lJkCPT0PkTJ1%3DQpxQ_l0PkT4J1%3DilJJ%3DilWJkCPTOa%3DCihlPjJ%3DYC~iylkCPTq%3DQiiilOttTOa%3DCiChQCi-QhlP6ac%3Di~iii%2CilO1a%3DyyC-C-_hyl0PkTPcOTBW%3DilBqTOPW%3DBqqlJZ0%3Di~CYlaCcTk%3DQilWJkC%3DX~hClhcWj%3D***~_QlattTO4P!%3DOttTt1!P6415wT4FO4laCcTq%3DQlPcOTq%3DQC*~iXl0PkTOPcOTq%3DQC~-ClPBZc%3Di~iii%2CilPBZa%3Di~iii%2Cil1OLFj%3Dil1O1j%3Dil0PkTPcWTq%3Dilq1a%3Di~QylBqTc4%3DA5tFc6!Fl0PkTPcOTPJ%3DilWqac%3Di~QyilOa%3DQl14VcFT1a%3DQylOFkkFPT46!T1a%3DChYQhXXQ*ilO0cckVT46!T1a%3DlaF4FW4FaT46!T1a%3DlJ1FZ6q1k14V%3Di~CYlc5O%3Dhl6WT4VcF%3DQl6aqkB%3DChYQhXXQ*il6tc%3DQl5!q1a%3Di~C_ilqjkP%3Di~iQilO01a%3DKbp7puTNi5CFP2WB9WsUHy4pe63la4W%3DF6O4TOWlattTFPct%3Dj6kOFlatt%3DOttTt1!P6415wT4FO4lqacW6ca%3Dila6k!%3DOttlO!t4%3Dk5w!T461kT(5tFc6!FTW64W(6kklO5qc%3Di~i-l91a%3Db)Sxc0qxX-Q*X_Ch_yh_XQiQl(4tk%3DQlOttT6c1%3DJQl1qW%3DQlwOG%3DQl4!O%3Dhh_9C-ilqOq%3DilqOc%3Dil4t9%3DCXi&w4J=i&ttt=0S5O8jE)2pB%3D&1Z=hh_&1wEjP=Q&qaPEa=C*Y&q1a=hhy**-&tWj=**Ci&VaOcP=Q&q6F=f9F!F9GFY%2Flf9F!F9GYY%2FlYFF&B64cPF=Q&B64q1a=xQiC&Vckc=Q&1O1a=C&OOtWPTJFP=X&c!1a=ciCiCy**XCQ_4CiChQCi-CChy&OOka=%7B%22OO1c%22%3A%22C_iC%3AjjW-%3AiiiC%3Aiiii%3Aiiii%3Aiiii%3Aiiii%3Aiiii%22%2C%22OOWW%22%3A%22R7%22%2C%22OOOW%22%3A%2283%22%2C%22OOW4V%22%3A%22q0jj6k5%22%7D&(4tkOPW=Q&sflct=4952349&ure=1
Frame ID: B9F4C31B1EC1AA6DE4D571F6FBA74AD0
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1SGZ43&prvid=462%2C99%2C77%2C20000%2C313%2C319%2C294%2C460&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 7B9992F9317C2B18130575A9612FDB6C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8328C1BE41C09E4E966DE9F43203C829
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2811&&kkdd=H*%7Ch%7CuH9A3n*&Be=ag6Y6gc6JXa55iiiYaJ&8rMl=6&SdMR=6&-rB=aaYQ&7d-P=~5Xa&-er=it.ckfajp&-M-r=V5PQ3EO0bavK.F80!zrVe2%3D%3D&-ler=ggYiYiJ5g&debP=55J0Yi6&--=.W&d-=N~&-VKS=dSSLSe8lR7eIKL7Pd7&Mer=ij_fXOYiC&7Mer=vavcvU_&V77Md=a&lll=7bkuV~-nu~LEf6fgzY2SrTWv5jBYF287&KdP=c&n2=a&T8r=X&Rr7a=it.aWCHX5&Rr7Y=55gJQac5i&3rR7R=drY%3DKTnnZeTlnLn%3Da6ZI8PlMS%3D6GY5ZrISL3%3D6GgJZd-r%3DKEZlRP%3D6%2C6ZrISLn%3DY6ZBnYlLdr%3DY6Y5aY6iaaZeTlnL3%3DQcQGXgZTlnL7w-%3D6ZTlnLlYRL3%3D6Zd7r%3DYi5iYcgaaiZSKL3PVL3IId7%3D6GQaZlR7%3D6G666%2C6ZeM%3DaQfXvjR3MtwDeaBtN3.cbYZz33%3DaXZ3VLeS%3DX5ZleeMTR%3DQa%2CQaZl-%3DaZledTer%3D6%2C6ZlMdLdr%3DY6Y5aY6iagZlRrB%3D6G666%2C6ZTlnL3%3DaG6aZBnYlLTlnL3%3D6ZdSSL2l%3DJGigXiZTlnLn%3Da6ZdnB%3DaiGcgZ8-R7%3DuaZ33%3DaQJZdSSLSTn%3D6Gg5ZPlMS%3D6GY5ZBnYlLTlnLw-%3D6*6ZMdeL-%3Dg%2CJ%2C6%2C6%2C6%2C6%2C6%2CaZ3S%3DaZMdeLr%3DaJaZlwP%3D6%2C6ZR5ML3%3Da6GX%2CaYQG6cZdr%3DaZTer%3DYNRCKElygOk0CgF5U!Z-BnYlL3%3DcG5YZ37r%3DYY5Qia55J6gJ5X5XaaY6XiQJ56QcXa5aY5JaQg6XJc5aXY6igJX6aaJ5Yc65JY6JcgQcYYXa5Y5YQ6YgJ5YQiJia556Y65JXcQJi5iXZTeS%3D6Zlw7%3D6G666%2C6ZI8rYML3%3D6GQiZdd%3DO(Z--%3D.WZw3Lrn%3DPKZTe2%3DuaZ-P%3D6Zl-B%3DXYG6gZtN%3D56cXZw3LT-%3D6ZK7d%3DaZw3LTn%3DK%2FRZw3L--wd%3DaZ-7%3D3TzzRnIZ3ddL4vx%3DO(%2CO(Z3RdedY%3DaQJZ3Rdeda%3DaQJZw3L77%3DQZ3VLdr%3DY6Y5aY6i6aZr-%3DiZBnYlL3%3Da6GXZ77%3DaJ6ZTnSLM%3D6GaXZB2LP0-%3D6GYiZdSSL3er%3D6GagZBedLdr%3DY6JZTlnLlMdL3%3DaYGiYZ3VL-I%3D6ZdI3D%3D6Zr-Y%3DaZBLRdK%3DY6YgiZnRd7%3DZ-BI8%3DcG5YZBedLTlnL3%3D6GcZBnYlLeLdr%3DY6Y5aY6iaaZBedLTlnLn%3D6ZP7%3DYYZBnYlLeL3%3D6G6XZBedL3%3DaQgGJcZBnYlLTlnLBe%3Da*uaJZTlnL7Be%3D6ZBB%3D6Z-BnYlLdr%3DY65ZlzB%3DXYG6gZnYlL3%3Da666Z2lL3%3DiG5Y%2C6ZdSSLdr%3DY6Y5aY6ia5ZlRrM%3D6G666%2C6Zder%3DggYiYiJ5gZTlnLlMdLw-%3D6Zw3Ldl-%3Dw33ZB2T%3D6GYiZrYMLn%3Da6Z-BnY%3DcG5YZ5M-z%3DQg6GYaZrSSLd7l8%3DdSSLSe8lR7eIKL7Pd7ZrYML3%3D6GQiZlMdL3%3DaYQG6cZTlnLdlMdL3%3DaYGiYZlw2M%3D6G666%2C6Zlw2r%3D6G666%2C6ZedkPz%3D6Zedez%3D6ZTlnLlM-L3%3D6Z3er%3D6GagZw3LM7%3DhISPMR8PZTlnLlMdLlB%3D6Z-3rM%3D6Gag6Zdr%3DaZe7EMPLer%3DagZdPnnPlL7R8Ler%3DYi5iYcgaaiZdTMMnEL7R8Ler%3DZrP7P-7PrL7R8Ler%3DZBeP2R3ene7E%3D6GYiZMId%3D5ZR-L7EMP%3DaZRr3nw%3DYi5iYcgaaiZRSM%3DaZI83er%3D6GY56Z3znl%3D6G6a6ZdTer%3Dt(*W*4*xYu.~glb-Kf6.l6Cr_*8Zr7-%3DPRd7Ld-ZrSSLPlMS%3DzRndPZrSS%3DdSSLSe8lR7eIKL7Pd7Z3rM-RMr%3D6ZrRn8%3DdSSZd8S7%3DnIK8L7RenLVISPMR8PL-R7-VRnnZdI3M%3D6G6iZ0er%3D(q!uMT3uciaQcJY5Jg5Jca6aZV7Sn%3DaZdSSLRMe%3DBaZe3-%3DaZKdb%3DaZ78d%3D55J0Yi6Z3d3%3D6Z3dM%3D6Z7S0%3DYXa&K7B=6&SSS=T!IdOzNqm*w%3D&e2=55J&eKNzl=a&3rlNr=YQX&3er=5Xa56X&S-z=QQY6&ErdMl=a&3RP=)0P8P0bPX%2FZ)0P8P0bXX%2FZXPP&wR7MlP=a&wR73er=ua6Y&EMnM=a&eder=Y&ddS-lLBPl=c&M8er=M6Y6YgQQcYaJ7Y6Y5aY6iYY5g&ddnr=%7B%22ddeM%22%3A%22YJ6Y%3Azz-i%3A666Y%3A6666%3A6666%3A6666%3A6666%3A6666%22%2C%22dd--%22%3A%22.W%22%2C%22ddd-%22%3A%22Oy%22%2C%22dd-7E%22%3A%22)TzzRnI%22%7D&V7Sndl-=a&sflct=4952349&ure=1
Frame ID: B7523504149DD535E7E5459B17428D3E
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1SGZ43&prvid=462%2C99%2C77%2C20000%2C313%2C319%2C294%2C460&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 384345C6DD07570A621DE5BF2314F482
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6EB5A68EF0F35CCB24967579832143AC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 0A8F4D3ECC36732ADA2053F8BDF9D5EF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: FF84A7119E272646EE731D797699FF91
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6CDACA4D9FC6D4ABF4FCD106DE8E5D33
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E2DAFFB8C582FE6FFBE6E429E9072308
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ricowhaz I.T. -

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

138
Requests

68 %
HTTPS

41 %
IPv6

27
Domains

38
Subdomains

24
IPs

6
Countries

1517 kB
Transfer

3744 kB
Size

32
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.update.microsoft.com/microsoftupdate/v6/default.aspx
Title: http://www.update.microsoft.com/microsoftupdate/v6/default.aspx

Search URL Search Domain Scan URL

URL: http://www.chiark.greenend.org.uk/~sgtatham/putty/
Title: Putty

Search URL Search Domain Scan URL

URL: https://partedmagic.com/
Title: Parted Magic

Search URL Search Domain Scan URL

URL: https://en-gb.wordpress.org/
Title: WordPress.org

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDqKLnHknc4TYx9DC9eijRs&google_cver=1&google_push=AXcoOmQbFoyqWpLBNAKIdJTaiphbGEDD-Y9AKoULRJmMTTRQNFXVvZXLjLFfr-MZumuFY2156lvmUA2aTDON4mGaN0pMppo7dr8PqS8 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDqKLnHknc4TYx9DC9eijRs&google_cver=1&google_push=AXcoOmQbFoyqWpLBNAKIdJTaiphbGEDD-Y9AKoULRJmMTTRQNFXVvZXLjLFfr-MZumuFY2156lvmUA2aTDON4mGaN0pMppo7dr8PqS8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eUNLallMODYxUmJKdEQ1&google_gid=CAESEDqKLnHknc4TYx9DC9eijRs&google_cver=1&google_push=AXcoOmQbFoyqWpLBNAKIdJTaiphbGEDD-Y9AKoULRJmMTTRQNFXVvZXLjLFfr-MZumuFY2156lvmUA2aTDON4mGaN0pMppo7dr8PqS8

Request Chain 78

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMPozBKXlpH8nsFRpzSS_o4&google_cver=1&google_push=AXcoOmSrjN-gWsaqpA8xf3itufK5G-jlt9QL2zN1SOUxpTdfDVS9JT3jJCubcHCTbPcH1160h1TUtx45cpMajX-FRiL_GBc6KMjmKg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSrjN-gWsaqpA8xf3itufK5G-jlt9QL2zN1SOUxpTdfDVS9JT3jJCubcHCTbPcH1160h1TUtx45cpMajX-FRiL_GBc6KMjmKg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMPozBKXlpH8nsFRpzSS_o4&google_cver=1&google_push=AXcoOmSrjN-gWsaqpA8xf3itufK5G-jlt9QL2zN1SOUxpTdfDVS9JT3jJCubcHCTbPcH1160h1TUtx45cpMajX-FRiL_GBc6KMjmKg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSrjN-gWsaqpA8xf3itufK5G-jlt9QL2zN1SOUxpTdfDVS9JT3jJCubcHCTbPcH1160h1TUtx45cpMajX-FRiL_GBc6KMjmKg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 79

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKwAw_Vajtk3ocqlFpaf7CE&google_cver=1&google_push=AXcoOmQhTdOvKh9grmddgbxJNFsOCulC_QnvLZ0bisV62yLk_yTwZi9YOLWmwpnbORcP4RRL9CJjTWUJtM6jqHzgglgiabrjcLGe1i0 HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEKwAw_Vajtk3ocqlFpaf7CE&google_cver=1&google_push=AXcoOmQhTdOvKh9grmddgbxJNFsOCulC_QnvLZ0bisV62yLk_yTwZi9YOLWmwpnbORcP4RRL9CJjTWUJtM6jqHzgglgiabrjcLGe1i0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTBhM2ExMWEtMTA4My00ZGYwLThjNDItNjdmN2MxNzU5MmI5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e0a3a11a-1083-4df0-8c42-67f7c17592b9

Request Chain 80

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF_1nV-bytGfPJmE5zjYe5k&google_cver=1&google_push=AXcoOmSXOGRIe8Xb_RLBGfMAv9GwDRtYWQCD80iowcyWYAoF1hPvJDuTcsBOlofS0vQy74ytxwwHtmKSTaZYHuQ8lwjhpf3l_8cFPg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSXOGRIe8Xb_RLBGfMAv9GwDRtYWQCD80iowcyWYAoF1hPvJDuTcsBOlofS0vQy74ytxwwHtmKSTaZYHuQ8lwjhpf3l_8cFPg&google_hm=eS1Td1VDR3FCRTJwRnBvVzROWEM1UXpOaHdjN0JaeUVnT35B

Request Chain 82

https://trace.mediago.io/cs/google?google_gid=CAESEDQHeWQsY3ai_SsbmwxTnFk&google_cver=1&google_push=AXcoOmToY_LBHvO3BJaNvaaMFrC7F6IFPgR9UjAktmbKt26_0MTGGpAZY2vRo0mLzWqEG9bimiyKz85vXmvJrtLGiFAHWxGukQhSsNUr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmToY_LBHvO3BJaNvaaMFrC7F6IFPgR9UjAktmbKt26_0MTGGpAZY2vRo0mLzWqEG9bimiyKz85vXmvJrtLGiFAHWxGukQhSsNUr&google_hm=81fa84b74db46ff3131pi800lpx7jpga

Request Chain 96

https://googleads.g.doubleclick.net/pagead/adview?ai=CY6xft5pzZeaVHZewiM0PgNKzgA6g_L3GdK7YoKSJEuCsqbGRDhABILaczQNgye6Oi8CkjBCgAZWAse8oyAEJqAMByAPLBKoE3wFP0KZaH87JJpo3mkD4btVdUof4o4rYhxo4oTl-2cIoYdtSCYU61MoMZpebB0Xfw12dmAWDdfmDZ6IJLznQlMUi5mEql0O6YEG0FtzDRUAyS4HtwE7qp4SEw4I6Sy_Z9JK_ds3zYuDxWUedKK3S1p-A0IYpBSXItjc7YeDxxnIZUEd8SvE-SE9jUe1z5-S-r0CDyG9vBTiIGWEb8dGCSntaIOvfy9Fvh_BfSEhwudv6yEcPsplPuyJbTRLXj3UC0CY9YacnTMgFdwvJJmh1y8n00E4t7BwuhyNFda4wj2B6wATutN71uASIBfbgsdtMkgUECAQYAZIFBAgFGASgBi6AB5W4gc8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ1aEg0ggdCIBhEAEYHzICigI6AoBASL39wTpYtfWk3POAgwOaCZQBaHR0cHM6Ly91cy5xdWVzdHRpcHMuY29tL2Rzcj9xPWN5YmVyJTIwc2VjdXJpdHklMjBpbnN1cmFuY2UlMjBxdW90ZSUyMHRpcHMmYXNpZD1xdF9jaDc5MiZkZT1jJnNjbGlkPTAtMjQzNTcmcmFjPWN5YmVyJTIwaW5zdXJhbmNlJTIwc21hbGwlMjBidXNpbmVzc4AKAcgLAaIMECoOCgzktLEC7rWxArW4sQLaDBEKCxDQsMjMvoyS7Z0BEgIBA7gT5APYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNTgxOTU2MjM2NzM2NTEwMRgA&sigh=DpwVshduadc&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNH0kucNuh6-YQZLtag8BNui603w3krFfPaeo2n3pA88EXSR-sGbZX7xvUIKJ5rZVJByCzuephmS7cH296j71SSNf2_LNQPdG34NEYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x90b84325f62329230000000000000000%22,%222%22:%220xd8fa88bd0bbc63a40000000000000000%22,%223%22:%220x13ea47e9a5f0826a0000000000000000%22,%224%22:%220xa45f36b8bd713b0b0000000000000000%22,%225%22:%220x985e5db871c0d8320000000000000000%22},%22debug_key%22:%226085754494147133544%22,%22debug_reporting%22:true,%22destination%22:%22https://questtips.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210971004949%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22665347386052870273%22}&andc=true

Request Chain 108

https://googleads.g.doubleclick.net/pagead/adview?ai=C7qbot5pzZZOuL4juYLLao-gG5t7n0nT749yBkBKNv9uajQ4QASC2nM0DYMnujovApIwQoAGQ7MuXKsgBCagDAcgDywSqBN4BT9AA2UTdsUkYEyyGO-47LHGidAWAll2Ws4YT635aUA3utARlC7l5m8XF_j50VwE8RaavPMA9tq4QLlq3e-ymWEmZhUOBxMfmn8P_Y7Hsicaz3-fZXCB5x_kaTRwK76MMpYc9asQobOeTEkbusect54pF3_MJOcPDEq-tcd-PzoXmuXrxcUKyQlA4hJq28WEITwvHmlhYjjeY5IhIHBgHgWLL5kKlRDRlj61WIW4XOEg5_UwJadLKjmJqxWRg6JgrjVCaUSDrWUtBy9fSf_WqN5sOFVXo6sVEH46qU76awASR1YvUvQSIBeLgl8JNkgUECAQYAZIFBAgFGASgBi6AB5CknPcEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQtdoT0ggdCIBhEAEYHzICigI6AoBASL39wTpYqZG33POAgwOaCbYDaHR0cHM6Ly9lbGlzZXJ5LmNvbS9hcnRpY2xlLzE1NDM5P2NhbXBfaWQ9MjkyMDU2JnV0bV90ZXJtPW9ubGluZSttYXN0ZXJzK2RlZ3JlZSUyQ29ubGluZSttYXN0ZXJzK2RlZ3JlZStpbitidXNpbmVzcythZG1pbmlzdHJhdGlvbiUyQ2Jlc3Qrb25saW5lK21hc3RlcnMrcHJvZ3JhbXMlMkNhY2NyZWRpdGVkK29ubGluZSttYXN0ZXJzK2RlZ3JlZStwcm9ncmFtcyUyQ29ubGluZSttYXN0ZXJzK2luK2NvbXB1dGVyK3NjaWVuY2UlMkNhZmZvcmRhYmxlK29ubGluZSttYXN0ZXJzK3Byb2dyYW1zJTJDb25saW5lK21hc3RlcnMraW4rZWR1Y2F0aW9uJTJDb25saW5lK21hc3RlcnMraW4raGVhbHRoY2FyZSthZG1pbmlzdHJhdGlvbiUyQ29ubGluZSttYXN0ZXJzK2luK3BzeWNob2xvZ3kmdXRtX2NvbnRlbnQ9RmluZCtZb3VyK1BlcmZlY3QrT25saW5lK01hc3RlcnMrRGVncmVlgAoByAsBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxAtoMEQoLENDjsZCmmLqEvwESAgEDuBPkA9gTDYgUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi01ODE5NTYyMzY3MzY1MTAxGAA&sigh=wURZ00jZit0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNZe_CDcmPmV_UoXsSIbcR_TN8bnuk6dXsqAEt1LfCxz4yskXO9wTxcrEvjySKCub4j9dWSLi5JxgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x10c08091f4fcb7960000000000000000%22,%222%22:%220xbbb838d85d0de9160000000000000000%22,%223%22:%220xea286c1bde56248f0000000000000000%22,%224%22:%220x9cf9e432497589fc0000000000000000%22,%225%22:%220xa2e43e7e2aff4c850000000000000000%22},%22debug_key%22:%2210053660147728477967%22,%22debug_reporting%22:true,%22destination%22:%22https://elisery.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211323766288%22],%2222%22:[%22true%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223315557613809295121%22}&andc=true

Request Chain 110

https://match.adsrvr.org/track/cmf/google?google_gid=CAESENR5W3mlWFXrNVhuW_a-jbE&google_cver=1&google_push=AXcoOmTxsxKI5-cFjYc2TWCOyB-Yq-JAUPj1I5ODeqTbtg75lgfhiD98bsUxhLkXkYz6Se6aS4pQZ4xuaJHHXn4LcdrYr6LecXC9_Zo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTBhM2ExMWEtMTA4My00ZGYwLThjNDItNjdmN2MxNzU5MmI5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e0a3a11a-1083-4df0-8c42-67f7c17592b9

Request Chain 113

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOIH6JVmqMQVojmt_H8Kjxs&google_cver=1&google_push=AXcoOmT3rfT-DcomSNzAd2wosGSO3ACMuY26j3yyjmIdgo6KkVqiYKYbsphorgJyp_p3bYIEmAvzvafRq2_4MC68Azh-TKTPZFj8ug HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOIH6JVmqMQVojmt_H8Kjxs&google_cver=1&google_push=AXcoOmT3rfT-DcomSNzAd2wosGSO3ACMuY26j3yyjmIdgo6KkVqiYKYbsphorgJyp_p3bYIEmAvzvafRq2_4MC68Azh-TKTPZFj8ug HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAyMTgwMzI4NDE2MTgzNjA2OA&google_push=AXcoOmT3rfT-DcomSNzAd2wosGSO3ACMuY26j3yyjmIdgo6KkVqiYKYbsphorgJyp_p3bYIEmAvzvafRq2_4MC68Azh-TKTPZFj8ug

Request Chain 114

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEI8ewSCyNZ9pImjzUMwiHAY&google_cver=1&google_push=AXcoOmRIUFN_5URiwR8d7O3jMHv1IfqaLsXXFreXr-W4a6_VA1Z_ZK0aiLqmapnYgApLF51CxXaOLSlZw6Q4WO-pw1Q8kx6qZM7NkiI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTMyNjc3MjU1MDkxMjAxNTc0NTQ&google_push=AXcoOmRIUFN_5URiwR8d7O3jMHv1IfqaLsXXFreXr-W4a6_VA1Z_ZK0aiLqmapnYgApLF51CxXaOLSlZw6Q4WO-pw1Q8kx6qZM7NkiI

Request Chain 115

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmTZpWfx_or6Q0NzTxZLCXc1-s_MoN0yTlL83O2kmobdslwgdhDj5DeDgmVIFQ2JptJjGiBMtgUGX7d_PoRHE3bjA5FB2O_qi7U&google_gid=CAESEPVyrOZs4Mmt_zzIDpq-ZbQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPVyrOZs4Mmt_zzIDpq-ZbQ&google_hm=T1BVMmRjODFjOTQ5ZTA1NGQxYWE4YTcyNGQ2YTQ5OTA5NDc&google_nid=opera_norway_as&google_push=AXcoOmTZpWfx_or6Q0NzTxZLCXc1-s_MoN0yTlL83O2kmobdslwgdhDj5DeDgmVIFQ2JptJjGiBMtgUGX7d_PoRHE3bjA5FB2O_qi7U

Request Chain 116

https://trace.mediago.io/cs/google?google_gid=CAESEE7wD27_tlitN9Bla3CG2vU&google_cver=1&google_push=AXcoOmRtsX0dtsjlSlYxqgD04WRGPFuXpl99tVqzAorQpIxKXXI8i_aN7abtJom3REy8ccUEsxFBG-SwuW5XXdlUfpGk49TCfTHLcKA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRtsX0dtsjlSlYxqgD04WRGPFuXpl99tVqzAorQpIxKXXI8i_aN7abtJom3REy8ccUEsxFBG-SwuW5XXdlUfpGk49TCfTHLcKA&google_hm=81fa84b74db46ff3131pi800lpx7jpga

Request Chain 119

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGof0sRFs7oS1nypgmOm5gs&google_cver=1&google_push=AXcoOmSmqxdhphDNElvi51Xrep2SfRYVsDEczzJ2E6vT7mR8yKscBbQgjVf1U4005bGP_HPZDTZWhcptJw3yKuGxx3-Anr5yh4qlGMQ HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmSmqxdhphDNElvi51Xrep2SfRYVsDEczzJ2E6vT7mR8yKscBbQgjVf1U4005bGP_HPZDTZWhcptJw3yKuGxx3-Anr5yh4qlGMQ&google_hm=kGNtGFk9OK0jr43okoU3gg

Request Chain 120

https://ums.acuityplatform.com/tum?umid=4&uid=CAESELBw33E6sd_00qV2yXNDq4E&google_cver=1&google_push=AXcoOmQLbsMznJWJQCt2y62-thlVRBAVKIi1moRTriIkUx_doxIPxcwLOXwhH0yyMnsRlumH5V1y0qQfYHK2huhlmVBqzrCBfJSjFBA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=862177273610&us_privacy=1---

Request Chain 121

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmTdLo7PP2I7qKwd3m869v0wjX_xvuQ7NRDPmsCKo9q5KFN-c421RcuqdyoHVw6gTlBGXJksoDvfPMI99VmCF5YW0wTEH9HIF40&google_gid=CAESEITgx6s0BMoM5IGLUadMJIM&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmTdLo7PP2I7qKwd3m869v0wjX_xvuQ7NRDPmsCKo9q5KFN-c421RcuqdyoHVw6gTlBGXJksoDvfPMI99VmCF5YW0wTEH9HIF40&google_gid=CAESEITgx6s0BMoM5IGLUadMJIM&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMDgyMjM3NDUwMDAxNDgwNTg1NTMyMw%3D%3D&google_push=AXcoOmTdLo7PP2I7qKwd3m869v0wjX_xvuQ7NRDPmsCKo9q5KFN-c421RcuqdyoHVw6gTlBGXJksoDvfPMI99VmCF5YW0wTEH9HIF40

Request Chain 123

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC5KkOGeg1P8WCxUNYZJhnM&google_cver=1&google_push=AXcoOmQ8ui25rIU18soYZaKbQlE3tMdVn63ZMTCz_ZXLCPqGk2YpkwR2ffa2X5UUR44PZAxPYisJzmckIJ4qD43RK1nn5U2jxezSiw HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEC5KkOGeg1P8WCxUNYZJhnM&google_cver=1&google_push=AXcoOmQ8ui25rIU18soYZaKbQlE3tMdVn63ZMTCz_ZXLCPqGk2YpkwR2ffa2X5UUR44PZAxPYisJzmckIJ4qD43RK1nn5U2jxezSiw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc3NTQ4MTAyNDM1OTk3MDYzMg&google_push=AXcoOmQ8ui25rIU18soYZaKbQlE3tMdVn63ZMTCz_ZXLCPqGk2YpkwR2ffa2X5UUR44PZAxPYisJzmckIJ4qD43RK1nn5U2jxezSiw

Request Chain 127

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ1MDc2NjY1NjYzNDc2NTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEFENaBjLdw-PfzPHycGTYJE&google_cver=1

Request Chain 132

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ1MDc2NjY1NjYzNDc0OTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEFENaBjLdw-PfzPHycGTYJE&google_cver=1

138 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ricowhaz.com/ 89 KB
21 KB 187ms
40ms Document
text/html 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed / PHP/8.0.26
Resource Hash: 99b7e4c438d8bf6e34928cc64ed56407b3ffd550e426fc1cf40096e5b82bc80b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 08 Dec 2023 22:37:42 GMT
etag: "32206-1701898856;br"
link: <https://ricowhaz.com/wp-json/>; rel="https://api.w.org/" <https://wp.me/7O5Yx>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-litespeed-cache: hit
x-powered-by: PHP/8.0.26

GET
H2 200 twentysixteen.css
ricowhaz.com/wp-content/plugins/jetpack/modules/theme-tools/compat/ 16 KB
3 KB 51ms
50ms Stylesheet
text/css 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-content/plugins/jetpack/modules/theme-tools/compat/twentysixteen.css?ver=12.9
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: ea31048ed21bd3fb40bb09e6d4f49792da9588b27008978c544e312036fbb8e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:42 GMT
content-encoding: br
last-modified: Tue, 05 Dec 2023 19:19:44 GMT
server: LiteSpeed
etag: "3ffb-656f77d0-6e0e305a1998099a;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2815
expires: Fri, 15 Dec 2023 22:37:42 GMT

GET
H2 200 style.min.css
ricowhaz.com/wp-includes/css/dist/block-library/ 107 KB
13 KB 52ms
51ms Stylesheet
text/css 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:42 GMT
content-encoding: br
last-modified: Wed, 08 Nov 2023 13:31:46 GMT
server: LiteSpeed
etag: "1add3-654b8dc2-45115b5f486ec6b;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Fri, 15 Dec 2023 22:37:42 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
ricowhaz.com/wp-includes/js/mediaelement/ 11 KB
2 KB 52ms
50ms Stylesheet
text/css 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:42 GMT
content-encoding: br
last-modified: Mon, 04 Oct 2021 13:31:52 GMT
server: LiteSpeed
etag: "2bf8-615b0248-97569508ffb80494;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2394
expires: Fri, 15 Dec 2023 22:37:42 GMT

GET
H2 200 wp-mediaelement.min.css
ricowhaz.com/wp-includes/js/mediaelement/ 4 KB
1 KB 53ms
51ms Stylesheet
text/css 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.4.2
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:42 GMT
content-encoding: br
last-modified: Mon, 04 Oct 2021 13:31:52 GMT
server: LiteSpeed
etag: "105a-615b0248-c78428db2d80804;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 982
expires: Fri, 15 Dec 2023 22:37:42 GMT

GET
H2 200 merriweather-plus-montserrat-plus-inconsolata.css
ricowhaz.com/wp-content/themes/twentysixteen/fonts/ 19 KB
1 KB 66ms
64ms Stylesheet
text/css 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: 71adc15350145604f7a2794da7be297e14345f3fb31c4ea37c8a97e5e0b2ccd0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:42 GMT
content-encoding: br
last-modified: Wed, 27 Sep 2023 19:04:26 GMT
server: LiteSpeed
etag: "4b81-65147cba-a3be34e9601de098;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1052
expires: Fri, 15 Dec 2023 22:37:42 GMT

GET
H2 200 genericons.css
ricowhaz.com/wp-content/plugins/jetpack/_inc/genericons/genericons/ 28 KB
16 KB 66ms
65ms Stylesheet
text/css 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: 4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:42 GMT
content-encoding: br
last-modified: Tue, 05 Dec 2023 19:19:42 GMT
server: LiteSpeed
etag: "6e6a-656f77ce-b53ab62f115975c7;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 15970
expires: Fri, 15 Dec 2023 22:37:42 GMT

GET
H2 200 style.css
ricowhaz.com/wp-content/themes/twentysixteen/ 69 KB
13 KB 67ms
66ms Stylesheet
text/css 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-content/themes/twentysixteen/style.css?ver=20230328
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: 0c1808af7c4fd6303086de89cb0a5cab2b4ab5613fd0bb51149b52f5ecd04966

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:42 GMT
content-encoding: br
last-modified: Wed, 27 Sep 2023 19:04:26 GMT
server: LiteSpeed
etag: "114fd-65147cba-d87f5a273435e0d1;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12758
expires: Fri, 15 Dec 2023 22:37:42 GMT

GET
H2 200 blocks.css
ricowhaz.com/wp-content/themes/twentysixteen/css/ 9 KB
2 KB 67ms
66ms Stylesheet
text/css 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-content/themes/twentysixteen/css/blocks.css?ver=20230206
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: 2d7599e7355f74647511d36b0790e74fa070e990eb6e7dbe9086bbdc28c74e67

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:42 GMT
content-encoding: br
last-modified: Wed, 27 Sep 2023 19:04:26 GMT
server: LiteSpeed
etag: "233f-65147cba-556f00c02a36ae8f;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1806
expires: Fri, 15 Dec 2023 22:37:42 GMT

GET
H2 200 jetpack.css
ricowhaz.com/wp-content/plugins/jetpack/css/ 99 KB
17 KB 67ms
67ms Stylesheet
text/css 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-content/plugins/jetpack/css/jetpack.css?ver=12.9
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: 6a360e4e3e7c65709b0ffefc54e4f116ea6d8c9909e68ff4578284ebaf07c5f1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:42 GMT
content-encoding: br
last-modified: Tue, 05 Dec 2023 19:19:39 GMT
server: LiteSpeed
etag: "18cea-656f77cb-cef002332e5c5d61;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 17524
expires: Fri, 15 Dec 2023 22:37:42 GMT

GET
H2 200 jquery.min.js Show response
ricowhaz.com/wp-includes/js/jquery/ 86 KB
29 KB 67ms
67ms Script
application/javascript 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:42 GMT
content-encoding: br
last-modified: Wed, 08 Nov 2023 13:31:49 GMT
server: LiteSpeed
etag: "15601-654b8dc5-eafd170bae6b21dd;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Fri, 15 Dec 2023 22:37:42 GMT

GET
H2 200 jquery-migrate.min.js Show response
ricowhaz.com/wp-includes/js/jquery/ 13 KB
5 KB 108ms
107ms Script
application/javascript 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:42 GMT
content-encoding: br
last-modified: Wed, 27 Sep 2023 17:13:16 GMT
server: LiteSpeed
etag: "3509-651462ac-1f19416e4ebe8375;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Fri, 15 Dec 2023 22:37:42 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
52 KB 126ms
59ms Script
text/javascript 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ricowhaz.com
URL: https://ricowhaz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19d672c21b32590927c2dd1d5591281e6b40e1586a0568db3d5e0f3c8304cd89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52581
x-xss-protection: 0
server: cafe
etag: 7391026856593615691
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 22:37:43 GMT

GET
H2 200 acaedd2e4bfb5244e6e86749f5131a68
secure.gravatar.com/avatar/ 1 KB
1 KB 31ms
29ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/acaedd2e4bfb5244e6e86749f5131a68?s=49&d=mm&r=g
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 06f880720e7ad1208cc5dd7e3555ef2d0639196d01b4dfea9663436a02464b28

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Fri, 08 Dec 2023 22:37:43 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="acaedd2e4bfb5244e6e86749f5131a68.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/acaedd2e4bfb5244e6e86749f5131a68?s=49&d=mm&r=g>; rel="canonical"
content-length: 1091
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 22:42:43 GMT

GET
H2 200 image-cdn.js Show response
ricowhaz.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/ 701 B
417 B 108ms
107ms Script
application/javascript 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: 27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:42 GMT
content-encoding: br
last-modified: Tue, 05 Dec 2023 19:19:42 GMT
server: LiteSpeed
etag: "2bd-656f77ce-db8d371ca139b02b;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 330
expires: Fri, 15 Dec 2023 22:37:42 GMT

GET
H2 200 gprofiles.js Show response
secure.gravatar.com/js/ 13 KB
5 KB 97ms
29ms Script
application/javascript 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.gravatar.com/js/gprofiles.js?ver=202349

Requested by

Host: ricowhaz.com
URL: https://ricowhaz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

131f6b765e798866d728f95661b78bbf269c86482ffff0fa8c08e18a1a65cc89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:42 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
last-modified: Tue, 28 Nov 2023 13:47:28 GMT
server: nginx
etag: W/"6565ef70-329d"
content-type: application/javascript
cache-control: max-age=604800
alt-svc: h3=":443"; ma=86400
expires: Fri, 15 Dec 2023 22:37:42 GMT

GET
H2 200 wpgroho.js Show response
ricowhaz.com/wp-content/plugins/jetpack/modules/ 2 KB
794 B 35ms
34ms Script
application/javascript 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-content/plugins/jetpack/modules/wpgroho.js?ver=12.9
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: ccd911729403decd6e3b74702fdc4d2c1b1e3ecf35a147f7e5373669932cc708

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:42 GMT
content-encoding: br
last-modified: Tue, 05 Dec 2023 19:19:44 GMT
server: LiteSpeed
etag: "7a1-656f77d0-9ebd0367a15baa7f;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 731
expires: Fri, 15 Dec 2023 22:37:42 GMT

GET
H2 200 skip-link-focus-fix.js Show response
ricowhaz.com/wp-content/themes/twentysixteen/js/ 1 KB
588 B 31ms
31ms Script
application/javascript 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-content/themes/twentysixteen/js/skip-link-focus-fix.js?ver=20170530
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: 6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:43 GMT
content-encoding: br
last-modified: Wed, 27 Sep 2023 19:04:26 GMT
server: LiteSpeed
etag: "423-65147cba-c70068c3f5c14abd;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 477
expires: Fri, 15 Dec 2023 22:37:43 GMT

GET
H2 200 functions.js Show response
ricowhaz.com/wp-content/themes/twentysixteen/js/ 7 KB
2 KB 35ms
32ms Script
application/javascript 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-content/themes/twentysixteen/js/functions.js?ver=20211130
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: fe4725d967cdafe16e972f934768dd5794a931d2e16f10a19a3e681f4afad7eb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:43 GMT
content-encoding: br
last-modified: Wed, 27 Sep 2023 19:04:26 GMT
server: LiteSpeed
etag: "1ca1-65147cba-be8e6e774a200797;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1906
expires: Fri, 15 Dec 2023 22:37:43 GMT

GET
H2 200 e-202349.js Show response
stats.wp.com/ 7 KB
3 KB 83ms
26ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202349.js
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT jfk
date: Fri, 08 Dec 2023 22:37:43 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1695421998473.3982
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 02 Dec 2024 06:26:27 GMT

GET
H2 200 jetpack-carousel.min.js Show response
ricowhaz.com/wp-content/plugins/jetpack/_inc/build/carousel/ 24 KB
7 KB 35ms
33ms Script
application/javascript 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-content/plugins/jetpack/_inc/build/carousel/jetpack-carousel.min.js?ver=12.9
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: 0200bc38d986631f9cc4680084d7d263ccf17fa4a3c627b26ff347e0cfcf1d47

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:43 GMT
content-encoding: br
last-modified: Tue, 05 Dec 2023 19:19:41 GMT
server: LiteSpeed
etag: "5e2d-656f77cd-7b60c8ec8d72d4c8;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7038
expires: Fri, 15 Dec 2023 22:37:43 GMT

GET
BLOB 200
OK 8d61d001-5a31-4075-b9a9-e4ad8cd8d7ff
https://ricowhaz.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ricowhaz.com/8d61d001-5a31-4075-b9a9-e4ad8cd8d7ff
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 montserrat-latin-700-normal.woff2
ricowhaz.com/wp-content/themes/twentysixteen/fonts/montserrat/ 13 KB
13 KB 35ms
33ms Font
font/woff2 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-content/themes/twentysixteen/fonts/montserrat/montserrat-latin-700-normal.woff2?ver=25
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da

Request headers

Referer: https://ricowhaz.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Origin: https://ricowhaz.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:43 GMT
last-modified: Wed, 27 Sep 2023 19:04:26 GMT
server: LiteSpeed
etag: "3230-65147cba-b4ff6f4ce5094832;;;"
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12848
expires: Fri, 15 Dec 2023 22:37:43 GMT

GET
H2 200 merriweather-latin-400-normal.woff2
ricowhaz.com/wp-content/themes/twentysixteen/fonts/merriweather/ 20 KB
20 KB 36ms
34ms Font
font/woff2 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-content/themes/twentysixteen/fonts/merriweather/merriweather-latin-400-normal.woff2?ver=30
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: 5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Request headers

Referer: https://ricowhaz.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Origin: https://ricowhaz.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:43 GMT
last-modified: Wed, 27 Sep 2023 19:04:26 GMT
server: LiteSpeed
etag: "4e3c-65147cba-d5f4c55e50777741;;;"
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 20028
expires: Fri, 15 Dec 2023 22:37:43 GMT

GET
H2 200 merriweather-latin-700-italic.woff2
ricowhaz.com/wp-content/themes/twentysixteen/fonts/merriweather/ 19 KB
20 KB 37ms
35ms Font
font/woff2 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-content/themes/twentysixteen/fonts/merriweather/merriweather-latin-700-italic.woff2?ver=30
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: 3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46

Request headers

Referer: https://ricowhaz.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Origin: https://ricowhaz.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:43 GMT
last-modified: Wed, 27 Sep 2023 19:04:26 GMT
server: LiteSpeed
etag: "4dbc-65147cba-1a6300e0c6fde343;;;"
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 19900
expires: Fri, 15 Dec 2023 22:37:43 GMT

GET
H2 200 merriweather-latin-700-normal.woff2
ricowhaz.com/wp-content/themes/twentysixteen/fonts/merriweather/ 19 KB
19 KB 38ms
37ms Font
font/woff2 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-content/themes/twentysixteen/fonts/merriweather/merriweather-latin-700-normal.woff2?ver=30
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: 273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Request headers

Referer: https://ricowhaz.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Origin: https://ricowhaz.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:43 GMT
last-modified: Wed, 27 Sep 2023 19:04:26 GMT
server: LiteSpeed
etag: "4d1c-65147cba-17fb8ea83aca5b4;;;"
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 19740
expires: Fri, 15 Dec 2023 22:37:43 GMT

GET
H2 200 montserrat-latin-400-normal.woff2
ricowhaz.com/wp-content/themes/twentysixteen/fonts/montserrat/ 12 KB
12 KB 39ms
38ms Font
font/woff2 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-content/themes/twentysixteen/fonts/montserrat/montserrat-latin-400-normal.woff2?ver=25
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Request headers

Referer: https://ricowhaz.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Origin: https://ricowhaz.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:43 GMT
last-modified: Wed, 27 Sep 2023 19:04:26 GMT
server: LiteSpeed
etag: "31a4-65147cba-3cba8a9af0abf0ce;;;"
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12708
expires: Fri, 15 Dec 2023 22:37:43 GMT

GET
H2 200 merriweather-latin-400-italic.woff2
ricowhaz.com/wp-content/themes/twentysixteen/fonts/merriweather/ 19 KB
19 KB 39ms
38ms Font
font/woff2 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-content/themes/twentysixteen/fonts/merriweather/merriweather-latin-400-italic.woff2?ver=30
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: 499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4

Request headers

Referer: https://ricowhaz.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Origin: https://ricowhaz.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:43 GMT
last-modified: Wed, 27 Sep 2023 19:04:26 GMT
server: LiteSpeed
etag: "4d44-65147cba-87d4fa97c54ef7c3;;;"
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 19780
expires: Fri, 15 Dec 2023 22:37:43 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://ricowhaz.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 g.gif
pixel.wp.com/ 50 B
153 B 28ms
26ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=115373725&post=0&tz=-5&srv=ricowhaz.com&j=1%3A12.9&host=ricowhaz.com&ref=&fcp=423&rand=0.5402046471768398
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 08 Dec 2023 22:37:43 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 wp-emoji-release.min.js Show response
ricowhaz.com/wp-includes/js/ 18 KB
5 KB 32ms
30ms Script
application/javascript 67.213.82.10
AS40028

General

Check archive.org

Show headers Download Go to

Full URL: https://ricowhaz.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.213.82.10 Toronto, Canada, ASN40028 (AS40028, CA),
Reverse DNS: buy1.baseservers.com
Software: LiteSpeed /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:43 GMT
content-encoding: br
last-modified: Wed, 27 Sep 2023 17:13:16 GMT
server: LiteSpeed
etag: "4904-651462ac-825b798be276ddbc;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Fri, 15 Dec 2023 22:37:43 GMT

GET
H2 200 hovercards.min.css
0.gravatar.com/js/hovercards/ 3 KB
1021 B 33ms
30ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://0.gravatar.com/js/hovercards/hovercards.min.css

Requested by

Host: secure.gravatar.com
URL: https://secure.gravatar.com/js/gprofiles.js?ver=202349

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2bca0dae15027898dd6a7536d5b041014f928fbc60d9ce04dd2fa4c5d37d36ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:43 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
last-modified: Wed, 11 Oct 2023 03:50:13 GMT
server: nginx
etag: W/"65261b75-d5d"
content-type: text/css
cache-control: max-age=604800
expires: Fri, 15 Dec 2023 22:37:43 GMT

GET
H2 404 remove-ilo-license.jpg
i0.wp.com/it.ricowhaz.com/wp-content/uploads/2017/01/ 65 B
65 B 188ms
136ms Image
text/html 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.wp.com/it.ricowhaz.com/wp-content/uploads/2017/01/remove-ilo-license.jpg?resize=511%2C412
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: i0.wp.com
Software: nginx /
Resource Hash: 3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: EXPIRED yyz 2
date: Fri, 08 Dec 2023 22:37:43 GMT
server: nginx
alt-svc: h3=":443"; ma=86400
content-type: text/html; charset=utf-8

GET
H2 404 diskmgr.jpg
i0.wp.com/it.ricowhaz.com/wp-content/uploads/2016/10/ 65 B
65 B 201ms
150ms Image
text/html 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.wp.com/it.ricowhaz.com/wp-content/uploads/2016/10/diskmgr.jpg?resize=840%2C211
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: i0.wp.com
Software: nginx /
Resource Hash: 3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: EXPIRED yyz 4
date: Fri, 08 Dec 2023 22:37:43 GMT
server: nginx
alt-svc: h3=":443"; ma=86400
content-type: text/html; charset=utf-8

GET
H2 404 diskpart.jpg
i0.wp.com/it.ricowhaz.com/wp-content/uploads/2016/10/ 65 B
65 B 224ms
173ms Image
text/html 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.wp.com/it.ricowhaz.com/wp-content/uploads/2016/10/diskpart.jpg?resize=510%2C414
Requested by: Host: ricowhaz.com
URL: https://ricowhaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: i0.wp.com
Software: nginx /
Resource Hash: 3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: EXPIRED yyz 3
date: Fri, 08 Dec 2023 22:37:43 GMT
server: nginx
alt-svc: h3=":443"; ma=86400
content-type: text/html; charset=utf-8

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 398 KB
135 KB 83ms
82ms Script
text/javascript 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

978525ae6f34a85df703fb41fbdee04410501cb8373ab3c36a9b878f3f7885da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137691
x-xss-protection: 0
server: cafe
etag: 5748676322443177782
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 22:37:43 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame 7B20 9 KB
4 KB 97ms
32ms Document
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ricowhaz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 27160
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 15:05:03 GMT
etag: 5585625838579639069
expires: Fri, 22 Dec 2023 15:05:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6DB4 8 KB
1 KB 213ms
212ms Document
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&adk=1812271804&adf=3025194257&lmt=1702075063&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063197&bpp=14&bdt=345&idt=163&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2605771768445&frm=20&pv=2&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=183

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa5a48e7c051389fce888904d5a43aa682dfaa77acd87653d9de8c8f69504b5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ricowhaz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 1247
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 22:37:43 GMT
expires: Fri, 08 Dec 2023 22:37:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6C81 119 KB
40 KB 941ms
941ms Document
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=3363353524&adf=2437083605&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702075063&rafmt=1&to=qs&pwprc=5754973339&format=1200x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063212&bpp=2&bdt=360&idt=171&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=175

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f74a35653bc79d385a51d150163066c13d508bfdfb908135d102c43453d797a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ricowhaz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40581
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 22:37:44 GMT
expires: Fri, 08 Dec 2023 22:37:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9E62 60 KB
22 KB 802ms
802ms Document
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=2838257118&adf=3369603303&pi=t.aa~a.248616470~i.7~rp.4&w=600&fwrn=4&fwrnh=100&lmt=1702075063&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5754973339&ad_type=text_image&format=600x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rh=150&rw=600&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063633&bpp=2&bdt=781&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=26

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ed676f60e961d956fff02632005161932c3cc91f72b66f3e2291309ab535469

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ricowhaz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 22105
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 22:37:44 GMT
expires: Fri, 08 Dec 2023 22:37:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1AF9 121 KB
42 KB 802ms
802ms Document
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=1148830916&adf=1508840718&pi=t.aa~a.3193222342~i.3~rp.4&w=600&fwrn=4&fwrnh=100&lmt=1702075063&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5754973339&ad_type=text_image&format=600x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rh=150&rw=600&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063633&bpp=1&bdt=782&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C600x280&nras=4&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3221&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=53

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d8b0ba42600e76576ac44e67091d73690998875705168d6dcbb5c6a85f1ee99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ricowhaz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42841
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 22:37:44 GMT
expires: Fri, 08 Dec 2023 22:37:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 631F 60 KB
22 KB 721ms
720ms Document
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=2341355190&adf=4244749459&pi=t.aa~a.1085383348~i.3~rp.4&w=600&fwrn=4&fwrnh=100&lmt=1702075063&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5754973339&ad_type=text_image&format=600x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rh=150&rw=600&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063633&bpp=1&bdt=782&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C600x280%2C600x280&nras=5&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=4292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=58

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9c42acf5d046b720ec9b5dc527e793f042b99ddf5c53481d6913c9e6766472f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ricowhaz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 22121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 22:37:44 GMT
expires: Fri, 08 Dec 2023 22:37:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 6C81 4 KB
1 KB 110ms
43ms Stylesheet
text/css 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=3363353524&adf=2437083605&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702075063&rafmt=1&to=qs&pwprc=5754973339&format=1200x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063212&bpp=2&bdt=360&idt=171&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=175

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Dec 2023 22:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 21:18:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Dec 2023 22:37:44 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 6C81 2 KB
875 B 156ms
88ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:38:26 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8190550685389962312/ Frame 6C81 62 KB
63 KB 177ms
112ms Image
image/jpeg 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8190550685389962312/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

423ac55116af784f0c6dabea78e1c0eeef4dfab2b3cda806ad68908b45f420ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:44 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63912
x-xss-protection: 0
last-modified: Thu, 09 Feb 2023 13:47:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Dec 2024 22:37:44 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15652676048262168485/ Frame 6C81 4 KB
5 KB 151ms
87ms Image
image/png 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15652676048262168485/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c32906775261693700b234cb6101b26f1af2f3649d2b6f1779e89a116b6a8d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 15:08:10 GMT
x-content-type-options: nosniff
age: 26974
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4281
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 09:36:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Dec 2024 15:08:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 6C81 24 KB
9 KB 141ms
89ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:41:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28549
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:41:55 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 6C81 3 KB
1 KB 162ms
110ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:38:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:38:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 6C81 20 KB
9 KB 89ms
38ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:38:26 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6C81 202 KB
64 KB 123ms
49ms Script
text/javascript 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 22:37:44 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 6C81 37 KB
16 KB 113ms
38ms Script
text/javascript 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 04:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 18:02:52 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 5571 94 KB
36 KB 327ms
236ms Script
text/javascript 23.50.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV&ydspr=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=2341355190&adf=4244749459&pi=t.aa~a.1085383348~i.3~rp.4&w=600&fwrn=4&fwrnh=100&lmt=1702075063&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5754973339&ad_type=text_image&format=600x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rh=150&rw=600&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063633&bpp=1&bdt=782&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C600x280%2C600x280&nras=5&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=4292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=58

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.124.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-50-124-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f0c7d1f2446218e74dd367a7f5269c518851e001f9e94f5d472c1456196d6625

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-mnt-h: 21-g4dd
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 08 Dec 2023 22:37:44 GMT
server: Apache
etag: "10187cc0871d09a78548d4cbd3149ca0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-s1v0
timing-allow-origin: *
content-length: 36444
expires: Fri, 08 Dec 2023 22:42:44 GMT

GET
H2 200 release-20231121-135-adperformance.js Show response
warp.media.net/rtb/resources/ Frame 5571 72 KB
25 KB 174ms
84ms Script
application/javascript 23.46.192.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.46.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-46-192-28.deploy.static.akamaitechnologies.com

Software

UploadServer /

Resource Hash

1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Fri, 08 Dec 2023 22:37:44 GMT
x-guploader-uploadid: ABPtcPo5Vei9sOmLBvFL0QA5JkYOIs0tPNaY2-23OajAozrU4-eg8mIO0T8S57pTPcV0tQ1h8nY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25147
server: UploadServer
etag: "841dabce0b477a93d9cf7379b9eb1368"
vary: Accept-Encoding
x-goog-hash: md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type: application/javascript
x-goog-generation: 1700562102250666
cache-control: max-age=3600
x-goog-stored-content-length: 73447
expires: Fri, 08 Dec 2023 23:37:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 5571 3 KB
1 KB 83ms
77ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:38:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:38:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 5571 20 KB
8 KB 80ms
78ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:38:26 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5571 0
0 127ms
55ms Image
text/html 2607:f8b0:4004:c08::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQySituR4ApOnxb6iYhbYrlB4pnk96RhzLbAUeriN-X8jH0YSuNKtNYeq3AT6ECQYxxa9GcdM7afEZ4wAzP-HxATNRldg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=2341355190&adf=4244749459&pi=t.aa~a.1085383348~i.3~rp.4&w=600&fwrn=4&fwrnh=100&lmt=1702075063&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5754973339&ad_type=text_image&format=600x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rh=150&rw=600&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063633&bpp=1&bdt=782&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C600x280%2C600x280&nras=5&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=4292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=58
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::93 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5571 202 KB
64 KB 99ms
98ms Script
text/javascript 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 22:37:44 GMT

GET
DATA 200
OK truncated
/ Frame 6C81 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28b46e0ed76b73d58ac8278f8dc7465e03cdaf042cbc317a70e19d1789de0d12

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 1AF9 4 KB
728 B 49ms
41ms Stylesheet
text/css 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=1148830916&adf=1508840718&pi=t.aa~a.3193222342~i.3~rp.4&w=600&fwrn=4&fwrnh=100&lmt=1702075063&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5754973339&ad_type=text_image&format=600x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rh=150&rw=600&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063633&bpp=1&bdt=782&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C600x280&nras=4&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3221&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=53

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Dec 2023 22:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 21:22:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Dec 2023 22:37:44 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 1AF9 2 KB
856 B 108ms
102ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:38:26 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 1AF9 24 KB
9 KB 97ms
96ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:41:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28549
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:41:55 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 1AF9 3 KB
1 KB 122ms
122ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:38:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:38:01 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 26A8 1 KB
643 B 42ms
40ms Document
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 15090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 18:26:14 GMT
etag: 48472445140208031
expires: Sat, 09 Dec 2023 18:26:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 17106217445752708380
tpc.googlesyndication.com/simgad/ Frame 1AF9 5 KB
5 KB 54ms
51ms Image
image/png 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17106217445752708380?w=200&h=200&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f8e1a44db01d5d0ef50947f7779701495c4f51554c1911de7374eee18df1b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:44 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5138
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 16:09:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Dec 2024 22:37:44 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11872426425992973613/ Frame 1AF9 130 KB
130 KB 58ms
52ms Image
image/jpeg 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11872426425992973613/14763004658117789537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3be06c88f0d9c1b7838be8272c3139ed1872603f93104c59dd7f28fddec9257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:14:57 GMT
x-content-type-options: nosniff
age: 8567
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133313
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 16:10:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Dec 2024 20:14:57 GMT

GET
DATA 200
OK truncated
/ Frame 1AF9 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 5E6C 94 KB
36 KB 165ms
153ms Script
text/javascript 23.50.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV&ydspr=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=2838257118&adf=3369603303&pi=t.aa~a.248616470~i.7~rp.4&w=600&fwrn=4&fwrnh=100&lmt=1702075063&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5754973339&ad_type=text_image&format=600x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rh=150&rw=600&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063633&bpp=2&bdt=781&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=26

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.124.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-50-124-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

54d886e7ac2735001e6b39bdfd2bd67691f3ff1ac70b8fb4e5560de00722ad47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-mnt-h: 21-g4dd
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 08 Dec 2023 22:37:44 GMT
server: Apache
etag: "021305ab3848ac116a1fac3e05fe8c77"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-s1v0
timing-allow-origin: *
content-length: 36444
expires: Fri, 08 Dec 2023 22:42:44 GMT

GET
H2 200 release-20231121-135-adperformance.js Show response
warp.media.net/rtb/resources/ Frame 5E6C 72 KB
25 KB 52ms
42ms Script
application/javascript 23.46.192.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.46.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-46-192-28.deploy.static.akamaitechnologies.com

Software

UploadServer /

Resource Hash

1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Fri, 08 Dec 2023 22:37:44 GMT
x-guploader-uploadid: ABPtcPo5Vei9sOmLBvFL0QA5JkYOIs0tPNaY2-23OajAozrU4-eg8mIO0T8S57pTPcV0tQ1h8nY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25147
server: UploadServer
etag: "841dabce0b477a93d9cf7379b9eb1368"
vary: Accept-Encoding
x-goog-hash: md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type: application/javascript
x-goog-generation: 1700562102250666
cache-control: max-age=3600
x-goog-stored-content-length: 73447
expires: Fri, 08 Dec 2023 23:37:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 5E6C 3 KB
1 KB 88ms
82ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:38:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:38:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 5E6C 20 KB
8 KB 45ms
39ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:38:26 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5E6C 0
0 62ms
53ms Image
text/html 2607:f8b0:4004:c08::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSX9iMsRSCghQxrj-Hyf2uviibLyEmClGafxeYKaZ2REPTGjrJuhAGTnJJuopiagCVOiNyxjIi_oTqIG7B1jhtb2d6kGQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=2838257118&adf=3369603303&pi=t.aa~a.248616470~i.7~rp.4&w=600&fwrn=4&fwrnh=100&lmt=1702075063&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5754973339&ad_type=text_image&format=600x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rh=150&rw=600&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063633&bpp=2&bdt=781&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::93 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E6C 202 KB
64 KB 63ms
56ms Script
text/javascript 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 22:37:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 1AF9 20 KB
8 KB 49ms
48ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:38:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 1AF9 3 KB
1 KB 79ms
78ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:38:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:38:01 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1AF9 0
0 46ms
44ms Image
text/html 2607:f8b0:4004:c08::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9ZP-toMkA0VqZK8d_4V0su1zKxKMZJlnXx1RWHUYdm6WbhkFP6vrXkgFZWTx-pw0OXZLhKJJBqmRibjhr89_QW-7TwQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=1148830916&adf=1508840718&pi=t.aa~a.3193222342~i.3~rp.4&w=600&fwrn=4&fwrnh=100&lmt=1702075063&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5754973339&ad_type=text_image&format=600x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rh=150&rw=600&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063633&bpp=1&bdt=782&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C600x280&nras=4&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3221&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=53
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::93 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1AF9 202 KB
64 KB 100ms
98ms Script
text/javascript 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 22:37:44 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 1AF9 37 KB
15 KB 37ms
36ms Script
text/javascript 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 04:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 18:02:52 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 26A8 35 B
465 B 131ms
36ms Image
image/gif 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECqEtYHA3SWEuUBnyfNdkC4&google_cver=1&google_push=AXcoOmTAOarBjyR0AqIxTCGo4dLTeauYRvmSEs2vKd4Z6Hs3Aek8MAvyfdnotVng9WkeJtcqb5vsi_lj59N4nqGfEbT1abvlY7cHbA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 26A8
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDqKLnHknc4TYx9DC9eijRs&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDqKLnHknc4TYx9DC9eijRs&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eUNLallMODYxUmJKdEQ1&google_gid=CAESEDqKLnHknc4TYx9DC9eijRs&google_cver=1&google_push=AXcoOmQbFoyqWpLBNAKIdJTaiphbGEDD-Y9AKoULRJmMTTR...

170 B
188 B

51ms
51ms

Image
image/png

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eUNLallMODYxUmJKdEQ1&google_gid=CAESEDqKLnHknc4TYx9DC9eijRs&google_cver=1&google_push=AXcoOmQbFoyqWpLBNAKIdJTaiphbGEDD-Y9AKoULRJmMTTRQNFXVvZXLjLFfr-MZumuFY2156lvmUA2aTDON4mGaN0pMppo7dr8PqS8

Requested by

Protocol

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 22:37:44 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-017eaf6b196bd98a1@us-east-1e@dxedge-app-us-east-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eUNLallMODYxUmJKdEQ1&google_gid=CAESEDqKLnHknc4TYx9DC9eijRs&google_cver=1&google_push=AXcoOmQbFoyqWpLBNAKIdJTaiphbGEDD-Y9AKoULRJmMTTRQNFXVvZXLjLFfr-MZumuFY2156lvmUA2aTDON4mGaN0pMppo7dr8PqS8
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 26A8
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMPozBKXlpH8nsFRpzSS_o4&google_cver=1&google_push=AXcoOmSrjN-gWsaqpA8xf3itufK5G-jlt9QL2zN1SOUxpTdfDVS9JT3jJCubcHCTbPcH1160h1TUtx45cpMajX-FRiL_GBc6KMjmK...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMPozBKXlpH8nsFRpzSS_o4&google_cver=1&google_push=AXcoOmSrjN-gWsaqpA8xf3itufK5G-jlt9QL2zN1SOUxpTdfDVS9JT3jJCubcHCTbPcH1160h1TUtx45cpMajX-FRiL_GBc6KMj...

43 B
418 B

120ms
106ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMPozBKXlpH8nsFRpzSS_o4&google_cver=1&google_push=AXcoOmSrjN-gWsaqpA8xf3itufK5G-jlt9QL2zN1SOUxpTdfDVS9JT3jJCubcHCTbPcH1160h1TUtx45cpMajX-FRiL_GBc6KMjmKg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSrjN-gWsaqpA8xf3itufK5G-jlt9QL2zN1SOUxpTdfDVS9JT3jJCubcHCTbPcH1160h1TUtx45cpMajX-FRiL_GBc6KMjmKg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=1148830916&adf=1508840718&pi=t.aa~a.3193222342~i.3~rp.4&w=600&fwrn=4&fwrnh=100&lmt=1702075063&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5754973339&ad_type=text_image&format=600x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rh=150&rw=600&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063633&bpp=1&bdt=782&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C600x280&nras=4&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=3221&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=53
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 83287ea518014bc6-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1769
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMPozBKXlpH8nsFRpzSS_o4&google_cver=1&google_push=AXcoOmSrjN-gWsaqpA8xf3itufK5G-jlt9QL2zN1SOUxpTdfDVS9JT3jJCubcHCTbPcH1160h1TUtx45cpMajX-FRiL_GBc6KMjmKg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSrjN-gWsaqpA8xf3itufK5G-jlt9QL2zN1SOUxpTdfDVS9JT3jJCubcHCTbPcH1160h1TUtx45cpMajX-FRiL_GBc6KMjmKg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 83287ea40fa34bc6-BUF
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 26A8
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKwAw_Vajtk3ocqlFpaf7CE&google_cver=1&google_push=AXcoOmQhTdOvKh9grmddgbxJNFsOCulC_QnvLZ0bisV62yLk_yTwZi9YOLWmwpnbORcP4RRL9CJjTWUJtM6jqHzggl...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEKwAw_Vajtk3ocqlFpaf7CE&google_cver=1&google_push=AXcoOmQhTdOvKh9grmddgbxJNFsOCulC_QnvLZ0bisV62yLk_yTwZi9YOLWmwpnbORcP4RRL9CJjTWUJtM6jqHzggl...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTBhM2ExMWEtMTA4My00ZGYwLThjNDItNjdmN2MxNzU5MmI5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e0a3a11a-1083-4df0-8c42-67f7c17592b9

170 B
188 B

51ms
50ms

Image
image/png

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTBhM2ExMWEtMTA4My00ZGYwLThjNDItNjdmN2MxNzU5MmI5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e0a3a11a-1083-4df0-8c42-67f7c17592b9

Requested by

Protocol

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTBhM2ExMWEtMTA4My00ZGYwLThjNDItNjdmN2MxNzU5MmI5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e0a3a11a-1083-4df0-8c42-67f7c17592b9
date: Fri, 08 Dec 2023 22:37:45 GMT
server: Kestrel
content-length: 423

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 26A8
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF_1nV-bytGfPJmE5zjYe5k&google_cver=1&google_push=AXcoOmSXOGRIe8Xb_RLBGfMAv9GwDRtYWQCD80iowcyWYAoF1hPvJDuTcsBOlofS0vQy74ytxwwHtmKSTaZYHuQ8lwjhpf3...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSXOGRIe8Xb_RLBGfMAv9GwDRtYWQCD80iowcyWYAoF1hPvJDuTcsBOlofS0vQy74ytxwwHtmKSTaZYHuQ8lwjhpf3l_8cFPg&google_hm=eS1Td1VDR3FCRTJwRnBv...

170 B
329 B

48ms
46ms

Image
image/png

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSXOGRIe8Xb_RLBGfMAv9GwDRtYWQCD80iowcyWYAoF1hPvJDuTcsBOlofS0vQy74ytxwwHtmKSTaZYHuQ8lwjhpf3l_8cFPg&google_hm=eS1Td1VDR3FCRTJwRnBvVzROWEM1UXpOaHdjN0JaeUVnT35B

Requested by

Protocol

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Dec 2023 22:37:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSXOGRIe8Xb_RLBGfMAv9GwDRtYWQCD80iowcyWYAoF1hPvJDuTcsBOlofS0vQy74ytxwwHtmKSTaZYHuQ8lwjhpf3l_8cFPg&google_hm=eS1Td1VDR3FCRTJwRnBvVzROWEM1UXpOaHdjN0JaeUVnT35B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 26A8 43 B
363 B 111ms
32ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSM2Z3hfKmXLo3zdwE6yLnIS7AfiH1PHg7bKVp6nK8yuaw7EgjwOGhSDlDvwVzFqPVyKNG-CrmI9KOyJz_ZLRjg92It_t8KrA&google_gid=CAESEEQTMN_6yjbLWFM2usqUGrk&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:44 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 291692
expires: Fri, 08 Dec 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 26A8
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEDQHeWQsY3ai_SsbmwxTnFk&google_cver=1&google_push=AXcoOmToY_LBHvO3BJaNvaaMFrC7F6IFPgR9UjAktmbKt26_0MTGGpAZY2vRo0mLzWqEG9bimiyKz85vXmvJrtLGiFAHWxGuk...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmToY_LBHvO3BJaNvaaMFrC7F6IFPgR9UjAktmbKt26_0MTGGpAZY2vRo0mLzWqEG9bimiyKz85vXmvJrtLGiFAHWxGukQhSsNUr&google_hm=81fa84b74d...

170 B
232 B

57ms
56ms

Image
image/png

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmToY_LBHvO3BJaNvaaMFrC7F6IFPgR9UjAktmbKt26_0MTGGpAZY2vRo0mLzWqEG9bimiyKz85vXmvJrtLGiFAHWxGukQhSsNUr&google_hm=81fa84b74db46ff3131pi800lpx7jpga

Requested by

Protocol

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmToY_LBHvO3BJaNvaaMFrC7F6IFPgR9UjAktmbKt26_0MTGGpAZY2vRo0mLzWqEG9bimiyKz85vXmvJrtLGiFAHWxGukQhSsNUr&google_hm=81fa84b74db46ff3131pi800lpx7jpga
date: Fri, 08 Dec 2023 22:37:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
content-type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 26A8 0
139 B 136ms
46ms Image
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K9C-l8RXoChowKat92AbcPUduPIj2PpK6r4lwfVPxkFFB9YYR7TJAItMoLGzC0JCkf_piO2g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6C81 16 KB
16 KB 120ms
42ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:00:53 GMT
x-content-type-options: nosniff
age: 221811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 09:00:53 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6C81 15 KB
16 KB 100ms
34ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:11:26 GMT
x-content-type-options: nosniff
age: 221178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 09:11:26 GMT

GET
H2 200 SAFEFRAME.html Show response
contextual.media.net/sr/2722522032/ Frame B9F4 75 KB
30 KB 310ms
309ms Document
text/html 23.50.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2792&&kkdd=*9%7Ch%7C3un*H9A&J1=QyiCiyXi_YCCiQCyXQX&!acP=i&tOc6=i&WaJ=QQC*&4OWF=vhYQ&W1a=-KRXLrQUo&WcWa=(hF*qV89GQewRs!9Sja(1Z%3D%3D&WP1a=yyC-C-_hy&O1GF=hh_9C-i&WW=R7&OW=Ev&W(wt=OttTt1!P6415wT4FO4&c1a=-UurY8C-n&4c1a=eQeXedu&(44cO=Q&PPP=4GLx(vWkxvTVriryjCZta07ehUJCsZ!4&wOF=X&kZ=Q&0!a=Y&6a4Q=-KRQ7nDYh&6a4C=hhy_*QXh-&qa646=OaC%3Dw0kkl10PkTk%3DQil5!FPct%3Di~C_la5tTq%3Di~y_lOWa%3DwVlP6F%3Di%2Cila5tTk%3DCilJkCPTOa%3DCiChQCi-QQl10PkTq%3D*X*~Yyl0PkT4BW%3Dil0PkTPC6Tq%3DilO4a%3DChYQhXXQ*iltwTqF(Tq55O4%3Di~*QlP64%3Di~iii%2Cil1c%3DQ*rYeU6qcKB.1QJKEqRXGCljqq%3DQYlq(T1t%3DYhlP11c06%3D*Q%2C*QlPW%3DQlP1O01a%3Di%2CilPcOTOa%3DCiChQCi-QylP6aJ%3Di~iii%2Cil0PkTq%3DQ~iQlJkCPT0PkTq%3DilOttTZP%3D_~*i-Cl0PkTk%3DQilOkJ%3DQ-~Xyl!W64%3DxQlqq%3DQ*_lOttTt0k%3Di~_YlFPct%3Di~C_lJkCPT0PkTBW%3DipilcO1TW%3Dy%2C_%2Ci%2Ci%2Ci%2Ci%2Ci%2CQlqt%3DQlcO1Ta%3DQ_QlPBF%3Di%2Cil6hcTq%3DQi~Y%2CQC*~iXlOa%3DQl01a%3DCE6n1Us7OEH.ohVUiklWJkCPTq%3DX~hClq4a%3DCCh*-Qhh_iy_hY_X*Yiyh_i*hhCQyX-CQ-QQh_QQC*-iQ-C*_*Qiyy-_*yChY_-ChhhYhXyYC*yYh--hYiiiyy-CYhi-Q_CQ**X*C*_l01t%3DilPB4%3Di~iii%2Cil5!aCcTq%3Di~*-lOO%3D8blWW%3DR7lBqTak%3DFwl01Z%3DxQlWF%3DilPWJ%3DYC~iylKE%3DhiXYlBqT0W%3Dilw4O%3DQlBqT0k%3Dw%2F6lBqTWWBO%3DQlW4%3Dq0jj6k5lqOOTHeg%3D8b%2C8blq6O1OC%3DQ*_lq6O1OQ%3DQ*_lBqT44%3D*lq(TOa%3DCiChQCi-iQlaW%3D-lJkCPTq%3DQi~Yl44%3DQ_il0ktTc%3Di~QYlJZTF9W%3Di~CYlOttTq1a%3Di~QylJ1OTOa%3DCi_l0PkTPcOTq%3DQC~-Clq(TW5%3DilO5q.%3DilaWC%3DQlJT6Ow%3DCiCy-lk6O4%3DlWJ5!%3DX~hClJ1OT0PkTq%3Di~XlJkCPT1TOa%3DCiChQCi-QQlJ1OT0PkTk%3DilF4%3DCylJkCPT1Tq%3Di~iYlJ1OTq%3DQ*h~*_lJkCPT0PkTJ1%3DQpxQ_l0PkT4J1%3DilJJ%3DilWJkCPTOa%3DCihlPjJ%3DYC~iylkCPTq%3DQiiilOttTOa%3DCiChQCi-QhlP6ac%3Di~iii%2CilO1a%3DyyC-C-_hyl0PkTPcOTBW%3DilBqTOPW%3DBqqlJZ0%3Di~CYlaCcTk%3DQilWJkC%3DX~hClhcWj%3D***~_QlattTO4P!%3DOttTt1!P6415wT4FO4laCcTq%3DQlPcOTq%3DQC*~iXl0PkTOPcOTq%3DQC~-ClPBZc%3Di~iii%2CilPBZa%3Di~iii%2Cil1OLFj%3Dil1O1j%3Dil0PkTPcWTq%3Dilq1a%3Di~QylBqTc4%3DA5tFc6!Fl0PkTPcOTPJ%3DilWqac%3Di~QyilOa%3DQl14VcFT1a%3DQylOFkkFPT46!T1a%3DChYQhXXQ*ilO0cckVT46!T1a%3DlaF4FW4FaT46!T1a%3DlJ1FZ6q1k14V%3Di~CYlc5O%3Dhl6WT4VcF%3DQl6aqkB%3DChYQhXXQ*il6tc%3DQl5!q1a%3Di~C_ilqjkP%3Di~iQilO01a%3DKbp7puTNi5CFP2WB9WsUHy4pe63la4W%3DF6O4TOWlattTFPct%3Dj6kOFlatt%3DOttTt1!P6415wT4FO4lqacW6ca%3Dila6k!%3DOttlO!t4%3Dk5w!T461kT(5tFc6!FTW64W(6kklO5qc%3Di~i-l91a%3Db)Sxc0qxX-Q*X_Ch_yh_XQiQl(4tk%3DQlOttT6c1%3DJQl1qW%3DQlwOG%3DQl4!O%3Dhh_9C-ilqOq%3DilqOc%3Dil4t9%3DCXi&w4J=i&ttt=0S5O8jE)2pB%3D&1Z=hh_&1wEjP=Q&qaPEa=C*Y&q1a=hhy**-&tWj=**Ci&VaOcP=Q&q6F=f9F!F9GFY%2Flf9F!F9GYY%2FlYFF&B64cPF=Q&B64q1a=xQiC&Vckc=Q&1O1a=C&OOtWPTJFP=X&c!1a=ciCiCy**XCQ_4CiChQCi-CChy&OOka=%7B%22OO1c%22%3A%22C_iC%3AjjW-%3AiiiC%3Aiiii%3Aiiii%3Aiiii%3Aiiii%3Aiiii%22%2C%22OOWW%22%3A%22R7%22%2C%22OOOW%22%3A%2283%22%2C%22OOW4V%22%3A%22q0jj6k5%22%7D&(4tkOPW=Q&sflct=4952349&ure=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV&ydspr=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.124.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-50-124-22.deploy.static.akamaitechnologies.com

Software

Resource Hash

24532421a961783f6631ddda28c8e5ae78a82eb08c3a9d11b87e9aee835691f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 30098
content-type: text/html
date: Fri, 08 Dec 2023 22:37:45 GMT
expires: Fri, 08 Dec 2023 22:37:45 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-sc-h: 22-tf5s

GET
H/1.1 200
OK bping.php
lg3.media.net/ Frame 5571 35 B
338 B 186ms
52ms Image
image/gif 184.31.48.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=2585&&vgd_cdv=1129&vgd_cage=3&vgd_tsce=L341&vgd_mcf=9920&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU5RJ1PV&crid=772828637&vi=1702075064220127515&ugd=4&lf=6&cc=US&sc=IL&lper=100&wsip=170785191&r=1702075064958&rrr=tzR-hLcl-L_yJ0J7f2wmduST3Pv2Qwgt&requrl=https%3A%2F%2Fricowhaz.com%2F&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.fF~OmYMGv9.hF~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fAuf9Wuu~8xLjMGviXi.Hh~xLjM7UNv9~xLjMLf1MGv9~Q7OvfAHuAXXui9~YzMGJwMGmmQ7v9.iu~L17v9.999%2C9~8Evui6H_01GE%3DUd8ue%3DVGPXlf~kGGvuH~GwM8YvHA~L88Ex1viu%2Ciu~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fAuf9Wuh~L1Oev9.999%2C9~xLjMGvu.9u~ejfLMxLjMGv9~QYYMBLvF.i9Wf~xLjMjvu9~QjevuW.Xh~yN17vou~GGvuiF~QYYMYxjv9.FH~JLEYv9.fF~ejfLMxLjMUNv949~EQ8MNvh%2CF%2C9%2C9%2C9%2C9%2C9%2Cu~GYvu~EQ8MOvuFu~LUJv9%2C9~1AEMGvu9.H%2Cufi.9X~QOvu~x8OvfV1Z80gbQVCd%2FA509j~NejfLMGvX.Af~G7OvffAiWuAAF9hFAHFXiH9hAF9iAAfuhXWfuWuuAFuufiW9uWfiFiu9hhWFihfAHFWfAAAHAXhHfihHAWWAH999hhWfHA9WuFfuiiXifiF~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~UGMOjvJz~x8Bvou~NJv9~LNevHf.9h~%3DVvA9XH~UGMxNv9~z7Qvu~UGMxjvzS1~UGMNNUQvu~N7vGxkk1jm~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~UGM77vi~GwMQOvf9fAuf9W9u~ONvW~ejfLMGvu9.H~77vuF9~xjYMEv9.uH~eBMJ-Nv9.fH~QYYMG8Ov9.uh~e8QMQOvf9F~xLjMLEQMGvuf.Wf~GwMNmv9~QmGdv9~ONfvu~eM1Qzvf9fhW~j1Q7v~NemyvX.Af~e8QMxLjMGv9.X~ejfLM8MQOvf9fAuf9Wuu~e8QMxLjMjv9~J7vfh~ejfLM8MGv9.9H~e8QMGvuiA.iF~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvf9A~LkevHf.9h~jfLMGvu999~QYYMQOvf9fAuf9WuA~L1OEv9.999%2C9~Q8OvhhfWfWFAh~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.fH~OfEMjvu9~NejfvX.Af~AENkviii.Fu~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGvu~LEQMGvufi.9X~xLjMQLEQMGvuf.Wf~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.uh~UGME7vqmYJE1yJ~xLjMLEQMLev9~NGOEv9.uh9~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvfAHuAXXui9~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.fH~EmQvA~1NM75EJvu~1OGjUvfAHuAXXui9~1YEvu~myG8Ov9.fF9~GkjLv9.9u9~Qx8Ov%3DK4b4aMc9mfJL%20NU-Ng0Ch74_13~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~QyY7vjmzyM718jMwmYJE1yJMN17Nw1jj~QmGEv9.9W~-8OvKrtoExGoXWuiXFfAFhAFXu9u~w7Yjvu~QYYM1E8veu~8GNvu~zQlvu~7yQvAAF-fW9~GQGv9~GQEv9~7Y-vfX9&ssld=%7B%22QQ8E%22%3A%22fF9f%3AkkNW%3A999f%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22I3%22%2C%22QQN75%22%3A%22Gxkk1jm%22%7D&vgd_bid=337998&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=20278&vgd_rakh=1702075064154478247&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU1SGZ43&vgd_hb_audit_2=337691538&vgd_pgid=p02027995216t202312082237&vgd_pgids=1&vgd_uspa=0&hvsid=00001702075064944016112663474549&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.31.48.28 Atlanta, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-31-48-28.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Fri, 08 Dec 2023 22:37:45 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Fri, 08 Dec 2023 22:37:45 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 7B99 27 KB
10 KB 322ms
322ms Document
text/html 23.50.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1SGZ43&prvid=462%2C99%2C77%2C20000%2C313%2C319%2C294%2C460&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.124.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-50-124-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0d027364cf8c023e16dbbaaf9d5c0c1bd7818aa198911fc68335aa63174c983a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9621
content-type: text/html; charset=UTF-8
date: Fri, 08 Dec 2023 22:37:45 GMT
expires: Sun, 10 Dec 2023 22:37:45 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 5571 35 B
191 B 92ms
79ms Image
image/gif 23.46.192.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?pixel_len_bucket=6241&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CU1SGZ43&reqid=ON_zeHliLzPNJgIqvyqTcA&vid=ON_zeHliLzPNJgIqvyqTcA&dn=ricowhaz.com&rawDn=ricowhaz.com&requrl_dn=ricowhaz.com&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Fricowhaz.com&cliIPV6=2602%3Affc8%3A0002%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=NY&ct=buffalo&zip=14202&pubid=pub-ADX-118903234488&tgtval=pub-ADX-118903234488&csip=rtb-appnexus-5fd6bb7f75-2zbrc.SC&dtc=east_sc&zone=d&sd=1&ptype=23&tmax=300&xtmax=300&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&asn=716&sckfl=1&suid=CAESEO_M0o2erqckxcQPK7tETaY&sckfl2=0&smbrid=adx-1&cxtSgmt=long_tail_homepage_catchall&usp_status=0&usp_enf=1&mspa_enforced=true&gqid=AD8Fdm5FXIpLq4pfBmm8CqslQFdhwgCsICaXkHVHDlxjzrS3DIf5E73ttH_F_Vv4PHkYvx5i&pexid=ADX-pub-5819562367365101&geoll=false&is_ortb=false&commit_id=4ae442ec&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-12-08+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&is_msnnative_src=false&proxy=envoy&rtttime=43&req_tid_present=false&pvid=294&prvAccId=772828637&prvApiId=8CU5RJ1PV&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=337691538&prspt=headerBid&prvReqId=25346412530927_1742535375_33769153812941&size=336x280&chnl=smm_migration_test&bdp=0.260&bid_uuid=88e8e9598d965c1024b5023e581a0961&cbdp=0.17&og_cbdp=0.260&ogbdp=0.26&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Fsearch.yahoo.com&dfpBd=0.17&dsrc=-2&dp=0&dbf=1&epc=772828637&s=1&snm=SUCCESS&pcrid=8CU5RJ1PV-772828637-49-19&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=24&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1702075063960&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.26&dmm_erpm=false&dmm_ogerpm=false&bcrid=1700080800127000336028000025600&strg=smm_migration_test&vls=0&scrid=1700080800127000336028000025600&mang=1&pvdTmax=250&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CU5RJ1PV&mx_SPRIG=2&mx_bsBucket=0&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CU1SGZ43&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=336x280&mx_bsProfileRa=0&mx_IAB2=2&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_nids%3C%3E=Dv_yGf9SusYo&mx_gpid_sent=false&mx_commit_id=57e0a39df7&mx_exp_tokens%3C%3E=IPBLOCK_DM%3AGCS%23%23launchexp%3Atoken1%23%23bsNed%3ADEFAULT%23%23NedCkflWithData%3ANoBlk%23%23prll_req%3Atrue%23%23NedCkfl%3ANoBlk%23%23BssTgtMig%3ADEFAULT&is_video_cmp=false&acid=35b820bf5fcedbc40b626b4835f1bac8&rtime=28.0&wsip=mowx-lite-fb8fd6758-p2z9s&ltime=36.0&act=headerBid&abs=0%7C0%7Cxtmax%3D300%7Cbrr%3D1&adtypes=0&adblk=2341355190&impId=1&reftime=0&reftype=0&psrc=fail&mowxReqId=35b820bf5fcedbc40b626b4835f1bac8_1&policy_enf=2&pub_blk_enf=1&req_size=336x280&renderer=1&ifst=0&iframingState=0&ifdp=0&slotVisibility=2&adpos=3&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&feedback_id=ON_zeHliLzPNJgIqvyqTcA_1&supplyTagId=2341355190&mnrfc=-1&v_plcmt_override=0&v_placement_override=0&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&mp_seg%3C%3E=100109%23%23100085%23%23100273&debug_ts=2023-12-08+22%3A37%3A43&__expireat=1702075664211&mview=1&sc_pvid=460&sc_dp=0&sc_bdp=0.080&sc_cbdp=0.080&sc_ogbdp=0.08&sc_adj0=0.0&sc_adj1=0.0&sc_adj2=0.0&sc_prspt=headerBid&lo_pvid=%5B294%5D&lo_dp=0&lo_bdp=0.260&lo_cbdp=0.17&actltime=36&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.26~dom_b%3D0.76~scd%3Dny~rae%3D0%2C0~dom_l%3D20~vl2r_sd%3D2023120811~iurl_b%3D959.47~url_tkc%3D0~url_r2a_b%3D0~std%3D2341355190~mn_beh_boost%3D0.91~rat%3D0.000%2C0~ip%3D19J4TPabpCkji1vCIbU5z2~fbb%3D14~bh_im%3D43~riipua%3D91%2C91~rc%3D1~risuid%3D0%2C0~rps_sd%3D2023120817~radv%3D0.000%2C0~url_b%3D1.01~vl2r_url_b%3D0~smm_wr%3D6.9082~url_l%3D10~slv%3D18.57~gcat%3D-1~bb%3D196~smm_mul%3D0.64~erpm%3D0.26~vl2r_url_kc%3D0E0~psi_c%3D7%2C6%2C0%2C0%2C0%2C0%2C0%2C1~bm%3D1~psi_d%3D161~rke%3D0%2C0~a3p_b%3D10.4%2C129.05~sd%3D1~uid%3D2IaGiPQSsIKjV3yP0l~cvl2r_b%3D5.32~btd%3D2239813360763465940736093321758218113611298018296910778697234682333435742974388340007782430816219959296~uim%3D0~rkt%3D0.000%2C0~ogd2p_b%3D0.98~ss%3DNA~cc%3DUS~kb_dl%3Den~uiw%3D-1~ce%3D0~rcv%3D42.07~CI%3D3054~kb_uc%3D0~nts%3D1~kb_ul%3Dn%2Fa~kb_ccks%3D1~ct%3Dbuffalo~bss_KTW%3DNA%2CNA~basis2%3D196~basis1%3D196~kb_tt%3D9~bh_sd%3D2023120801~dc%3D8~vl2r_b%3D10.4~tt%3D160~ulm_p%3D0.14~vw_exc%3D0.24~smm_bid%3D0.17~vis_sd%3D206~url_rps_b%3D12.82~bh_co%3D0~sobj%3D0~dc2%3D1~v_asn%3D20278~last%3D~cvog%3D5.32~vis_url_b%3D0.5~vl2r_i_sd%3D2023120811~vis_url_l%3D0~et%3D27~vl2r_i_b%3D0.04~vis_b%3D193.96~vl2r_url_vi%3D1E-16~url_tvi%3D0~vv%3D0~cvl2r_sd%3D203~rfv%3D42.07~l2r_b%3D1000~smm_sd%3D2023120813~radp%3D0.000%2C0~sid%3D772828637~url_rps_kc%3D0~kb_src%3Dkbb~vwu%3D0.24~d2p_l%3D10~cvl2%3D5.32~3pcf%3D999.61~dmm_strg%3Dsmm_migration_test~d2p_b%3D1~rps_b%3D129.05~url_srps_b%3D12.82~rkwp%3D0.000%2C0~rkwd%3D0.000%2C0~isRef%3D0~isif%3D0~url_rpc_b%3D0~bid%3D0.17~kb_pt%3DHomepage~url_rps_rv%3D0~cbdp%3D0.170%7Esd%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D2341355190%7Esupply_tag_id%3D%7Edetected_tag_id%3D%7Eviewability%3D0.24%7Epos%3D3%7Eac_type%3D1%7Eadblk%3D2341355190%7Eamp%3D1%7Eogbid%3D0.260%7Ebflr%3D0.010%7Esuid%3DCAESEO_M0o2erqckxcQPK7tETaY%7Edtc%3Deast_sc%7Edmm_erpm%3Dfalse%7Edmm%3Dsmm_migration_test%7Ebdpcapd%3D0%7Edalg%3Dsmm%7Esgmt%3Dlong_tail_homepage_catchall%7Esobp%3D0.08%7Exid%3DADX-pub-5819562367365101%7Ehtml%3D1%7Esmm_api%3Dv1~ibc%3D1~nsz%3D1~tgs%3D336x280~bsb%3D0~bsp%3D0~tmx%3D250&utime=1018&sf=0&cpr=0.9235080275835934

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.46.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-46-192-28.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 08 Dec 2023 22:37:45 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8328 1 KB
643 B 42ms
40ms Document
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 15091
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 18:26:14 GMT
etag: 48472445140208031
expires: Sat, 09 Dec 2023 18:26:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5571 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b3c29d2ec701a8a6687caec5d13abbcf62132619b523949a5985b29b9fcf462

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5571 0
19 B 76ms
74ms Image
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKW-ht5pzZevtL7uOiM0P3-27yArnqcCdc92Oo_nKDMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTU4MTk1NjIzNjczNjUxMDHIAQmoAwHIAwKqBNsBT9DPHa7g1sTq_xu9AjNLOV838Fyl7l7r9s9XVYUszKQ9EfVyckoOEnNNdiHBdrsa86So8uryBDNCcPc2db3zvwWWFjgENS160T9n82jVb0497Jysmr-taZ-iDdIxitZO7dLqH9Y4Io-_cXIY-mHZlPHSe_ykzv2JLK446J38zm2NBgtpify1GBYtKzT6I8VHyKOoucAp0T_KnLwANccNFG8kvHj_i5Mz7LiIUvNIu788sUyumsQDk32w9SXwNVD74PuI-uqCuUPkCag6VuUAo-HL2RoQXfdiGjP7gAbq69v72OPz-VugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggbCIBhEAEyAooCOgKAQEi9_cE6WJfBt9zzgIMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU4MTk1NjIzNjczNjUxMDEYAA&sigh=lFC9-KmLBGo&uach_m=%5BUACH%5D&cid=CAQSPADICaaNBHYy8NkeTwN6RUl0gytL14TngBpgfO27qQY96rtCInAOCv1OB9okHaljDLh0cOCHiX0GpSicvBgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=2341355190&adf=4244749459&pi=t.aa~a.1085383348~i.3~rp.4&w=600&fwrn=4&fwrnh=100&lmt=1702075063&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5754973339&ad_type=text_image&format=600x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rh=150&rw=600&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063633&bpp=1&bdt=782&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C600x280%2C600x280&nras=5&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=4292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=58
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 08 Dec 2023 22:37:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 log
hblg.media.net/ Frame 5571 35 B
191 B 64ms
63ms Image
image/gif 23.46.192.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwaELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAAUDI1MzQ2NDEyNTMwOTI3XzE3NDI1MzUzNzVfMzM3NjkxNTM4MTI5NDFAMzViODIwYmY1ZmNlZGJjNDBiNjI2YjQ4MzVmMWJhYzjMBKRwPQrXo9A_mAcoaHR0cHM6Ly9yaWNvd2hhei5jb20EVVMA5gFNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS43MSBTYWZhcmkvNTM3LjM2GHJpY293aGF6LmNvbRI4Q1UxU0daNDMIDjMzNngyODAIMC4xNw5lYXN0X3NjBkFEWAgIbnVybAAAAAAAAAA4QLD6ormJYwIyAAAAAAAA8L9AcnRiLWFwcG5leHVzLTVmZDZiYjdmNzUtMnpicmMuU0M-MTcwMDA4MDgwMDEyNzAwMDMzNjAyODAwMDAyNTYwMAIQNGFlNDQyZWMCZAI&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.46.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-46-192-28.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 08 Dec 2023 22:37:45 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 5571 35 B
296 B 133ms
37ms Image
image/gif 23.205.106.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=35b820bf5fcedbc40b626b4835f1bac8&bdp=0.2600&bidfp=0.0100&cc=US&cid=8CU1SGZ43&crid=337691538&ct=buffalo&dc=east_sc&dn=ricowhaz.com&iwb=1&ogcbdp=0.2600&other_bids=0.08%2C0.26&other_prv=460%2C294&pbshr=100.0000&requrl=ricowhaz.com&sat=1&sc=NY&sc_pvid=294&send_erpm=false&server=6&size=336x280&strg=smm_migration_test&totalTime=945132&ugd=4&ver=9.6.4&cliIP=0&time_stamp=2023-12-08%2022%3A37%3A43&seat=BID_API&itype=adx&req_id=ON_zeHliLzPNJgIqvyqTcA&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.71%20Safari%2F537.36&br_ver=120.0.6099.71&o_ver=NT%2010.0&second_bid=0.08&second_bidder=460&seg=long_tail_homepage_catchall&f_seg=long_tail_homepage_catchall&ogerpm=0.26&ogerpm_used=false&rawbid=0.26&totalTimeBucket=0&sub_bidder=196&ogerpm_wd_bkt=0-1&visibility=2&viewability=0.24&pvid_seat=294_BID_API&ckfl=0&mnckfl=0&sd=1&bdp_wider_bucket=1&adblk=2341355190&advurl=search.yahoo.com%2F&bdr_typ=1&clisp=rtb-appnexus-5fd6bb7f75-2zbrc.SC&dmm_m22=0.2600&adtyp=0&gpid_sent=false&pst=EMS&bcrid=1700080800127000336028000025600&zone=d&rc=-1&sfm_key=mowx_null&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-lite-fb8fd6758-p2z9s&djvm=9.5.8&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=2341355190&adf=4244749459&pi=t.aa~a.1085383348~i.3~rp.4&w=600&fwrn=4&fwrnh=100&lmt=1702075063&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5754973339&ad_type=text_image&format=600x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rh=150&rw=600&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063633&bpp=1&bdt=782&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C600x280%2C600x280&nras=5&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=4292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=58
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.106.147 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-106-147.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 22:37:45 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Fri, 08 Dec 2023 22:37:45 GMT

GET
DATA 200
OK truncated
/ Frame 1AF9 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e238a93d57afb84c2b3d0bb0f376031b72633d350d4b696d0701b2f7277ab45

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6C81
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CY6xft5pzZeaVHZewiM0PgNKzgA6g_L3GdK7YoKSJEuCsqbGRDhABILaczQNgye6Oi8CkjBCgAZWAse8oyAEJqAMByAPLBKoE3wFP0KZaH87JJpo3mkD4btVdUof4o4rYhxo4oTl-2cIoYdt...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x90b84325f62329230000000000000000%22,%222%22:%220xd8fa88bd0bbc63a40000000000000000%22,%223%22:%220x13ea47...

0
0

62ms
60ms

Fetch
text/css

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x90b84325f62329230000000000000000%22,%222%22:%220xd8fa88bd0bbc63a40000000000000000%22,%223%22:%220x13ea47e9a5f0826a0000000000000000%22,%224%22:%220xa45f36b8bd713b0b0000000000000000%22,%225%22:%220x985e5db871c0d8320000000000000000%22},%22debug_key%22:%226085754494147133544%22,%22debug_reporting%22:true,%22destination%22:%22https://questtips.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210971004949%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22665347386052870273%22}&andc=true

Requested by

Host: ricowhaz.com
URL: https://ricowhaz.com/

Protocol

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:45 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x90b84325f62329230000000000000000","2":"0xd8fa88bd0bbc63a40000000000000000","3":"0x13ea47e9a5f0826a0000000000000000","4":"0xa45f36b8bd713b0b0000000000000000","5":"0x985e5db871c0d8320000000000000000"},"debug_key":"6085754494147133544","debug_reporting":true,"destination":"https://questtips.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10971004949"],"4":["12-08"],"6":["true"]},"priority":"500","source_event_id":"665347386052870273"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 08 Dec 2023 22:37:45 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 08 Dec 2023 22:37:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x90b84325f62329230000000000000000","2":"0xd8fa88bd0bbc63a40000000000000000","3":"0x13ea47e9a5f0826a0000000000000000","4":"0xa45f36b8bd713b0b0000000000000000","5":"0x985e5db871c0d8320000000000000000"},"debug_key":"6085754494147133544","debug_reporting":true,"destination":"https://questtips.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10971004949"],"4":["12-08"],"6":["true"]},"priority":"500","source_event_id":"665347386052870273"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1AF9 15 KB
16 KB 38ms
33ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:06:18 GMT
x-content-type-options: nosniff
age: 5487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 21:06:18 GMT

GET
H2 200 SAFEFRAME.html Show response
contextual.media.net/sr/2722522032/ Frame B752 75 KB
30 KB 306ms
291ms Document
text/html 23.50.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2811&&kkdd=H*%7Ch%7CuH9A3n*&Be=ag6Y6gc6JXa55iiiYaJ&8rMl=6&SdMR=6&-rB=aaYQ&7d-P=~5Xa&-er=it.ckfajp&-M-r=V5PQ3EO0bavK.F80!zrVe2%3D%3D&-ler=ggYiYiJ5g&debP=55J0Yi6&--=.W&d-=N~&-VKS=dSSLSe8lR7eIKL7Pd7&Mer=ij_fXOYiC&7Mer=vavcvU_&V77Md=a&lll=7bkuV~-nu~LEf6fgzY2SrTWv5jBYF287&KdP=c&n2=a&T8r=X&Rr7a=it.aWCHX5&Rr7Y=55gJQac5i&3rR7R=drY%3DKTnnZeTlnLn%3Da6ZI8PlMS%3D6GY5ZrISL3%3D6GgJZd-r%3DKEZlRP%3D6%2C6ZrISLn%3DY6ZBnYlLdr%3DY6Y5aY6iaaZeTlnL3%3DQcQGXgZTlnL7w-%3D6ZTlnLlYRL3%3D6Zd7r%3DYi5iYcgaaiZSKL3PVL3IId7%3D6GQaZlR7%3D6G666%2C6ZeM%3DaQfXvjR3MtwDeaBtN3.cbYZz33%3DaXZ3VLeS%3DX5ZleeMTR%3DQa%2CQaZl-%3DaZledTer%3D6%2C6ZlMdLdr%3DY6Y5aY6iagZlRrB%3D6G666%2C6ZTlnL3%3DaG6aZBnYlLTlnL3%3D6ZdSSL2l%3DJGigXiZTlnLn%3Da6ZdnB%3DaiGcgZ8-R7%3DuaZ33%3DaQJZdSSLSTn%3D6Gg5ZPlMS%3D6GY5ZBnYlLTlnLw-%3D6*6ZMdeL-%3Dg%2CJ%2C6%2C6%2C6%2C6%2C6%2CaZ3S%3DaZMdeLr%3DaJaZlwP%3D6%2C6ZR5ML3%3Da6GX%2CaYQG6cZdr%3DaZTer%3DYNRCKElygOk0CgF5U!Z-BnYlL3%3DcG5YZ37r%3DYY5Qia55J6gJ5X5XaaY6XiQJ56QcXa5aY5JaQg6XJc5aXY6igJX6aaJ5Yc65JY6JcgQcYYXa5Y5YQ6YgJ5YQiJia556Y65JXcQJi5iXZTeS%3D6Zlw7%3D6G666%2C6ZI8rYML3%3D6GQiZdd%3DO(Z--%3D.WZw3Lrn%3DPKZTe2%3DuaZ-P%3D6Zl-B%3DXYG6gZtN%3D56cXZw3LT-%3D6ZK7d%3DaZw3LTn%3DK%2FRZw3L--wd%3DaZ-7%3D3TzzRnIZ3ddL4vx%3DO(%2CO(Z3RdedY%3DaQJZ3Rdeda%3DaQJZw3L77%3DQZ3VLdr%3DY6Y5aY6i6aZr-%3DiZBnYlL3%3Da6GXZ77%3DaJ6ZTnSLM%3D6GaXZB2LP0-%3D6GYiZdSSL3er%3D6GagZBedLdr%3DY6JZTlnLlMdL3%3DaYGiYZ3VL-I%3D6ZdI3D%3D6Zr-Y%3DaZBLRdK%3DY6YgiZnRd7%3DZ-BI8%3DcG5YZBedLTlnL3%3D6GcZBnYlLeLdr%3DY6Y5aY6iaaZBedLTlnLn%3D6ZP7%3DYYZBnYlLeL3%3D6G6XZBedL3%3DaQgGJcZBnYlLTlnLBe%3Da*uaJZTlnL7Be%3D6ZBB%3D6Z-BnYlLdr%3DY65ZlzB%3DXYG6gZnYlL3%3Da666Z2lL3%3DiG5Y%2C6ZdSSLdr%3DY6Y5aY6ia5ZlRrM%3D6G666%2C6Zder%3DggYiYiJ5gZTlnLlMdLw-%3D6Zw3Ldl-%3Dw33ZB2T%3D6GYiZrYMLn%3Da6Z-BnY%3DcG5YZ5M-z%3DQg6GYaZrSSLd7l8%3DdSSLSe8lR7eIKL7Pd7ZrYML3%3D6GQiZlMdL3%3DaYQG6cZTlnLdlMdL3%3DaYGiYZlw2M%3D6G666%2C6Zlw2r%3D6G666%2C6ZedkPz%3D6Zedez%3D6ZTlnLlM-L3%3D6Z3er%3D6GagZw3LM7%3DhISPMR8PZTlnLlMdLlB%3D6Z-3rM%3D6Gag6Zdr%3DaZe7EMPLer%3DagZdPnnPlL7R8Ler%3DYi5iYcgaaiZdTMMnEL7R8Ler%3DZrP7P-7PrL7R8Ler%3DZBeP2R3ene7E%3D6GYiZMId%3D5ZR-L7EMP%3DaZRr3nw%3DYi5iYcgaaiZRSM%3DaZI83er%3D6GY56Z3znl%3D6G6a6ZdTer%3Dt(*W*4*xYu.~glb-Kf6.l6Cr_*8Zr7-%3DPRd7Ld-ZrSSLPlMS%3DzRndPZrSS%3DdSSLSe8lR7eIKL7Pd7Z3rM-RMr%3D6ZrRn8%3DdSSZd8S7%3DnIK8L7RenLVISPMR8PL-R7-VRnnZdI3M%3D6G6iZ0er%3D(q!uMT3uciaQcJY5Jg5Jca6aZV7Sn%3DaZdSSLRMe%3DBaZe3-%3DaZKdb%3DaZ78d%3D55J0Yi6Z3d3%3D6Z3dM%3D6Z7S0%3DYXa&K7B=6&SSS=T!IdOzNqm*w%3D&e2=55J&eKNzl=a&3rlNr=YQX&3er=5Xa56X&S-z=QQY6&ErdMl=a&3RP=)0P8P0bPX%2FZ)0P8P0bXX%2FZXPP&wR7MlP=a&wR73er=ua6Y&EMnM=a&eder=Y&ddS-lLBPl=c&M8er=M6Y6YgQQcYaJ7Y6Y5aY6iYY5g&ddnr=%7B%22ddeM%22%3A%22YJ6Y%3Azz-i%3A666Y%3A6666%3A6666%3A6666%3A6666%3A6666%22%2C%22dd--%22%3A%22.W%22%2C%22ddd-%22%3A%22Oy%22%2C%22dd-7E%22%3A%22)TzzRnI%22%7D&V7Sndl-=a&sflct=4952349&ure=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV&ydspr=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.124.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-50-124-22.deploy.static.akamaitechnologies.com

Software

Resource Hash

b2d3353fb831693b8588540928d4aeac78bd7a9649139e73f42e949e599d85e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 30109
content-type: text/html
date: Fri, 08 Dec 2023 22:37:45 GMT
expires: Fri, 08 Dec 2023 22:37:45 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-sc-h: 22-tf5s

GET
H/1.1 200
OK bping.php
lg3.media.net/ Frame 5E6C 35 B
338 B 130ms
114ms Image
image/gif 184.31.48.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=2598&&vgd_cdv=1129&vgd_cage=3&vgd_tsce=L341&vgd_mcf=9920&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU5RJ1PV&crid=772828637&vi=1702075064133888216&ugd=4&lf=6&cc=US&sc=IL&lper=100&wsip=170785191&r=1702075065144&rrr=tzR-hLcl-L_yJ0J7f2wmduST3Pv2Qwgt&requrl=https%3A%2F%2Fricowhaz.com%2F&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.fA~OmYMGv9.hF~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fAuf9Wuu~8xLjMGviXi.Hh~xLjM7UNv9~xLjMLf1MGv9~Q7OvfWAWfXhuuW~YzMGJwMGmmQ7v9.iu~L17v9.999%2C9~8Evui6H_01GE%3DUd8ue%3DVGPXlf~kGGvuH~GwM8YvHA~L88Ex1viu%2Ciu~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fAuf9Wuh~L1Oev9.999%2C9~xLjMGvu.9u~ejfLMxLjMGv9~QYYMBLvF.WhHW~xLjMjvu9~QjevuW.Xh~yN17vou~GGvuiF~QYYMYxjv9.hA~JLEYv9.fA~ejfLMxLjMUNv949~EQ8MNvh%2CF%2C9%2C9%2C9%2C9%2C9%2Cu~GYvu~EQ8MOvuFu~LUJv9%2C9~1AEMGvu9.H%2Cufi.9X~QOvu~x8OvfV1Zz5L3hID-ZhgAst~NejfLMGvX.Af~G7OvffAiWuAAF9hFAHAHuuf9HWiFA9iXHuAufAFuih9HFXAuHf9WhFH9uuFAfX9AFf9FXhiXffHuAfAfi9fhFAfiWFWuAA9f9AFHXiFWAWH~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~UGMOjvJz~x8Bvou~NJv9~LNevHf.9h~%3DVvA9XH~UGMxNv9~z7Qvu~UGMxjvzS1~UGMNNUQvu~N7vGxkk1jm~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~UGM77vi~GwMQOvf9fAuf9W9u~ONvW~ejfLMGvu9.H~77vuF9~xjYMEv9.uH~eBMJ-Nv9.fW~QYYMG8Ov9.uh~e8QMQOvf9F~xLjMLEQMGvuf.Wf~GwMNmv9~QmGdv9~ONfvu~eM1Qzvf9fhW~j1Q7v~NemyvX.Af~e8QMxLjMGv9.X~ejfLM8MQOvf9fAuf9Wuu~e8QMxLjMjv9~J7vff~ejfLM8MGv9.9H~e8QMGvuih.FX~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvf9A~LkevHf.9h~jfLMGvu999~BLMGvW.Af%2C9~QYYMQOvf9fAuf9WuA~L1OEv9.999%2C9~Q8OvhhfWfWFAh~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.fW~OfEMjvu9~NejfvX.Af~AENkvih9.fu~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.iW~LEQMGvufi.9X~xLjMQLEQMGvuf.Wf~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.uh~UGME7vqmYJE1yJ~xLjMLEQMLev9~NGOEv9.uh9~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvfWAWfXhuuW~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.fW~EmQvA~1NM75EJvu~1OGjUvfWAWfXhuuW~1YEvu~myG8Ov9.fA9~GkjLv9.9u9~Qx8Ov%3DK4b4C4pfoPThLlNz69PL9ZOa4y~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~QyY7vjmzyM718jMwmYJE1yJMN17Nw1jj~QmGEv9.9W~-8OvKrtoExGoXWuiXFfAFhAFXu9u~w7Yjvu~QYYM1E8veu~8GNvu~zQlvu~7yQvAAF-fW9~GQGv9~GQEv9~7Y-vfHu&ssld=%7B%22QQ8E%22%3A%22fF9f%3AkkNW%3A999f%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22I3%22%2C%22QQN75%22%3A%22Rxkk1jm%22%7D&vgd_bid=341304&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=20278&vgd_rakh=1702075064106313900&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU1SGZ43&vgd_hb_audit_2=337691538&vgd_pgid=p02027995216t202312082237&vgd_pgids=1&vgd_uspa=0&hvsid=00001702075065139016112663471789&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.31.48.28 Atlanta, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-31-48-28.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Fri, 08 Dec 2023 22:37:45 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Fri, 08 Dec 2023 22:37:45 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 3843 27 KB
10 KB 112ms
104ms Document
text/html 23.50.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.124.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-50-124-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0d027364cf8c023e16dbbaaf9d5c0c1bd7818aa198911fc68335aa63174c983a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9621
content-type: text/html; charset=UTF-8
date: Fri, 08 Dec 2023 22:37:45 GMT
expires: Sun, 10 Dec 2023 22:37:45 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 5E6C 35 B
191 B 74ms
64ms Image
image/gif 23.46.192.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?pixel_len_bucket=6253&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CU1SGZ43&reqid=mDx5KlUDMGNEuNh3VDQGlw&vid=mDx5KlUDMGNEuNh3VDQGlw&dn=ricowhaz.com&rawDn=ricowhaz.com&requrl_dn=ricowhaz.com&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Fricowhaz.com&cliIPV6=2602%3Affc8%3A0002%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=NY&ct=Buffalo&zip=14202&pubid=pub-ADX-118903234488&tgtval=pub-ADX-118903234488&csip=rtb-appnexus-apm-5cbfcf6885-qq8tl.SC&dtc=east_sc&zone=d&sd=1&ptype=23&tmax=300&xtmax=300&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&asn=716&sckfl=1&suid=CAESEKEW2-UL7rzcnJ0Ur0GdOEg&sckfl2=0&smbrid=adx-1&cxtSgmt=long_tail_homepage_catchall&usp_status=0&usp_enf=1&mspa_enforced=true&gqid=AD8Fdm6IVQY1dXQNR9vCqK8JS0CJaPSiw0PNkrnwKp05iqGcDmIX1TDQ5lx3kfDrCRhDqwek&pexid=ADX-pub-5819562367365101&geoll=true&is_ortb=false&commit_id=4ae442ec&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-12-08+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&is_msnnative_src=false&proxy=envoy&rtttime=80&req_tid_present=false&pvid=294&prvAccId=772828637&prvApiId=8CU5RJ1PV&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=337691538&prspt=headerBid&prvReqId=124437205696734_1519121889_33769153812941&size=336x280&chnl=smm_migration_test&bdp=0.230&bid_uuid=3f7e43d2a9bd55df31ca30c704413266&cbdp=0.17&og_cbdp=0.230&ogbdp=0.23&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Fsearch.yahoo.com&dfpBd=0.17&dsrc=-2&dp=0&dbf=1&epc=772828637&s=1&snm=SUCCESS&pcrid=8CU5RJ1PV-772828637-49-13&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=28&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1702075063969&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.23&dmm_erpm=false&dmm_ogerpm=false&bcrid=1700080800127000336028000025600&strg=smm_migration_test&vls=0&scrid=1700080800127000336028000025600&mang=1&pvdTmax=241&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CU5RJ1PV&mx_SPRIG=2&mx_bsBucket=0&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CU1SGZ43&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=336x280&mx_bsProfileRa=0&mx_IAB2=2&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_nids%3C%3E=Dv_yGf9SusYo&mx_gpid_sent=false&mx_commit_id=57e0a39df7&mx_exp_tokens%3C%3E=NedCkfl%3Aall_blk%23%23IPBLOCK_DM%3AGCS%23%23launchexp%3Atoken1%23%23NedCkflWithData%3Aall_blk%23%23bsNed%3ADEFAULT%23%23BssTgtMig%3Abkt%23%23prll_req%3Atrue&is_video_cmp=false&acid=4da97ec3e6b0af07c48cfa00b130e1eb&rtime=36.0&wsip=mowx-lite-fb8fd6758-vmfq4&ltime=64.0&act=headerBid&abs=0%7C0%7Cxtmax%3D300%7Cbrr%3D1&adtypes=0&adblk=2838257118&impId=1&reftime=0&reftype=0&psrc=fail&mowxReqId=4da97ec3e6b0af07c48cfa00b130e1eb_1&policy_enf=2&pub_blk_enf=1&req_size=336x280&renderer=1&ifst=0&iframingState=0&ifdp=0&slotVisibility=2&adpos=3&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&feedback_id=mDx5KlUDMGNEuNh3VDQGlw_1&supplyTagId=2838257118&mnrfc=-1&v_plcmt_override=0&v_placement_override=0&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&mp_seg%3C%3E=100273&debug_ts=2023-12-08+22%3A37%3A43&__expireat=1702075664221&mview=1&sc_pvid=313&sc_dp=0&sc_bdp=0.080&sc_cbdp=0.080&sc_ogbdp=0.08&sc_adj0=0.0&sc_adj1=0.0&sc_adj2=0.0&sc_prspt=headerBid&lo_pvid=%5B294%5D&lo_dp=0&lo_bdp=0.230&lo_cbdp=0.17&actltime=64&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.23~dom_b%3D0.76~scd%3Dny~rae%3D0%2C0~dom_l%3D20~vl2r_sd%3D2023120811~iurl_b%3D959.47~url_tkc%3D0~url_r2a_b%3D0~std%3D2838257118~mn_beh_boost%3D0.91~rat%3D0.000%2C0~ip%3D19J4TPabpCkji1vCIbU5z2~fbb%3D14~bh_im%3D43~riipua%3D91%2C91~rc%3D1~risuid%3D0%2C0~rps_sd%3D2023120817~radv%3D0.000%2C0~url_b%3D1.01~vl2r_url_b%3D0~smm_wr%3D6.8748~url_l%3D10~slv%3D18.57~gcat%3D-1~bb%3D196~smm_mul%3D0.73~erpm%3D0.23~vl2r_url_kc%3D0E0~psi_c%3D7%2C6%2C0%2C0%2C0%2C0%2C0%2C1~bm%3D1~psi_d%3D161~rke%3D0%2C0~a3p_b%3D10.4%2C129.05~sd%3D1~uid%3D2IaGnyrY7NRxG7Q3FX~cvl2r_b%3D5.32~btd%3D2239813360763434112048963095413123619704653142087640116325036206579522413232902763298681330203645968384~uim%3D0~rkt%3D0.000%2C0~ogd2p_b%3D0.98~ss%3DNA~cc%3DUS~kb_dl%3Den~uiw%3D-1~ce%3D0~rcv%3D42.07~CI%3D3054~kb_uc%3D0~nts%3D1~kb_ul%3Dn%2Fa~kb_ccks%3D1~ct%3Dbuffalo~bss_KTW%3DNA%2CNA~basis2%3D196~basis1%3D196~kb_tt%3D9~bh_sd%3D2023120801~dc%3D8~vl2r_b%3D10.4~tt%3D160~ulm_p%3D0.14~vw_exc%3D0.28~smm_bid%3D0.17~vis_sd%3D206~url_rps_b%3D12.82~bh_co%3D0~sobj%3D0~dc2%3D1~v_asn%3D20278~last%3D~cvog%3D5.32~vis_url_b%3D0.5~vl2r_i_sd%3D2023120811~vis_url_l%3D0~et%3D22~vl2r_i_b%3D0.04~vis_b%3D197.65~vl2r_url_vi%3D1E-16~url_tvi%3D0~vv%3D0~cvl2r_sd%3D203~rfv%3D42.07~l2r_b%3D1000~wr_b%3D8.32%2C0~smm_sd%3D2023120813~radp%3D0.000%2C0~sid%3D772828637~url_rps_kc%3D0~kb_src%3Dkbb~vwu%3D0.28~d2p_l%3D10~cvl2%3D5.32~3pcf%3D970.21~dmm_strg%3Dsmm_migration_test~d2p_b%3D0.98~rps_b%3D129.05~url_srps_b%3D12.82~rkwp%3D0.000%2C0~rkwd%3D0.000%2C0~isRef%3D0~isif%3D0~url_rpc_b%3D0~bid%3D0.17~kb_pt%3DHomepage~url_rps_rv%3D0~cbdp%3D0.170%7Esd%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D2838257118%7Esupply_tag_id%3D%7Edetected_tag_id%3D%7Eviewability%3D0.28%7Epos%3D3%7Eac_type%3D1%7Eadblk%3D2838257118%7Eamp%3D1%7Eogbid%3D0.230%7Ebflr%3D0.010%7Esuid%3DCAESEKEW2-UL7rzcnJ0Ur0GdOEg%7Edtc%3Deast_sc%7Edmm_erpm%3Dfalse%7Edmm%3Dsmm_migration_test%7Ebdpcapd%3D0%7Edalg%3Dsmm%7Esgmt%3Dlong_tail_homepage_catchall%7Esobp%3D0.08%7Exid%3DADX-pub-5819562367365101%7Ehtml%3D1%7Esmm_api%3Dv1~ibc%3D1~nsz%3D1~tgs%3D336x280~bsb%3D0~bsp%3D0~tmx%3D241&utime=1194&sf=0&cpr=0.9640371689142704

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.46.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-46-192-28.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 08 Dec 2023 22:37:45 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6EB5 1 KB
643 B 38ms
33ms Document
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 15091
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 18:26:14 GMT
etag: 48472445140208031
expires: Sat, 09 Dec 2023 18:26:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5E6C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9da98fb0f48fd57743ae5c3a3124137da78062506e5e5cf82cc2494a96ce9479

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5E6C 0
19 B 102ms
101ms Image
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cw6VPt5pzZcaHLoSgiM0P5faXiArnqcCdc92Oo_nKDMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTU4MTk1NjIzNjczNjUxMDHIAQmoAwHIAwKqBNsBT9BrdtiWzGaDIvNZ0TjMxQEfV37-BJM3VS3r8mfwdKntVO0XgN6VC6nTc1GE-1irFVk5TJ0gN-A8m06glF7K-TCSgADur1mEUZjyOncxLrb7GKt4GE_iaM9CoPu48sW6siAaGdbCSv_0SCMtHj7xFzqJF1gU5yZ-f1isKq2116SCN9fNrV4rKrteb_h-HaQyp7kZdz4sB0U-OY--lh52oDt1y8JG_oVh7grtbL4ur8iGWB6FgePuyCb0-hbdqcTkLecgsNYBBg0bPZ5CUrXVhF9Y5zh893hRAgEkgAbq69v72OPz-VugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggbCIBhEAEyAooCOgKAQEi9_cE6WNXWtdzzgIMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU4MTk1NjIzNjczNjUxMDEYAA&sigh=Yaikh6pzY0Q&uach_m=%5BUACH%5D&cid=CAQSPADICaaNGuWm0NzNuRB6nY-V9aTHeTv9fHAhZL64kVeog6pR3N8NAEK0utgGpWPnpY1loPwS-puSJHM4FBgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=2838257118&adf=3369603303&pi=t.aa~a.248616470~i.7~rp.4&w=600&fwrn=4&fwrnh=100&lmt=1702075063&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5754973339&ad_type=text_image&format=600x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rh=150&rw=600&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063633&bpp=2&bdt=781&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 08 Dec 2023 22:37:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 log
hblg.media.net/ Frame 5E6C 35 B
191 B 38ms
37ms Image
image/gif 23.46.192.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwaELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAAUjEyNDQzNzIwNTY5NjczNF8xNTE5MTIxODg5XzMzNzY5MTUzODEyOTQxQDRkYTk3ZWMzZTZiMGFmMDdjNDhjZmEwMGIxMzBlMWVizARxPQrXo3DNP_IEKGh0dHBzOi8vcmljb3doYXouY29tBFVTAOYBTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuNzEgU2FmYXJpLzUzNy4zNhhyaWNvd2hhei5jb20SOENVMVNHWjQzCA4zMzZ4MjgwCDAuMTcOZWFzdF9zYwZBRFgICG51cmwAAAAAAAAAPEDC-qK5iWMCMgAAAAAAAPC_SHJ0Yi1hcHBuZXh1cy1hcG0tNWNiZmNmNjg4NS1xcTh0bC5TQz4xNzAwMDgwODAwMTI3MDAwMzM2MDI4MDAwMDI1NjAwAhA0YWU0NDJlYwJkAg&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.46.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-46-192-28.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 08 Dec 2023 22:37:45 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 5E6C 35 B
296 B 34ms
33ms Image
image/gif 23.205.106.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=4da97ec3e6b0af07c48cfa00b130e1eb&bdp=0.2300&bidfp=0.0100&cc=US&cid=8CU1SGZ43&crid=337691538&ct=Buffalo&dc=east_sc&dn=ricowhaz.com&iwb=1&ogcbdp=0.2300&other_bids=0.08%2C0.23&other_prv=313%2C294&pbshr=100.0000&requrl=ricowhaz.com&sat=1&sc=NY&sc_pvid=294&send_erpm=false&server=6&size=336x280&strg=smm_migration_test&totalTime=979198&ugd=4&ver=9.6.4&cliIP=0&time_stamp=2023-12-08%2022%3A37%3A43&seat=BID_API&itype=adx&req_id=mDx5KlUDMGNEuNh3VDQGlw&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.71%20Safari%2F537.36&br_ver=120.0.6099.71&o_ver=NT%2010.0&second_bid=0.08&second_bidder=313&seg=long_tail_homepage_catchall&f_seg=long_tail_homepage_catchall&ogerpm=0.23&ogerpm_used=false&rawbid=0.23&totalTimeBucket=0&sub_bidder=196&ogerpm_wd_bkt=0-1&visibility=2&viewability=0.28&pvid_seat=294_BID_API&ckfl=0&mnckfl=0&sd=1&bdp_wider_bucket=1&adblk=2838257118&advurl=search.yahoo.com%2F&bdr_typ=1&clisp=rtb-appnexus-apm-5cbfcf6885-qq8tl.SC&dmm_m22=0.2300&adtyp=0&gpid_sent=false&pst=EMS&bcrid=1700080800127000336028000025600&zone=d&rc=-1&sfm_key=mowx_17_294&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-lite-fb8fd6758-vmfq4&djvm=9.5.8&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=2838257118&adf=3369603303&pi=t.aa~a.248616470~i.7~rp.4&w=600&fwrn=4&fwrnh=100&lmt=1702075063&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5754973339&ad_type=text_image&format=600x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rh=150&rw=600&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063633&bpp=2&bdt=781&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=26
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.106.147 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-106-147.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 22:37:45 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Fri, 08 Dec 2023 22:37:45 GMT

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 0A8F 51 KB
19 KB 35ms
34ms Script
text/javascript 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 18:30:06 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1AF9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C7qbot5pzZZOuL4juYLLao-gG5t7n0nT749yBkBKNv9uajQ4QASC2nM0DYMnujovApIwQoAGQ7MuXKsgBCagDAcgDywSqBN4BT9AA2UTdsUkYEyyGO-47LHGidAWAll2Ws4YT635aUA3utAR...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x10c08091f4fcb7960000000000000000%22,%222%22:%220xbbb838d85d0de9160000000000000000%22,%223%22:%220xea286c...

0
0

49ms
48ms

Fetch
text/css

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x10c08091f4fcb7960000000000000000%22,%222%22:%220xbbb838d85d0de9160000000000000000%22,%223%22:%220xea286c1bde56248f0000000000000000%22,%224%22:%220x9cf9e432497589fc0000000000000000%22,%225%22:%220xa2e43e7e2aff4c850000000000000000%22},%22debug_key%22:%2210053660147728477967%22,%22debug_reporting%22:true,%22destination%22:%22https://elisery.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211323766288%22],%2222%22:[%22true%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223315557613809295121%22}&andc=true

Requested by

Host: ricowhaz.com
URL: https://ricowhaz.com/

Protocol

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:45 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x10c08091f4fcb7960000000000000000","2":"0xbbb838d85d0de9160000000000000000","3":"0xea286c1bde56248f0000000000000000","4":"0x9cf9e432497589fc0000000000000000","5":"0xa2e43e7e2aff4c850000000000000000"},"debug_key":"10053660147728477967","debug_reporting":true,"destination":"https://elisery.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11323766288"],"22":["true"],"4":["12-08"],"6":["true"]},"priority":"500","source_event_id":"3315557613809295121"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 08 Dec 2023 22:37:45 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 08 Dec 2023 22:37:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x10c08091f4fcb7960000000000000000","2":"0xbbb838d85d0de9160000000000000000","3":"0xea286c1bde56248f0000000000000000","4":"0x9cf9e432497589fc0000000000000000","5":"0xa2e43e7e2aff4c850000000000000000"},"debug_key":"10053660147728477967","debug_reporting":true,"destination":"https://elisery.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11323766288"],"22":["true"],"4":["12-08"],"6":["true"]},"priority":"500","source_event_id":"3315557613809295121"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 145ms
54ms Preflight
text/html 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 08 Dec 2023 22:37:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8328
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESENR5W3mlWFXrNVhuW_a-jbE&google_cver=1&google_push=AXcoOmTxsxKI5-cFjYc2TWCOyB-Yq-JAUPj1I5ODeqTbtg75lgfhiD98bsUxhLkXkYz6Se6aS4pQZ4xuaJHHXn4Lcd...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTBhM2ExMWEtMTA4My00ZGYwLThjNDItNjdmN2MxNzU5MmI5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e0a3a11a-1083-4df0-8c42-67f7c17592b9

170 B
188 B

51ms
50ms

Image
image/png

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTBhM2ExMWEtMTA4My00ZGYwLThjNDItNjdmN2MxNzU5MmI5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e0a3a11a-1083-4df0-8c42-67f7c17592b9

Requested by

Protocol

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTBhM2ExMWEtMTA4My00ZGYwLThjNDItNjdmN2MxNzU5MmI5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e0a3a11a-1083-4df0-8c42-67f7c17592b9
date: Fri, 08 Dec 2023 22:37:45 GMT
server: Kestrel
content-length: 423

GET
H2 200 google
d5p.de17a.com/cookies/ Frame 8328 35 B
125 B 526ms
116ms Image
image/gif 213.155.156.164
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d5p.de17a.com/cookies/google?google_gid=CAESEOdlaNWJVSjwtIbGHlPGW0w&google_cver=1&google_push=AXcoOmRV1WplrXKzBgThzW-ZOmTIaNuIu4wJ0j00vql7KL3nlTyLtDP0FmVQmeJrUFNuBlUH1X2mk--UTe1dd90tXxTnsm22jKyjPg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=2341355190&adf=4244749459&pi=t.aa~a.1085383348~i.3~rp.4&w=600&fwrn=4&fwrnh=100&lmt=1702075063&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5754973339&ad_type=text_image&format=600x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rh=150&rw=600&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063633&bpp=1&bdt=782&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C600x280%2C600x280&nras=5&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=4292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=58
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.164 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
content-length: 35
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 8328 43 B
362 B 47ms
33ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTn342HG3V1SUk5hochgeYXxf-sNQVwabTYGUkX9UyMpJhatgQoivpNS0Zk84l_h7jcO9i9VKRinKj02HGyr0O7BVsvYsdRgp8&google_gid=CAESECifrzD6R3biwLTvIZcxn4I&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 409401
expires: Fri, 08 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8328
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOIH6JVmqMQVojmt_H8Kjxs&google_cver=1&google_push=AXcoOmT3rfT-DcomSNzAd2wosGSO3ACMuY26j3yyjmIdgo6KkVqiYKYbsphorgJyp_p3bYIEmAvzvafR...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOIH6JVmqMQVojmt_H8Kjxs&google_cver=1&google_push=AXcoOmT3rfT-DcomSNzAd2wosGSO3ACMuY26j3yyjmIdgo6KkVqiYKYbsphorgJyp_p3bYIEmAv...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAyMTgwMzI4NDE2MTgzNjA2OA&google_push=AXcoOmT3rfT-DcomSNzAd2wosGSO3ACMuY26j3yyjmIdgo6KkVqiYKYbsphorgJyp_p3bYIEmAvzva...

170 B
188 B

54ms
52ms

Image
image/png

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAyMTgwMzI4NDE2MTgzNjA2OA&google_push=AXcoOmT3rfT-DcomSNzAd2wosGSO3ACMuY26j3yyjmIdgo6KkVqiYKYbsphorgJyp_p3bYIEmAvzvafRq2_4MC68Azh-TKTPZFj8ug

Requested by

Protocol

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAyMTgwMzI4NDE2MTgzNjA2OA&google_push=AXcoOmT3rfT-DcomSNzAd2wosGSO3ACMuY26j3yyjmIdgo6KkVqiYKYbsphorgJyp_p3bYIEmAvzvafRq2_4MC68Azh-TKTPZFj8ug
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8328
Redirect Chain

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEI8ewSCyNZ9pImjzUMwiHAY&google_cver=1&google_push=AXcoOmRIUFN_5URiwR8d7O3jMHv1IfqaLsXXFreXr-W4a6_VA1Z_ZK0aiLqmapnYgApLF51CxXaOLSlZw6Q4WO-pw1...
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTMyNjc3MjU1MDkxMjAxNTc0NTQ&google_push=AXcoOmRIUFN_5URiwR8d7O3jMHv1IfqaLsXXFreXr-W4a6_VA1Z_ZK0aiLqmapnYgApLF51CxXaOLSlZw6Q4WO-pw1Q8...

170 B
188 B

45ms
44ms

Image
image/png

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTMyNjc3MjU1MDkxMjAxNTc0NTQ&google_push=AXcoOmRIUFN_5URiwR8d7O3jMHv1IfqaLsXXFreXr-W4a6_VA1Z_ZK0aiLqmapnYgApLF51CxXaOLSlZw6Q4WO-pw1Q8kx6qZM7NkiI

Requested by

Protocol

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTMyNjc3MjU1MDkxMjAxNTc0NTQ&google_push=AXcoOmRIUFN_5URiwR8d7O3jMHv1IfqaLsXXFreXr-W4a6_VA1Z_ZK0aiLqmapnYgApLF51CxXaOLSlZw6Q4WO-pw1Q8kx6qZM7NkiI
Date: Fri, 08 Dec 2023 22:37:45 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8328
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmTZpWfx_or6Q0NzTxZLCXc1-s_MoN0yTlL83O2kmobdslwgdhDj5DeDgmVIFQ2JptJjGiBMtgUGX7d_PoRHE3bjA5FB2O_qi7U&google_gid=CAESEPVyrOZs4M...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPVyrOZs4Mmt_zzIDpq-ZbQ&google_hm=T1BVMmRjODFjOTQ5ZTA1NGQxYWE4YTcyNGQ2YTQ5OTA5NDc&google_nid=opera_norway_as&google_push=AXcoOmTZpWfx...

170 B
188 B

45ms
45ms

Image
image/png

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPVyrOZs4Mmt_zzIDpq-ZbQ&google_hm=T1BVMmRjODFjOTQ5ZTA1NGQxYWE4YTcyNGQ2YTQ5OTA5NDc&google_nid=opera_norway_as&google_push=AXcoOmTZpWfx_or6Q0NzTxZLCXc1-s_MoN0yTlL83O2kmobdslwgdhDj5DeDgmVIFQ2JptJjGiBMtgUGX7d_PoRHE3bjA5FB2O_qi7U

Protocol

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPVyrOZs4Mmt_zzIDpq-ZbQ&google_hm=T1BVMmRjODFjOTQ5ZTA1NGQxYWE4YTcyNGQ2YTQ5OTA5NDc&google_nid=opera_norway_as&google_push=AXcoOmTZpWfx_or6Q0NzTxZLCXc1-s_MoN0yTlL83O2kmobdslwgdhDj5DeDgmVIFQ2JptJjGiBMtgUGX7d_PoRHE3bjA5FB2O_qi7U
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 327
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8328
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEE7wD27_tlitN9Bla3CG2vU&google_cver=1&google_push=AXcoOmRtsX0dtsjlSlYxqgD04WRGPFuXpl99tVqzAorQpIxKXXI8i_aN7abtJom3REy8ccUEsxFBG-SwuW5XXdlUfpGk49TCf...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRtsX0dtsjlSlYxqgD04WRGPFuXpl99tVqzAorQpIxKXXI8i_aN7abtJom3REy8ccUEsxFBG-SwuW5XXdlUfpGk49TCfTHLcKA&google_hm=81fa84b74db...

170 B
188 B

51ms
51ms

Image
image/png

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRtsX0dtsjlSlYxqgD04WRGPFuXpl99tVqzAorQpIxKXXI8i_aN7abtJom3REy8ccUEsxFBG-SwuW5XXdlUfpGk49TCfTHLcKA&google_hm=81fa84b74db46ff3131pi800lpx7jpga

Requested by

Protocol

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRtsX0dtsjlSlYxqgD04WRGPFuXpl99tVqzAorQpIxKXXI8i_aN7abtJom3REy8ccUEsxFBG-SwuW5XXdlUfpGk49TCfTHLcKA&google_hm=81fa84b74db46ff3131pi800lpx7jpga
date: Fri, 08 Dec 2023 22:37:45 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
content-type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8328 0
12 B 54ms
47ms Image
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LsbptVpCAVxRS2Z0VsSaSv-W03WdRTgi6nJBXAu5YrDAnNS7-uetNSJ0mmFKorkZWrYTLea-c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame FF84 51 KB
19 KB 41ms
37ms Script
text/javascript 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 18:30:06 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EB5
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGof0sRFs7oS1nypgmOm5gs&google_cver=1&google_push=AXcoOmSmqxdhphDNElvi51Xrep2SfRYVsDEczzJ2E6vT7mR8yKscBbQgjV...
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmSmqxdhphDNElvi51Xrep2SfRYVsDEczzJ2E6vT7mR8yKscBbQgjVf1U4005bGP_HPZDTZWhcptJw3yKuGxx3-Anr5yh4qlGMQ&google_hm=kGN...

170 B
188 B

51ms
49ms

Image
image/png

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmSmqxdhphDNElvi51Xrep2SfRYVsDEczzJ2E6vT7mR8yKscBbQgjVf1U4005bGP_HPZDTZWhcptJw3yKuGxx3-Anr5yh4qlGMQ&google_hm=kGNtGFk9OK0jr43okoU3gg

Requested by

Protocol

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmSmqxdhphDNElvi51Xrep2SfRYVsDEczzJ2E6vT7mR8yKscBbQgjVf1U4005bGP_HPZDTZWhcptJw3yKuGxx3-Anr5yh4qlGMQ&google_hm=kGNtGFk9OK0jr43okoU3gg
pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EB5
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESELBw33E6sd_00qV2yXNDq4E&google_cver=1&google_push=AXcoOmQLbsMznJWJQCt2y62-thlVRBAVKIi1moRTriIkUx_doxIPxcwLOXwhH0yyMnsRlumH5V1y0qQfYHK2huhlmVBqzrCBf...
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=862177273610&us_privacy=1---

170 B
188 B

43ms
42ms

Image
image/png

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=862177273610&us_privacy=1---

Requested by

Protocol

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=862177273610&us_privacy=1---
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EB5
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmTdLo7P...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmTdLo7P...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMDgyMjM3NDUwMDAxNDgwNTg1NTMyMw%3D%3D&google_push=AXcoOmTdLo7PP2I7qKwd3m869v0wjX_xvuQ7NRDPmsCKo9q5KFN-c421RcuqdyoHVw6gTl...

170 B
188 B

53ms
50ms

Image
image/png

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMDgyMjM3NDUwMDAxNDgwNTg1NTMyMw%3D%3D&google_push=AXcoOmTdLo7PP2I7qKwd3m869v0wjX_xvuQ7NRDPmsCKo9q5KFN-c421RcuqdyoHVw6gTlBGXJksoDvfPMI99VmCF5YW0wTEH9HIF40

Protocol

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMDgyMjM3NDUwMDAxNDgwNTg1NTMyMw%3D%3D&google_push=AXcoOmTdLo7PP2I7qKwd3m869v0wjX_xvuQ7NRDPmsCKo9q5KFN-c421RcuqdyoHVw6gTlBGXJksoDvfPMI99VmCF5YW0wTEH9HIF40
pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Fri, 08 Dec 2023 22:37:45 GMT

GET
H2 200 google
d5p.de17a.com/cookies/ Frame 6EB5 35 B
125 B 499ms
115ms Image
image/gif 213.155.156.164
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d5p.de17a.com/cookies/google?google_gid=CAESEIc-m6w2Z2Dt9EazoXRkPb4&google_cver=1&google_push=AXcoOmTH_qPT2QaE7LDElKm96D0CZUETcxU1RzbEaDUOlk-4pDkbiEOlisKq9rMVfakgl7SlPiuKY99_bhxXFQ2aMnFU2lSs0GCUFCY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=2838257118&adf=3369603303&pi=t.aa~a.248616470~i.7~rp.4&w=600&fwrn=4&fwrnh=100&lmt=1702075063&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5754973339&ad_type=text_image&format=600x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rh=150&rw=600&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063633&bpp=2&bdt=781&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.164 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
content-length: 35
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EB5
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC5KkOGeg1P8WCxUNYZJhnM&google_cver=1&google_push=AXcoOmQ8ui25rIU18soYZaKbQlE3tMdVn63ZMTCz_ZXLCPqGk2YpkwR2ffa2X5UUR44PZAxPYisJzmck...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEC5KkOGeg1P8WCxUNYZJhnM&google_cver=1&google_push=AXcoOmQ8ui25rIU18soYZaKbQlE3tMdVn63ZMTCz_ZXLCPqGk2YpkwR2ffa2X5UUR44PZAxPYis...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc3NTQ4MTAyNDM1OTk3MDYzMg&google_push=AXcoOmQ8ui25rIU18soYZaKbQlE3tMdVn63ZMTCz_ZXLCPqGk2YpkwR2ffa2X5UUR44PZAxPYisJzm...

170 B
188 B

54ms
52ms

Image
image/png

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc3NTQ4MTAyNDM1OTk3MDYzMg&google_push=AXcoOmQ8ui25rIU18soYZaKbQlE3tMdVn63ZMTCz_ZXLCPqGk2YpkwR2ffa2X5UUR44PZAxPYisJzmckIJ4qD43RK1nn5U2jxezSiw

Requested by

Protocol

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc3NTQ4MTAyNDM1OTk3MDYzMg&google_push=AXcoOmQ8ui25rIU18soYZaKbQlE3tMdVn63ZMTCz_ZXLCPqGk2YpkwR2ffa2X5UUR44PZAxPYisJzmckIJ4qD43RK1nn5U2jxezSiw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 trk
ag.innovid.com/ Frame 6EB5 43 B
297 B 422ms
31ms Image
image/gif 2600:1f18:445b:900:40c9:bc07:67b9:741c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEJ-ztkyMy_BA5AFT93NuYWs&google_cver=1&google_push=AXcoOmQy-_vPH8xFIQbzlEBEedsutxYTBoKN6IxvONHx8U4_A8y1RYpgQElTvNgzWqBxT03G9tB2ghOwVguPGdZ5uz8ets3HEGo44eI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5819562367365101&output=html&h=280&adk=2838257118&adf=3369603303&pi=t.aa~a.248616470~i.7~rp.4&w=600&fwrn=4&fwrnh=100&lmt=1702075063&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5754973339&ad_type=text_image&format=600x280&url=https%3A%2F%2Fricowhaz.com%2F&ea=0&fwr=0&pra=3&rh=150&rw=600&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702075063633&bpp=2&bdt=781&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=2605771768445&frm=20&pv=1&ga_vid=33117838.1702075063&ga_sid=1702075063&ga_hid=1107412418&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=444&ady=2241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079864%2C31079921%2C31079931%2C31079980%2C44809003%2C95320885&oid=2&pvsid=4099227977859145&tmod=2007707277&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:445b:900:40c9:bc07:67b9:741c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET google
sync-dmp.aura-dsp.com/match/ Frame 6EB5 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6EB5 0
12 B 43ms
41ms Image
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KMDTeVmJVsNGh--OKILt4pWcu6DVX6chXgAopE72DvUTUdu06BBxMhD1ZSZtWnktsjCg9vcA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

cksync
cs.media.net/ Frame 3843
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ1MDc2NjY1NjYzNDc2NTAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEFENaBjLdw-PfzPHycGTYJE&google_cver=1

53 B
445 B

153ms
128ms

Image
image/gif

23.46.192.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEFENaBjLdw-PfzPHycGTYJE&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1SGZ43&prvid=462%2C99%2C77%2C20000%2C313%2C319%2C294%2C460&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.46.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-46-192-28.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Fri, 08 Dec 2023 22:37:45 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEFENaBjLdw-PfzPHycGTYJE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B9F4 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B9F4 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B9F4 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 montserrat-semibold.woff
contextual.media.net/__media__/fonts/montserrat-semibold/ Frame B9F4 24 KB
24 KB 110ms
109ms Font
font/woff 23.50.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/__media__/fonts/montserrat-semibold/montserrat-semibold.woff

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2792&&kkdd=*9%7Ch%7C3un*H9A&J1=QyiCiyXi_YCCiQCyXQX&!acP=i&tOc6=i&WaJ=QQC*&4OWF=vhYQ&W1a=-KRXLrQUo&WcWa=(hF*qV89GQewRs!9Sja(1Z%3D%3D&WP1a=yyC-C-_hy&O1GF=hh_9C-i&WW=R7&OW=Ev&W(wt=OttTt1!P6415wT4FO4&c1a=-UurY8C-n&4c1a=eQeXedu&(44cO=Q&PPP=4GLx(vWkxvTVriryjCZta07ehUJCsZ!4&wOF=X&kZ=Q&0!a=Y&6a4Q=-KRQ7nDYh&6a4C=hhy_*QXh-&qa646=OaC%3Dw0kkl10PkTk%3DQil5!FPct%3Di~C_la5tTq%3Di~y_lOWa%3DwVlP6F%3Di%2Cila5tTk%3DCilJkCPTOa%3DCiChQCi-QQl10PkTq%3D*X*~Yyl0PkT4BW%3Dil0PkTPC6Tq%3DilO4a%3DChYQhXXQ*iltwTqF(Tq55O4%3Di~*QlP64%3Di~iii%2Cil1c%3DQ*rYeU6qcKB.1QJKEqRXGCljqq%3DQYlq(T1t%3DYhlP11c06%3D*Q%2C*QlPW%3DQlP1O01a%3Di%2CilPcOTOa%3DCiChQCi-QylP6aJ%3Di~iii%2Cil0PkTq%3DQ~iQlJkCPT0PkTq%3DilOttTZP%3D_~*i-Cl0PkTk%3DQilOkJ%3DQ-~Xyl!W64%3DxQlqq%3DQ*_lOttTt0k%3Di~_YlFPct%3Di~C_lJkCPT0PkTBW%3DipilcO1TW%3Dy%2C_%2Ci%2Ci%2Ci%2Ci%2Ci%2CQlqt%3DQlcO1Ta%3DQ_QlPBF%3Di%2Cil6hcTq%3DQi~Y%2CQC*~iXlOa%3DQl01a%3DCE6n1Us7OEH.ohVUiklWJkCPTq%3DX~hClq4a%3DCCh*-Qhh_iy_hY_X*Yiyh_i*hhCQyX-CQ-QQh_QQC*-iQ-C*_*Qiyy-_*yChY_-ChhhYhXyYC*yYh--hYiiiyy-CYhi-Q_CQ**X*C*_l01t%3DilPB4%3Di~iii%2Cil5!aCcTq%3Di~*-lOO%3D8blWW%3DR7lBqTak%3DFwl01Z%3DxQlWF%3DilPWJ%3DYC~iylKE%3DhiXYlBqT0W%3Dilw4O%3DQlBqT0k%3Dw%2F6lBqTWWBO%3DQlW4%3Dq0jj6k5lqOOTHeg%3D8b%2C8blq6O1OC%3DQ*_lq6O1OQ%3DQ*_lBqT44%3D*lq(TOa%3DCiChQCi-iQlaW%3D-lJkCPTq%3DQi~Yl44%3DQ_il0ktTc%3Di~QYlJZTF9W%3Di~CYlOttTq1a%3Di~QylJ1OTOa%3DCi_l0PkTPcOTq%3DQC~-Clq(TW5%3DilO5q.%3DilaWC%3DQlJT6Ow%3DCiCy-lk6O4%3DlWJ5!%3DX~hClJ1OT0PkTq%3Di~XlJkCPT1TOa%3DCiChQCi-QQlJ1OT0PkTk%3DilF4%3DCylJkCPT1Tq%3Di~iYlJ1OTq%3DQ*h~*_lJkCPT0PkTJ1%3DQpxQ_l0PkT4J1%3DilJJ%3DilWJkCPTOa%3DCihlPjJ%3DYC~iylkCPTq%3DQiiilOttTOa%3DCiChQCi-QhlP6ac%3Di~iii%2CilO1a%3DyyC-C-_hyl0PkTPcOTBW%3DilBqTOPW%3DBqqlJZ0%3Di~CYlaCcTk%3DQilWJkC%3DX~hClhcWj%3D***~_QlattTO4P!%3DOttTt1!P6415wT4FO4laCcTq%3DQlPcOTq%3DQC*~iXl0PkTOPcOTq%3DQC~-ClPBZc%3Di~iii%2CilPBZa%3Di~iii%2Cil1OLFj%3Dil1O1j%3Dil0PkTPcWTq%3Dilq1a%3Di~QylBqTc4%3DA5tFc6!Fl0PkTPcOTPJ%3DilWqac%3Di~QyilOa%3DQl14VcFT1a%3DQylOFkkFPT46!T1a%3DChYQhXXQ*ilO0cckVT46!T1a%3DlaF4FW4FaT46!T1a%3DlJ1FZ6q1k14V%3Di~CYlc5O%3Dhl6WT4VcF%3DQl6aqkB%3DChYQhXXQ*il6tc%3DQl5!q1a%3Di~C_ilqjkP%3Di~iQilO01a%3DKbp7puTNi5CFP2WB9WsUHy4pe63la4W%3DF6O4TOWlattTFPct%3Dj6kOFlatt%3DOttTt1!P6415wT4FO4lqacW6ca%3Dila6k!%3DOttlO!t4%3Dk5w!T461kT(5tFc6!FTW64W(6kklO5qc%3Di~i-l91a%3Db)Sxc0qxX-Q*X_Ch_yh_XQiQl(4tk%3DQlOttT6c1%3DJQl1qW%3DQlwOG%3DQl4!O%3Dhh_9C-ilqOq%3DilqOc%3Dil4t9%3DCXi&w4J=i&ttt=0S5O8jE)2pB%3D&1Z=hh_&1wEjP=Q&qaPEa=C*Y&q1a=hhy**-&tWj=**Ci&VaOcP=Q&q6F=f9F!F9GFY%2Flf9F!F9GYY%2FlYFF&B64cPF=Q&B64q1a=xQiC&Vckc=Q&1O1a=C&OOtWPTJFP=X&c!1a=ciCiCy**XCQ_4CiChQCi-CChy&OOka=%7B%22OO1c%22%3A%22C_iC%3AjjW-%3AiiiC%3Aiiii%3Aiiii%3Aiiii%3Aiiii%3Aiiii%22%2C%22OOWW%22%3A%22R7%22%2C%22OOOW%22%3A%2283%22%2C%22OOW4V%22%3A%22q0jj6k5%22%7D&(4tkOPW=Q&sflct=4952349&ure=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.124.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-50-124-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

541c1dec9560ca0b3650854c7111c8a34f1deeacefa81cdf6619024916928661

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2792&&kkdd=*9%7Ch%7C3un*H9A&J1=QyiCiyXi_YCCiQCyXQX&!acP=i&tOc6=i&WaJ=QQC*&4OWF=vhYQ&W1a=-KRXLrQUo&WcWa=(hF*qV89GQewRs!9Sja(1Z%3D%3D&WP1a=yyC-C-_hy&O1GF=hh_9C-i&WW=R7&OW=Ev&W(wt=OttTt1!P6415wT4FO4&c1a=-UurY8C-n&4c1a=eQeXedu&(44cO=Q&PPP=4GLx(vWkxvTVriryjCZta07ehUJCsZ!4&wOF=X&kZ=Q&0!a=Y&6a4Q=-KRQ7nDYh&6a4C=hhy_*QXh-&qa646=OaC%3Dw0kkl10PkTk%3DQil5!FPct%3Di~C_la5tTq%3Di~y_lOWa%3DwVlP6F%3Di%2Cila5tTk%3DCilJkCPTOa%3DCiChQCi-QQl10PkTq%3D*X*~Yyl0PkT4BW%3Dil0PkTPC6Tq%3DilO4a%3DChYQhXXQ*iltwTqF(Tq55O4%3Di~*QlP64%3Di~iii%2Cil1c%3DQ*rYeU6qcKB.1QJKEqRXGCljqq%3DQYlq(T1t%3DYhlP11c06%3D*Q%2C*QlPW%3DQlP1O01a%3Di%2CilPcOTOa%3DCiChQCi-QylP6aJ%3Di~iii%2Cil0PkTq%3DQ~iQlJkCPT0PkTq%3DilOttTZP%3D_~*i-Cl0PkTk%3DQilOkJ%3DQ-~Xyl!W64%3DxQlqq%3DQ*_lOttTt0k%3Di~_YlFPct%3Di~C_lJkCPT0PkTBW%3DipilcO1TW%3Dy%2C_%2Ci%2Ci%2Ci%2Ci%2Ci%2CQlqt%3DQlcO1Ta%3DQ_QlPBF%3Di%2Cil6hcTq%3DQi~Y%2CQC*~iXlOa%3DQl01a%3DCE6n1Us7OEH.ohVUiklWJkCPTq%3DX~hClq4a%3DCCh*-Qhh_iy_hY_X*Yiyh_i*hhCQyX-CQ-QQh_QQC*-iQ-C*_*Qiyy-_*yChY_-ChhhYhXyYC*yYh--hYiiiyy-CYhi-Q_CQ**X*C*_l01t%3DilPB4%3Di~iii%2Cil5!aCcTq%3Di~*-lOO%3D8blWW%3DR7lBqTak%3DFwl01Z%3DxQlWF%3DilPWJ%3DYC~iylKE%3DhiXYlBqT0W%3Dilw4O%3DQlBqT0k%3Dw%2F6lBqTWWBO%3DQlW4%3Dq0jj6k5lqOOTHeg%3D8b%2C8blq6O1OC%3DQ*_lq6O1OQ%3DQ*_lBqT44%3D*lq(TOa%3DCiChQCi-iQlaW%3D-lJkCPTq%3DQi~Yl44%3DQ_il0ktTc%3Di~QYlJZTF9W%3Di~CYlOttTq1a%3Di~QylJ1OTOa%3DCi_l0PkTPcOTq%3DQC~-Clq(TW5%3DilO5q.%3DilaWC%3DQlJT6Ow%3DCiCy-lk6O4%3DlWJ5!%3DX~hClJ1OT0PkTq%3Di~XlJkCPT1TOa%3DCiChQCi-QQlJ1OT0PkTk%3DilF4%3DCylJkCPT1Tq%3Di~iYlJ1OTq%3DQ*h~*_lJkCPT0PkTJ1%3DQpxQ_l0PkT4J1%3DilJJ%3DilWJkCPTOa%3DCihlPjJ%3DYC~iylkCPTq%3DQiiilOttTOa%3DCiChQCi-QhlP6ac%3Di~iii%2CilO1a%3DyyC-C-_hyl0PkTPcOTBW%3DilBqTOPW%3DBqqlJZ0%3Di~CYlaCcTk%3DQilWJkC%3DX~hClhcWj%3D***~_QlattTO4P!%3DOttTt1!P6415wT4FO4laCcTq%3DQlPcOTq%3DQC*~iXl0PkTOPcOTq%3DQC~-ClPBZc%3Di~iii%2CilPBZa%3Di~iii%2Cil1OLFj%3Dil1O1j%3Dil0PkTPcWTq%3Dilq1a%3Di~QylBqTc4%3DA5tFc6!Fl0PkTPcOTPJ%3DilWqac%3Di~QyilOa%3DQl14VcFT1a%3DQylOFkkFPT46!T1a%3DChYQhXXQ*ilO0cckVT46!T1a%3DlaF4FW4FaT46!T1a%3DlJ1FZ6q1k14V%3Di~CYlc5O%3Dhl6WT4VcF%3DQl6aqkB%3DChYQhXXQ*il6tc%3DQl5!q1a%3Di~C_ilqjkP%3Di~iQilO01a%3DKbp7puTNi5CFP2WB9WsUHy4pe63la4W%3DF6O4TOWlattTFPct%3Dj6kOFlatt%3DOttTt1!P6415wT4FO4lqacW6ca%3Dila6k!%3DOttlO!t4%3Dk5w!T461kT(5tFc6!FTW64W(6kklO5qc%3Di~i-l91a%3Db)Sxc0qxX-Q*X_Ch_yh_XQiQl(4tk%3DQlOttT6c1%3DJQl1qW%3DQlwOG%3DQl4!O%3Dhh_9C-ilqOq%3DilqOc%3Dil4t9%3DCXi&w4J=i&ttt=0S5O8jE)2pB%3D&1Z=hh_&1wEjP=Q&qaPEa=C*Y&q1a=hhy**-&tWj=**Ci&VaOcP=Q&q6F=f9F!F9GFY%2Flf9F!F9GYY%2FlYFF&B64cPF=Q&B64q1a=xQiC&Vckc=Q&1O1a=C&OOtWPTJFP=X&c!1a=ciCiCy**XCQ_4CiChQCi-CChy&OOka=%7B%22OO1c%22%3A%22C_iC%3AjjW-%3AiiiC%3Aiiii%3Aiiii%3Aiiii%3Aiiii%3Aiiii%22%2C%22OOWW%22%3A%22R7%22%2C%22OOOW%22%3A%2283%22%2C%22OOW4V%22%3A%22q0jj6k5%22%7D&(4tkOPW=Q&sflct=4952349&ure=1
Origin: https://contextual.media.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:45 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 24784
expires: Sat, 09 Dec 2023 22:37:45 GMT

GET
H2

200

cksync
cs.media.net/ Frame 7B99
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ1MDc2NjY1NjYzNDc0OTAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEFENaBjLdw-PfzPHycGTYJE&google_cver=1

53 B
445 B

60ms
57ms

Image
image/gif

23.46.192.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEFENaBjLdw-PfzPHycGTYJE&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1SGZ43&prvid=462%2C99%2C77%2C20000%2C313%2C319%2C294%2C460&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.46.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-46-192-28.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Fri, 08 Dec 2023 22:37:45 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEFENaBjLdw-PfzPHycGTYJE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 48ms
47ms Preflight
text/html 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 08 Dec 2023 22:37:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK bql.php Show response
lg3.media.net/ Frame B9F4 15 B
348 B 63ms
62ms Script
text/javascript 184.31.48.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=6309&&vgd_canary=0&vgd_l2type=scs_newfl&fp=5GuHcod1nvSL0TtsW1QD3oukQBkOD_us9vHRMCKMxuxWsBiIXDBQUbbYU-D6t_1ErpLRwRbNZQMkJwFRdgkFue5MpTFtM5Ho8aAAmaa4eNLhDaGHt3a_iRIgRp10XPpEx77T28I72uREkvb-SlmxzA%3D%3D&cme=auiS1wLCKAuj493VmS39e8xeQ1ApGQS3iuofq7eI7Y-99BRBkIrKYr9tNdBuFTLWAM-e_Tx3Afrj_A-0TbvuNIJuq29e4afKeo2-BxTOsKMpwb4_RqSZ_CHt62kYTLrGqPN7cWDC3u0YtwLwidsHD_ZA-wq0pH7dnyFCxTMDDYacjVeXw-GvA66FZwnZKts_EaDvmwGSsYDu-oIunZzCJTi66xGHKDZqmSS5aR4dfVVk1A2eT9w_6w%3D%3D%7C%7Cu8A6SM53vAeV5r4ww6ldE8TMDOtCsF6e%7Cqk5jDP-Bqht8AUEIoCxyGGxeRRMQBwSB%7CWGV0YFlErcpuo3Pma1EBA706uXx3IZ3_s1njI9zvr5U%3D%7Ca0AmFUYXmD46uF8UR0TFEOHcvEtvyyIN3EBR9U-PQpk%3D%7Cb8KlCmE6kTENKxSBIehsQLbXBNKeHPZV%7C3zJq21AX4d7reeBgvQcV8jEEfR_IJnDUWP--Un0EddghJ_8fQ7OopMe6alfh0k_DgApQ8_m6Xz40_awKRf-pw3ZHj2PJKoXN_X2X8d83LBClpwY-wt2BIX9od2faDdkNqCy4pE7ma_9DMvMfzjMuvsDiFxikBT9tqlSvb78gtrmZaAFgBKaPoe0f8FTe0Eie06xX4G3QaYhJCC9z4ZB9nFRDJg_iouQt-w-3FC3jC-7z_2kdrFVIUAdbT1lCaiwsynQep-xWyMoj65Gcw-BVCRAy1_1wC-E9%7C&subBdr=196&bdrid=294&ksu=355&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=5+Best+Medicare+Supplement+Plans&kwt[]=391&kbc[]=1262905965&kwp[]=1&kid[]=350503938&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0002%7C8%3D120808%7C13%3D0.4014%7C14%3D120817%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.322%7C74%3D2.12%7C53%3D18.25%7C60%3D2.80%7C12%3D14.74%7C80%3D5.02%7C1%3D5.02%7C2%3D19.59&ktd[]=4503874522251520&kwd[]=Personal+Loans+Without+Credit+Check&kwt[]=391&kbc[]=1262905965&kwp[]=2&kid[]=325348481&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D120808%7C13%3D0.2287%7C14%3D120817%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.322%7C74%3D2.12%7C53%3D4.03%7C60%3D1.54%7C12%3D1.37%7C80%3D1.07%7C1%3D1.07%7C2%3D5.48&ktd[]=4503874522251520&kwd[]=No.1+Stock+to+Buy+Now&kwt[]=391&kbc[]=1262905965&kwp[]=3&kid[]=324947967&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D120808%7C13%3D0.1885%7C14%3D120817%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.322%7C74%3D2.12%7C53%3D0.24%7C60%3D0.94%7C12%3D4.38%7C80%3D3.63%7C1%3D3.63%7C2%3D7.08&ktd[]=4503874522251520&kwd[]=Download+Windows+Explorer&kwt[]=265&kbc[]=44217&kwp[]=4&kid[]=8853636&kbc2[]=tnid%3D18890%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0012%7C8%3D120808%7C13%3D0.1019%7C14%3D120817%7Cokt%3D265%7Cbdkt%3D265%7Cps%3D0.765%7C74%3D2.12%7C53%3D0.97%7C60%3D0.43%7C12%3D1.11%7C80%3D0.59%7C1%3D1.01%7C2%3D2.27&ktd[]=288232300314034432&kwd[]=Free+Dental+Implants+for+Seniors&kwt[]=391&kbc[]=1262905965&kwp[]=5&kid[]=329795848&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0004%7C8%3D120808%7C13%3D0.1699%7C14%3D120817%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.322%7C74%3D2.12%7C53%3D0.52%7C60%3D0.65%7C12%3D2.18%7C80%3D3.70%7C1%3D3.70%7C2%3D18.43&ktd[]=4503874522251520&v=1&geo=43.12%7C-77.56&dlper=20&lper=100&lpid=&tsid=7&hint=&cc=US&wsip=170774702&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%22Gxkk1jm%22%2C%22QQ8E%22%3A%22fF9f%3AkkNW%3A999f%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQQN%22%3A%22I3%22%7D&cid=8CU5RJ1PV&vi=1702075064220127515&vsid=3450766656634716&tdAdd[]=asnum%3D20278&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=1000&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=1&vgd_tsce=L341-S341&vgd_l3_sc=IL&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CU1SGZ43&vgd_hb_audit_2=337691538&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=3000c82a&vgd_nrrsf=scrr&vgd_cty=rochester&vgd_ifrmode=14&sttm=1702075064944&upk=1702075065.11587&hvsid=00001702075064944016112663474549&verid=3111299&sbdrId=196&tsrc=entity&kafm_ull_cache=00&vgd_l1rakh=1702075064154478247&vgd_ecrid=1700080800127000336028000025600&vgd_isiolc=1&kbbq=%26asn%3D20278&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=9920&vgd_vstrid=3450766656634716&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.fF~OmYMGv9.hF~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fAuf9Wuu~8xLjMGviXi.Hh~xLjM7UNv9~xLjMLf1MGv9~Q7OvfAHuAXXui9~YzMGJwMGmmQ7v9.iu~L17v9.999%2C9~8Evui6H_01GE%3DUd8ue%3DVGPXlf~kGGvuH~GwM8YvHA~L88Ex1viu%2Ciu~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fAuf9Wuh~L1Oev9.999%2C9~xLjMGvu.9u~ejfLMxLjMGv9~QYYMBLvF.i9Wf~xLjMjvu9~QjevuW.Xh~yN17vou~GGvuiF~QYYMYxjv9.FH~JLEYv9.fF~ejfLMxLjMUNv949~EQ8MNvh%2CF%2C9%2C9%2C9%2C9%2C9%2Cu~GYvu~EQ8MOvuFu~LUJv9%2C9~1AEMGvu9.H%2Cufi.9X~QOvu~x8OvfV1Z80gbQVCd%2FA509j~NejfLMGvX.Af~G7OvffAiWuAAF9hFAHFXiH9hAF9iAAfuhXWfuWuuAFuufiW9uWfiFiu9hhWFihfAHFWfAAAHAXhHfihHAWWAH999hhWfHA9WuFfuiiXifiF~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~UGMOjvJz~x8Bvou~NJv9~LNevHf.9h~%3DVvA9XH~UGMxNv9~z7Qvu~UGMxjvzS1~UGMNNUQvu~N7vGxkk1jm~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~UGM77vi~GwMQOvf9fAuf9W9u~ONvW~ejfLMGvu9.H~77vuF9~xjYMEv9.uH~eBMJ-Nv9.fH~QYYMG8Ov9.uh~e8QMQOvf9F~xLjMLEQMGvuf.Wf~GwMNmv9~QmGdv9~ONfvu~eM1Qzvf9fhW~j1Q7v~NemyvX.Af~e8QMxLjMGv9.X~ejfLM8MQOvf9fAuf9Wuu~e8QMxLjMjv9~J7vfh~ejfLM8MGv9.9H~e8QMGvuiA.iF~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvf9A~LkevHf.9h~jfLMGvu999~QYYMQOvf9fAuf9WuA~L1OEv9.999%2C9~Q8OvhhfWfWFAh~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.fH~OfEMjvu9~NejfvX.Af~AENkviii.Fu~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGvu~LEQMGvufi.9X~xLjMQLEQMGvuf.Wf~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.uh~UGME7vqmYJE1yJ~xLjMLEQMLev9~NGOEv9.uh9~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvfAHuAXXui9~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.fH~EmQvA~1NM75EJvu~1OGjUvfAHuAXXui9~1YEvu~myG8Ov9.fF9~GkjLv9.9u9~Qx8Ov%3DK4b4aMc9mfJL%20NU-Ng0Ch74_13~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~QyY7vjmzyM718jMwmYJE1yJMN17Nw1jj~QmGEv9.9W~-8OvKrtoExGoXWuiXFfAFhAFXu9u~w7Yjvu~QYYM1E8veu~8GNvu~zQlvu~7yQvAAF-fW9~GQGv9~GQEv9~7Y-vfX9&vgd_bhv_kbb=1&vgd_cfud=221102&vgd_scsver=279&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=336_280&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=602&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1129&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=200&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A336%3Brend_h%3A280&vgd_uspa=0&vgd_sc=IL&vgd_l1rhst=contextual.media.net&hvsid=00001702075064944016112663474549&rc=0&rand=1702075065373&acid=35b820bf5fcedbc40b626b4835f1bac8&matm=1702075065373&vgd_ltimesrc=1&vgd_ltime=1073&vgd_rtime=943&vgd_etm=18&vgd_l1hcsd=Og4dd%7C8162&vgd_l1ch=1&vgd_lhl=5870&vgd_pgid=p02027995216t202312082237&vgd_csip=rtb-appnexus-5fd6bb7f75-2zbrc.SC&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_eadm=1&vgd_matchstr=hr%3D0%7C&vgd_end=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.31.48.28 Atlanta, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-31-48-28.deploy.static.akamaitechnologies.com

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Fri, 08 Dec 2023 22:37:45 GMT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
timing-allow-origin: *
Content-Length: 15
Expires: Fri, 08 Dec 2023 22:37:45 GMT

GET
DATA 200
OK truncated
/ Frame B752 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B752 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B752 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 montserrat-semibold.woff
contextual.media.net/__media__/fonts/montserrat-semibold/ Frame B752 24 KB
24 KB 44ms
43ms Font
font/woff 23.50.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/__media__/fonts/montserrat-semibold/montserrat-semibold.woff

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2811&&kkdd=H*%7Ch%7CuH9A3n*&Be=ag6Y6gc6JXa55iiiYaJ&8rMl=6&SdMR=6&-rB=aaYQ&7d-P=~5Xa&-er=it.ckfajp&-M-r=V5PQ3EO0bavK.F80!zrVe2%3D%3D&-ler=ggYiYiJ5g&debP=55J0Yi6&--=.W&d-=N~&-VKS=dSSLSe8lR7eIKL7Pd7&Mer=ij_fXOYiC&7Mer=vavcvU_&V77Md=a&lll=7bkuV~-nu~LEf6fgzY2SrTWv5jBYF287&KdP=c&n2=a&T8r=X&Rr7a=it.aWCHX5&Rr7Y=55gJQac5i&3rR7R=drY%3DKTnnZeTlnLn%3Da6ZI8PlMS%3D6GY5ZrISL3%3D6GgJZd-r%3DKEZlRP%3D6%2C6ZrISLn%3DY6ZBnYlLdr%3DY6Y5aY6iaaZeTlnL3%3DQcQGXgZTlnL7w-%3D6ZTlnLlYRL3%3D6Zd7r%3DYi5iYcgaaiZSKL3PVL3IId7%3D6GQaZlR7%3D6G666%2C6ZeM%3DaQfXvjR3MtwDeaBtN3.cbYZz33%3DaXZ3VLeS%3DX5ZleeMTR%3DQa%2CQaZl-%3DaZledTer%3D6%2C6ZlMdLdr%3DY6Y5aY6iagZlRrB%3D6G666%2C6ZTlnL3%3DaG6aZBnYlLTlnL3%3D6ZdSSL2l%3DJGigXiZTlnLn%3Da6ZdnB%3DaiGcgZ8-R7%3DuaZ33%3DaQJZdSSLSTn%3D6Gg5ZPlMS%3D6GY5ZBnYlLTlnLw-%3D6*6ZMdeL-%3Dg%2CJ%2C6%2C6%2C6%2C6%2C6%2CaZ3S%3DaZMdeLr%3DaJaZlwP%3D6%2C6ZR5ML3%3Da6GX%2CaYQG6cZdr%3DaZTer%3DYNRCKElygOk0CgF5U!Z-BnYlL3%3DcG5YZ37r%3DYY5Qia55J6gJ5X5XaaY6XiQJ56QcXa5aY5JaQg6XJc5aXY6igJX6aaJ5Yc65JY6JcgQcYYXa5Y5YQ6YgJ5YQiJia556Y65JXcQJi5iXZTeS%3D6Zlw7%3D6G666%2C6ZI8rYML3%3D6GQiZdd%3DO(Z--%3D.WZw3Lrn%3DPKZTe2%3DuaZ-P%3D6Zl-B%3DXYG6gZtN%3D56cXZw3LT-%3D6ZK7d%3DaZw3LTn%3DK%2FRZw3L--wd%3DaZ-7%3D3TzzRnIZ3ddL4vx%3DO(%2CO(Z3RdedY%3DaQJZ3Rdeda%3DaQJZw3L77%3DQZ3VLdr%3DY6Y5aY6i6aZr-%3DiZBnYlL3%3Da6GXZ77%3DaJ6ZTnSLM%3D6GaXZB2LP0-%3D6GYiZdSSL3er%3D6GagZBedLdr%3DY6JZTlnLlMdL3%3DaYGiYZ3VL-I%3D6ZdI3D%3D6Zr-Y%3DaZBLRdK%3DY6YgiZnRd7%3DZ-BI8%3DcG5YZBedLTlnL3%3D6GcZBnYlLeLdr%3DY6Y5aY6iaaZBedLTlnLn%3D6ZP7%3DYYZBnYlLeL3%3D6G6XZBedL3%3DaQgGJcZBnYlLTlnLBe%3Da*uaJZTlnL7Be%3D6ZBB%3D6Z-BnYlLdr%3DY65ZlzB%3DXYG6gZnYlL3%3Da666Z2lL3%3DiG5Y%2C6ZdSSLdr%3DY6Y5aY6ia5ZlRrM%3D6G666%2C6Zder%3DggYiYiJ5gZTlnLlMdLw-%3D6Zw3Ldl-%3Dw33ZB2T%3D6GYiZrYMLn%3Da6Z-BnY%3DcG5YZ5M-z%3DQg6GYaZrSSLd7l8%3DdSSLSe8lR7eIKL7Pd7ZrYML3%3D6GQiZlMdL3%3DaYQG6cZTlnLdlMdL3%3DaYGiYZlw2M%3D6G666%2C6Zlw2r%3D6G666%2C6ZedkPz%3D6Zedez%3D6ZTlnLlM-L3%3D6Z3er%3D6GagZw3LM7%3DhISPMR8PZTlnLlMdLlB%3D6Z-3rM%3D6Gag6Zdr%3DaZe7EMPLer%3DagZdPnnPlL7R8Ler%3DYi5iYcgaaiZdTMMnEL7R8Ler%3DZrP7P-7PrL7R8Ler%3DZBeP2R3ene7E%3D6GYiZMId%3D5ZR-L7EMP%3DaZRr3nw%3DYi5iYcgaaiZRSM%3DaZI83er%3D6GY56Z3znl%3D6G6a6ZdTer%3Dt(*W*4*xYu.~glb-Kf6.l6Cr_*8Zr7-%3DPRd7Ld-ZrSSLPlMS%3DzRndPZrSS%3DdSSLSe8lR7eIKL7Pd7Z3rM-RMr%3D6ZrRn8%3DdSSZd8S7%3DnIK8L7RenLVISPMR8PL-R7-VRnnZdI3M%3D6G6iZ0er%3D(q!uMT3uciaQcJY5Jg5Jca6aZV7Sn%3DaZdSSLRMe%3DBaZe3-%3DaZKdb%3DaZ78d%3D55J0Yi6Z3d3%3D6Z3dM%3D6Z7S0%3DYXa&K7B=6&SSS=T!IdOzNqm*w%3D&e2=55J&eKNzl=a&3rlNr=YQX&3er=5Xa56X&S-z=QQY6&ErdMl=a&3RP=)0P8P0bPX%2FZ)0P8P0bXX%2FZXPP&wR7MlP=a&wR73er=ua6Y&EMnM=a&eder=Y&ddS-lLBPl=c&M8er=M6Y6YgQQcYaJ7Y6Y5aY6iYY5g&ddnr=%7B%22ddeM%22%3A%22YJ6Y%3Azz-i%3A666Y%3A6666%3A6666%3A6666%3A6666%3A6666%22%2C%22dd--%22%3A%22.W%22%2C%22ddd-%22%3A%22Oy%22%2C%22dd-7E%22%3A%22)TzzRnI%22%7D&V7Sndl-=a&sflct=4952349&ure=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.124.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-50-124-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

541c1dec9560ca0b3650854c7111c8a34f1deeacefa81cdf6619024916928661

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2811&&kkdd=H*%7Ch%7CuH9A3n*&Be=ag6Y6gc6JXa55iiiYaJ&8rMl=6&SdMR=6&-rB=aaYQ&7d-P=~5Xa&-er=it.ckfajp&-M-r=V5PQ3EO0bavK.F80!zrVe2%3D%3D&-ler=ggYiYiJ5g&debP=55J0Yi6&--=.W&d-=N~&-VKS=dSSLSe8lR7eIKL7Pd7&Mer=ij_fXOYiC&7Mer=vavcvU_&V77Md=a&lll=7bkuV~-nu~LEf6fgzY2SrTWv5jBYF287&KdP=c&n2=a&T8r=X&Rr7a=it.aWCHX5&Rr7Y=55gJQac5i&3rR7R=drY%3DKTnnZeTlnLn%3Da6ZI8PlMS%3D6GY5ZrISL3%3D6GgJZd-r%3DKEZlRP%3D6%2C6ZrISLn%3DY6ZBnYlLdr%3DY6Y5aY6iaaZeTlnL3%3DQcQGXgZTlnL7w-%3D6ZTlnLlYRL3%3D6Zd7r%3DYi5iYcgaaiZSKL3PVL3IId7%3D6GQaZlR7%3D6G666%2C6ZeM%3DaQfXvjR3MtwDeaBtN3.cbYZz33%3DaXZ3VLeS%3DX5ZleeMTR%3DQa%2CQaZl-%3DaZledTer%3D6%2C6ZlMdLdr%3DY6Y5aY6iagZlRrB%3D6G666%2C6ZTlnL3%3DaG6aZBnYlLTlnL3%3D6ZdSSL2l%3DJGigXiZTlnLn%3Da6ZdnB%3DaiGcgZ8-R7%3DuaZ33%3DaQJZdSSLSTn%3D6Gg5ZPlMS%3D6GY5ZBnYlLTlnLw-%3D6*6ZMdeL-%3Dg%2CJ%2C6%2C6%2C6%2C6%2C6%2CaZ3S%3DaZMdeLr%3DaJaZlwP%3D6%2C6ZR5ML3%3Da6GX%2CaYQG6cZdr%3DaZTer%3DYNRCKElygOk0CgF5U!Z-BnYlL3%3DcG5YZ37r%3DYY5Qia55J6gJ5X5XaaY6XiQJ56QcXa5aY5JaQg6XJc5aXY6igJX6aaJ5Yc65JY6JcgQcYYXa5Y5YQ6YgJ5YQiJia556Y65JXcQJi5iXZTeS%3D6Zlw7%3D6G666%2C6ZI8rYML3%3D6GQiZdd%3DO(Z--%3D.WZw3Lrn%3DPKZTe2%3DuaZ-P%3D6Zl-B%3DXYG6gZtN%3D56cXZw3LT-%3D6ZK7d%3DaZw3LTn%3DK%2FRZw3L--wd%3DaZ-7%3D3TzzRnIZ3ddL4vx%3DO(%2CO(Z3RdedY%3DaQJZ3Rdeda%3DaQJZw3L77%3DQZ3VLdr%3DY6Y5aY6i6aZr-%3DiZBnYlL3%3Da6GXZ77%3DaJ6ZTnSLM%3D6GaXZB2LP0-%3D6GYiZdSSL3er%3D6GagZBedLdr%3DY6JZTlnLlMdL3%3DaYGiYZ3VL-I%3D6ZdI3D%3D6Zr-Y%3DaZBLRdK%3DY6YgiZnRd7%3DZ-BI8%3DcG5YZBedLTlnL3%3D6GcZBnYlLeLdr%3DY6Y5aY6iaaZBedLTlnLn%3D6ZP7%3DYYZBnYlLeL3%3D6G6XZBedL3%3DaQgGJcZBnYlLTlnLBe%3Da*uaJZTlnL7Be%3D6ZBB%3D6Z-BnYlLdr%3DY65ZlzB%3DXYG6gZnYlL3%3Da666Z2lL3%3DiG5Y%2C6ZdSSLdr%3DY6Y5aY6ia5ZlRrM%3D6G666%2C6Zder%3DggYiYiJ5gZTlnLlMdLw-%3D6Zw3Ldl-%3Dw33ZB2T%3D6GYiZrYMLn%3Da6Z-BnY%3DcG5YZ5M-z%3DQg6GYaZrSSLd7l8%3DdSSLSe8lR7eIKL7Pd7ZrYML3%3D6GQiZlMdL3%3DaYQG6cZTlnLdlMdL3%3DaYGiYZlw2M%3D6G666%2C6Zlw2r%3D6G666%2C6ZedkPz%3D6Zedez%3D6ZTlnLlM-L3%3D6Z3er%3D6GagZw3LM7%3DhISPMR8PZTlnLlMdLlB%3D6Z-3rM%3D6Gag6Zdr%3DaZe7EMPLer%3DagZdPnnPlL7R8Ler%3DYi5iYcgaaiZdTMMnEL7R8Ler%3DZrP7P-7PrL7R8Ler%3DZBeP2R3ene7E%3D6GYiZMId%3D5ZR-L7EMP%3DaZRr3nw%3DYi5iYcgaaiZRSM%3DaZI83er%3D6GY56Z3znl%3D6G6a6ZdTer%3Dt(*W*4*xYu.~glb-Kf6.l6Cr_*8Zr7-%3DPRd7Ld-ZrSSLPlMS%3DzRndPZrSS%3DdSSLSe8lR7eIKL7Pd7Z3rM-RMr%3D6ZrRn8%3DdSSZd8S7%3DnIK8L7RenLVISPMR8PL-R7-VRnnZdI3M%3D6G6iZ0er%3D(q!uMT3uciaQcJY5Jg5Jca6aZV7Sn%3DaZdSSLRMe%3DBaZe3-%3DaZKdb%3DaZ78d%3D55J0Yi6Z3d3%3D6Z3dM%3D6Z7S0%3DYXa&K7B=6&SSS=T!IdOzNqm*w%3D&e2=55J&eKNzl=a&3rlNr=YQX&3er=5Xa56X&S-z=QQY6&ErdMl=a&3RP=)0P8P0bPX%2FZ)0P8P0bXX%2FZXPP&wR7MlP=a&wR73er=ua6Y&EMnM=a&eder=Y&ddS-lLBPl=c&M8er=M6Y6YgQQcYaJ7Y6Y5aY6iYY5g&ddnr=%7B%22ddeM%22%3A%22YJ6Y%3Azz-i%3A666Y%3A6666%3A6666%3A6666%3A6666%3A6666%22%2C%22dd--%22%3A%22.W%22%2C%22ddd-%22%3A%22Oy%22%2C%22dd-7E%22%3A%22)TzzRnI%22%7D&V7Sndl-=a&sflct=4952349&ure=1
Origin: https://contextual.media.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:45 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 24784
expires: Sat, 09 Dec 2023 22:37:45 GMT

GET
H/1.1 200
OK bql.php Show response
lg3.media.net/ Frame B752 15 B
348 B 62ms
61ms Script
text/javascript 184.31.48.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=6332&&vgd_canary=0&vgd_l2type=scs_newfl&fp=pxPVjpZO279HJxEit6wsXfPPcfq1gRtV1S792PuWAsUrILJrA-VX1CtynewsmN4zBGT0OeOmQI3qN_9OrnOg1w7uqpfAmHTrQoEalcgaeQ9ItxdJm-QFxVWG12ESACDnV0Mqlc1FR8T6AD_TtcwLvQ%3D%3D&cme=ZdtBObN9CwU-_xhVPreNB1BvBkHoiDF4jUZrK_Met6aDuxZVGU-QzpwRzV5PZuWWpYnKbeTvgTFcnY3UvQ5RZmmlK8op4VgLavlRSNPi_DX3zmEGWAv0DRn89zaZ2ePG3x0CUaUuhK6fr3u0DjTNBYUUqpseF6XtH8L9Hz1DA2XZbs054x12iN9yFNIOVU_ByBqVTIkujT5N550GXgs3LWpvy1vJqPuIAjV3GcQGtkj1zOyxIRj0rg%3D%3D%7C%7Cb8KlCmE6kTENKxSBIehsQLbXBNKeHPZV%7C3I0t6CRIne3Rh-tx0UyzpWWEN8GIV-quu-vcHLceR1qtTqphSaiaenBlp-07XZtTlj2tNQ5LMkc0TlwYrZO-DIn95UkiNylfVABDwVYwOcghu1L_y1ndDuxsiiBA2sDWRQqJNQLgBw8b13Gual77JG-yaUvFdMWGJfPYyCiuFL7vNR9FTCgUgCnMs8cLosIZwyBvbO4bAbSYp1zlfAMQz9zDXZI0kf79u0PjwAf5H1VGOk53Tv4duH0S6kejRpiMO-Ed2cXCbvUXBCCp7nbSLClqgw9tWPUu%7Cu8A6SM53vAeV5r4ww6ldE8TMDOtCsF6e%7Cqk5jDP-Bqht8AUEIoCxyGGxeRRMQBwSB%7CWGV0YFlErcpuo3Pma1EBA706uXx3IZ3_s1njI9zvr5U%3D%7Ca0AmFUYXmD46uF8UR0TFEOHcvEtvyyIN3EBR9U-PQpk%3D%7C&subBdr=196&bdrid=294&ksu=355&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Top+5+Medicare+Advantage+Plans&kwt[]=391&kbc[]=1262905965&kwp[]=1&kid[]=329961779&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D120808%7C13%3D0.3184%7C14%3D120817%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.322%7C74%3D2.12%7C53%3D11.41%7C60%3D3.17%7C12%3D18.03%7C80%3D6.91%7C1%3D6.91%7C2%3D41.90&ktd[]=4503874522251520&kwd[]=Download+Windows+Explorer&kwt[]=265&kbc[]=44217&kwp[]=2&kid[]=8853636&kbc2[]=tnid%3D18890%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0012%7C8%3D120808%7C13%3D0.1019%7C14%3D120817%7Cokt%3D265%7Cbdkt%3D265%7Cps%3D0.765%7C74%3D2.12%7C53%3D0.97%7C60%3D0.43%7C12%3D1.11%7C80%3D0.59%7C1%3D1.01%7C2%3D2.27&ktd[]=288232300314034432&kwd[]=Free+Dental+Implants+for+Seniors&kwt[]=391&kbc[]=1262905965&kwp[]=3&kid[]=329795848&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0004%7C8%3D120808%7C13%3D0.1699%7C14%3D120817%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.322%7C74%3D2.12%7C53%3D0.52%7C60%3D0.65%7C12%3D2.18%7C80%3D3.70%7C1%3D3.70%7C2%3D18.43&ktd[]=4503874522251520&kwd[]=%24750+Limit+Cards+for+Bad+Credit&kwt[]=391&kbc[]=1262905965&kwp[]=4&kid[]=350688470&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D120808%7C13%3D0.1861%7C14%3D120817%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.322%7C74%3D2.12%7C53%3D3.91%7C60%3D1.80%7C12%3D7.11%7C80%3D2.00%7C1%3D2.00%7C2%3D13.27&ktd[]=4503874522251520&kwd[]=Best+Vitamins+for+Liver+Cleanse&kwt[]=391&kbc[]=1262905965&kwp[]=5&kid[]=329665869&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0004%7C8%3D120808%7C13%3D0.1306%7C14%3D120817%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.322%7C74%3D2.12%7C53%3D2.52%7C60%3D1.01%7C12%3D2.50%7C80%3D0.65%7C1%3D0.65%7C2%3D5.99&ktd[]=4503874522251520&v=1&geo=43.12%7C-77.56&dlper=20&lper=100&lpid=&tsid=7&hint=&cc=US&wsip=170774702&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%22Rxkk1jm%22%2C%22QQ8E%22%3A%22fF9f%3AkkNW%3A999f%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQQN%22%3A%22I3%22%7D&cid=8CU5RJ1PV&vi=1702075064133888216&vsid=3450766656634749&tdAdd[]=asnum%3D20278&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=1000&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=1&vgd_tsce=L341-S341&vgd_l3_sc=IL&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CU1SGZ43&vgd_hb_audit_2=337691538&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=3000c82a&vgd_nrrsf=scrr&vgd_cty=rochester&vgd_ifrmode=14&sttm=1702075065139&upk=1702075065.9456&hvsid=00001702075065139016112663471789&verid=3111299&sbdrId=196&tsrc=entity&kafm_ull_cache=00&vgd_l1rakh=1702075064106313900&vgd_ecrid=1700080800127000336028000025600&vgd_isiolc=1&kbbq=%26asn%3D20278&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=9920&vgd_vstrid=3450766656634749&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.fA~OmYMGv9.hF~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fAuf9Wuu~8xLjMGviXi.Hh~xLjM7UNv9~xLjMLf1MGv9~Q7OvfWAWfXhuuW~YzMGJwMGmmQ7v9.iu~L17v9.999%2C9~8Evui6H_01GE%3DUd8ue%3DVGPXlf~kGGvuH~GwM8YvHA~L88Ex1viu%2Ciu~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fAuf9Wuh~L1Oev9.999%2C9~xLjMGvu.9u~ejfLMxLjMGv9~QYYMBLvF.WhHW~xLjMjvu9~QjevuW.Xh~yN17vou~GGvuiF~QYYMYxjv9.hA~JLEYv9.fA~ejfLMxLjMUNv949~EQ8MNvh%2CF%2C9%2C9%2C9%2C9%2C9%2Cu~GYvu~EQ8MOvuFu~LUJv9%2C9~1AEMGvu9.H%2Cufi.9X~QOvu~x8OvfV1Zz5L3hID-ZhgAst~NejfLMGvX.Af~G7OvffAiWuAAF9hFAHAHuuf9HWiFA9iXHuAufAFuih9HFXAuHf9WhFH9uuFAfX9AFf9FXhiXffHuAfAfi9fhFAfiWFWuAA9f9AFHXiFWAWH~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~UGMOjvJz~x8Bvou~NJv9~LNevHf.9h~%3DVvA9XH~UGMxNv9~z7Qvu~UGMxjvzS1~UGMNNUQvu~N7vGxkk1jm~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~UGM77vi~GwMQOvf9fAuf9W9u~ONvW~ejfLMGvu9.H~77vuF9~xjYMEv9.uH~eBMJ-Nv9.fW~QYYMG8Ov9.uh~e8QMQOvf9F~xLjMLEQMGvuf.Wf~GwMNmv9~QmGdv9~ONfvu~eM1Qzvf9fhW~j1Q7v~NemyvX.Af~e8QMxLjMGv9.X~ejfLM8MQOvf9fAuf9Wuu~e8QMxLjMjv9~J7vff~ejfLM8MGv9.9H~e8QMGvuih.FX~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvf9A~LkevHf.9h~jfLMGvu999~BLMGvW.Af%2C9~QYYMQOvf9fAuf9WuA~L1OEv9.999%2C9~Q8OvhhfWfWFAh~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.fW~OfEMjvu9~NejfvX.Af~AENkvih9.fu~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.iW~LEQMGvufi.9X~xLjMQLEQMGvuf.Wf~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.uh~UGME7vqmYJE1yJ~xLjMLEQMLev9~NGOEv9.uh9~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvfWAWfXhuuW~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.fW~EmQvA~1NM75EJvu~1OGjUvfWAWfXhuuW~1YEvu~myG8Ov9.fA9~GkjLv9.9u9~Qx8Ov%3DK4b4C4pfoPThLlNz69PL9ZOa4y~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~QyY7vjmzyM718jMwmYJE1yJMN17Nw1jj~QmGEv9.9W~-8OvKrtoExGoXWuiXFfAFhAFXu9u~w7Yjvu~QYYM1E8veu~8GNvu~zQlvu~7yQvAAF-fW9~GQGv9~GQEv9~7Y-vfHu&vgd_bhv_kbb=1&vgd_cfud=221102&vgd_scsver=279&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=336_280&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=602&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1129&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=1000&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A336%3Brend_h%3A280&vgd_uspa=0&vgd_sc=IL&vgd_l1rhst=contextual.media.net&hvsid=00001702075065139016112663471789&rc=0&rand=1702075065538&acid=4da97ec3e6b0af07c48cfa00b130e1eb&matm=1702075065538&vgd_ltimesrc=1&vgd_ltime=968&vgd_rtime=844&vgd_etm=11&vgd_l1hcsd=Og4dd%7C8162&vgd_l1ch=1&vgd_lhl=5890&vgd_pgid=p02027995216t202312082237&vgd_csip=rtb-appnexus-apm-5cbfcf6885-qq8tl.SC&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_eadm=1&vgd_matchstr=hr%3D0%7C&vgd_end=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.31.48.28 Atlanta, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-31-48-28.deploy.static.akamaitechnologies.com

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Fri, 08 Dec 2023 22:37:45 GMT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
timing-allow-origin: *
Content-Length: 15
Expires: Fri, 08 Dec 2023 22:37:45 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 124ms
57ms XHR
application/json 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8ee951e9723d1bf019e84475c64fd6c251a07a5d658c86b3bda02d89fe33d47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12216
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
35ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Dec 2023 22:37:45 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6CDA 13 KB
5 KB 35ms
32ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ricowhaz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 11910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 19:19:15 GMT
expires: Sat, 07 Dec 2024 19:19:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E2DA 829 B
560 B 52ms
51ms Document
text/html 2607:f8b0:4004:c08::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::93 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6f3390f832a8bfa5a084ffe643fc24902980d2ada554723115b20114a36b3ee0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FMQtGQY7FZEFy-5q_nhIRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ricowhaz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-FMQtGQY7FZEFy-5q_nhIRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 22:37:45 GMT
expires: Fri, 08 Dec 2023 22:37:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6CDA 39 KB
15 KB 38ms
34ms Script
text/javascript 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 17:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 17:12:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E2DA 0
0 47ms
47ms Image
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=4099227977859145&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6C81 42 B
64 B 52ms
51ms Fetch
image/gif 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuyetB00CxHngTsm_Dj6W8wP7yxYHkEZH8HnHeWpif0lWXdjSv-toof2EIcA247cs_bNNI88UzJWGSFHJ_R6-WPYN4mJyegJpmn3Vpu_AGqV46pVsHWSGicaowWWoddliJsO95SdOjzcg&sai=AMfl-YRGZj4XpqEdu-t517vO6tAVhnB__owZej3EvFNO3-DevAvPdl4_AwScpratjJPUacphPNCoVhjglpCBg7xFaC5kmBS7grRy6silT5HkzgVSNlZTTfq-Zjtp3isJKG6TxWg2CJchK49MUS2Ovj5oxcalxM2CUFCJ0C2S&sig=Cg0ArKJSzIWyPTaXlgdXEAE&cid=CAQSTwDICaaNH0kucNuh6-YQZLtag8BNui603w3krFfPaeo2n3pA88EXSR-sGbZX7xvUIKJ5rZVJByCzuephmS7cH296j71SSNf2_LNQPdG34NEYAQ&id=lidar2&mcvt=1010&p=0,0,280,1200&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3363353524&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702075063388&rpt=1724&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:37:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6CDA 0
10 B 32ms
31ms Image
text/plain 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?x654yw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:37:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 49ms
48ms Image
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=4099227977859145&bg=!DQ6lDkHNAAY3kmNgF5I7ADQBe5WfOJTeVV5u0_wLqNcNDyOceJyAwSxsrMgs4DSpIyk0u66ZVBU8DY5IyNp8QAYPfAfUAgAAALRSAAAAA2gBB5kC6hUPZNwCBLBHDI5PhP_BBYKN9-INvU61_8DHtuxno_FIRYMYkY7lgHEn3ainty1SzE9eMXG7JveECiOYXjL31XE887W3HIPqNOgSm2vmJRGwdxFVWpB0lkirXOnL7HAycr39bQn5_xmopijHuh4RUcPqai72W1TlrXobZf_DvG8NfwrdLFWQ-bTHVBnMvIRpRvhl5x7JHnKBYpFchuFMpRkUM_RsnM44i7fsjSqJsYZ_HeZqwJ-89KVMa51JqUW1uBwWLWRI36mleBwtCT7cZHyQSC4DZQshdmL4UTR3ko8fzHIvg0nSFzwUcH3K6cNtRURuoM7grPdEZYhKbDwRO8TjqhuoyiNJdIR7wW4aAIAuVPDs-ePfZN3tUbnwn-uxqIeabMPTlJjFVpyrJ7PZFoFMVh6CGJc6viDJxDREgC6O4JeC2LJUbNXI3B711-iD4Jg9_TlVYbMyJSgihif0bhqn8SNU9aQ0ZwKD_DbvtfM3vnFTl49Gxk8Zl1j0J-36Sqj7wQabOvwVvtsqYe6KHH1xIxmkbQo2Xr_ixBlGkX-2GtNHgXmtD1_HnuZGoEdlqVdVMKTkmu0HnmyTP1_m827-3OE4i0Tg2Mp-eh8livxQgfUM2eUCEtJqXQJJTiu_LHaXtJ_G2b-1XSz6AMOeSA0u7urFm-BkeE_avfOIXq0Q4M9un1lSIBLwGyM2bMQLUNLs7crnUrmOT1xftguVMKJfVodaqX0QTrHvjp-5qgMvXBqtd4UzAmuQ-IEqkLtWjdFVFbK179UPi59Vghrp_l7w6d7_uM6vKc3DOOHJY71u32vsCp0MjHe8iyOvPJr2WsgupGifVmuDK3GG3mR-Kv2EYGaEBM0MTOutCs1JO7N-mGtFtVTbxhIVHztCAKFhZ3U3jA6Psed7c8UMRBvEiKfVZpt8d6F7I085A432mKnZ-mftX_C8xShSLvt5cpkIVffBDdkuOGb9F7g_RKe59SYvbtk9PpKLajis
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ricowhaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync-dmp.aura-dsp.com
URL: https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEFvrj9Wi7hv76qRH0dp5WlM&google_cver=1&google_push=AXcoOmQ3yL3CIomi7w9rC6IDxooPrAjYH4lSIVyFRLn90yA-09hvzd0cDsMjlkN51oijZqjhXbhVv71hAgSuHs-qgqwGq28pz3HgSp4

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-21 02:23:55	Name: IDE Value: AHWqTUmyVGrr3UbaybmvGndriGKUd7y7uJZZjfOsnsPS7ObV23CRsPLqfyqsah0q2S4
.ricowhaz.com/	1970-01-21 02:09:31	Name: __gads Value: ID=d58db3428beb5f17:T=1702075063:RT=1702075063:S=ALNI_MbWsv6TWFUbXToz7KXdhlgFxYGDMA
.ricowhaz.com/	1970-01-21 02:09:31	Name: __gpi Value: UID=00000da7a5929237:T=1702075063:RT=1702075063:S=ALNI_MazDpE3QhkXODv4O91Orgc_30qppQ
.yahoo.com/	1970-01-21 01:33:52	Name: A3 Value: d=AQABBLiac2UCEIhh0LX5VYG3mNK_6BKvZsIFEgEBAQHsdGV9ZQAAAAAA_eMAAA&S=AQAAAlN5-07G1CJ8sLKOAdBQ4yE
.quantserve.com/	1970-01-20 18:57:31	Name: d Value: EHwBCQHOKoEA
.quantserve.com/	1970-01-21 02:18:09	Name: mc Value: 65739ab8-f096c-1ef59-bd95b
.mediago.io/	1970-01-21 01:33:31	Name: __mguid_ Value: 81fa84b74db46ff3131pi800lpx7jpga
.adsrvr.org/	1970-01-21 01:34:57	Name: TDID Value: e0a3a11a-1083-4df0-8c42-67f7c17592b9
.w55c.net/	1970-01-21 02:19:35	Name: wfivefivec Value: yCKjYL861RbJtD5
.w55c.net/	1970-01-20 17:31:07	Name: matchgoogle Value: 5
.tribalfusion.com/	1970-01-20 18:57:31	Name: ANON_ID Value: ayntuJRwEfES2QVoq6vnRo5kmMGS7qaCCa8I9d4UYeFrUGN60QWHutntjyDdmEX6SNKAXeIZalXWab6Ap900NTwg7
.adsrvr.org/	1970-01-21 01:34:57	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI-siIyIqSvDwQBRgFIAIoAjILCIDr_PGgkrw8EAU4AQ..
.adkernel.com/	1970-01-20 17:08:04	Name: ADK_EX_11 Value: 1
.adkernel.com/	1970-01-20 17:31:07	Name: ADKUID Value: A3267725509120157454
.adform.net/	1970-01-20 17:32:33	Name: C Value: 1
.acuityplatform.com/	1970-01-21 01:33:31	Name: auid Value: 862177273610
.acuityplatform.com/	1970-01-21 01:33:31	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRhJyRiKomGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUYSckYiqI90aGlyZFBhcnR5VXNlcklkWkNBRVNFTEJ3MzNFNnNkXzAwcVYyeVhORHE0Rfv7hnZlcnNpb27C+w=="
.media.net/	1970-01-21 01:33:31	Name: visitor-id Value: 3450766656634749000V10
.googleadservices.com/	1970-01-20 18:57:31	Name: ar_debug Value: 1
.adform.net/	1970-01-20 18:14:19	Name: uid Value: 6775481024359970632
.e.dlx.addthis.com/	1970-01-21 02:18:09	Name: na_tc Value: Y
.media.net/	1970-01-20 17:08:04	Name: data-g Value: CAESEFENaBjLdw-PfzPHycGTYJE~~6
.innovid.com/	1970-01-20 18:57:31	Name: uuid Value: 0bdbb8c8-c842-4804-b6be-674b1878bc01-20231208 17:37:45
.addthis.com/	1970-01-21 02:18:09	Name: na_id Value: 2023120822374500014805855323
.addthis.com/	1970-01-21 02:18:09	Name: na_tc Value: Y
.addthis.com/	1970-01-21 02:18:09	Name: uid Value: 65739ab964e00e77
.addthis.com/	1970-01-21 02:18:09	Name: ouid Value: 65739ab9000139f48a8513781ca6f8f66bbb6c6d4de4f5efbb70
.dlx.addthis.com/	1970-01-20 17:31:07	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 17:31:07	Name: na_sr Value: 20231208
.dlx.addthis.com/	1970-01-20 16:47:55	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 17:31:07	Name: na_sc_e Value: 0
.adx.opera.com/	1970-01-21 01:33:31	Name: UID Value: OPU2dc81c949e054d1aa8a724d6a4990947

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://i0.wp.com/it.ricowhaz.com/wp-content/uploads/2017/01/remove-ilo-license.jpg?resize=511%2C412 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i0.wp.com/it.ricowhaz.com/wp-content/uploads/2016/10/diskmgr.jpg?resize=840%2C211 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i0.wp.com/it.ricowhaz.com/wp-content/uploads/2016/10/diskpart.jpg?resize=510%2C414 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEFvrj9Wi7hv76qRH0dp5WlM&google_cver=1&google_push=AXcoOmQ3yL3CIomi7w9rC6IDxooPrAjYH4lSIVyFRLn90yA-09hvzd0cDsMjlkN51oijZqjhXbhVv71hAgSuHs-qgqwGq28pz3HgSp4 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.gravatar.com
a.tribalfusion.com
ag.innovid.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
cs.media.net
d5p.de17a.com
dis.criteo.com
dsp.adkernel.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hblg.media.net
i0.wp.com
lg3.media.net
match.adsrvr.org
pagead2.googlesyndication.com
pixel.wp.com
pm.w55c.net
pr-bh.ybp.yahoo.com
qsearch-a.akamaihd.net
ricowhaz.com
s.tribalfusion.com
secure.gravatar.com
stats.wp.com
sync-dmp.aura-dsp.com
t.adx.opera.com
tpc.googlesyndication.com
trace.mediago.io
ums.acuityplatform.com
warp.media.net
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
sync-dmp.aura-dsp.com
172.253.62.154
172.253.62.157
174.137.133.49
184.31.48.28
185.167.164.49
192.0.76.3
192.0.77.2
213.155.156.164
23.205.106.147
23.220.132.230
23.46.192.28
23.50.124.22
2600:1f18:445b:900:40c9:bc07:67b9:741c
2600:1f18:4e9:5a07:7e1:1718:4d2a:54ab
2606:4700::6812:19ad
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c08::84
2607:f8b0:4004:c08::93
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c09::9b
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::9b
2620:116:800b:21:c1e8:5385:5098:6bf0
2a04:fa87:fffe::c000:4902
3.33.220.150
35.208.249.213
52.86.237.52
67.213.82.10
69.90.254.78
74.119.119.150
82.145.213.8
0200bc38d986631f9cc4680084d7d263ccf17fa4a3c627b26ff347e0cfcf1d47
06f880720e7ad1208cc5dd7e3555ef2d0639196d01b4dfea9663436a02464b28
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1808af7c4fd6303086de89cb0a5cab2b4ab5613fd0bb51149b52f5ecd04966
0d027364cf8c023e16dbbaaf9d5c0c1bd7818aa198911fc68335aa63174c983a
0e238a93d57afb84c2b3d0bb0f376031b72633d350d4b696d0701b2f7277ab45
0ed676f60e961d956fff02632005161932c3cc91f72b66f3e2291309ab535469
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
131f6b765e798866d728f95661b78bbf269c86482ffff0fa8c08e18a1a65cc89
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
19d672c21b32590927c2dd1d5591281e6b40e1586a0568db3d5e0f3c8304cd89
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
24532421a961783f6631ddda28c8e5ae78a82eb08c3a9d11b87e9aee835691f0
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2
28b46e0ed76b73d58ac8278f8dc7465e03cdaf042cbc317a70e19d1789de0d12
2bca0dae15027898dd6a7536d5b041014f928fbc60d9ce04dd2fa4c5d37d36ad
2d7599e7355f74647511d36b0790e74fa070e990eb6e7dbe9086bbdc28c74e67
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3d8b0ba42600e76576ac44e67091d73690998875705168d6dcbb5c6a85f1ee99
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
423ac55116af784f0c6dabea78e1c0eeef4dfab2b3cda806ad68908b45f420ff
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
541c1dec9560ca0b3650854c7111c8a34f1deeacefa81cdf6619024916928661
54d886e7ac2735001e6b39bdfd2bd67691f3ff1ac70b8fb4e5560de00722ad47
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6a360e4e3e7c65709b0ffefc54e4f116ea6d8c9909e68ff4578284ebaf07c5f1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a
6f3390f832a8bfa5a084ffe643fc24902980d2ada554723115b20114a36b3ee0
6f8e1a44db01d5d0ef50947f7779701495c4f51554c1911de7374eee18df1b03
71adc15350145604f7a2794da7be297e14345f3fb31c4ea37c8a97e5e0b2ccd0
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b3c29d2ec701a8a6687caec5d13abbcf62132619b523949a5985b29b9fcf462
978525ae6f34a85df703fb41fbdee04410501cb8373ab3c36a9b878f3f7885da
99b7e4c438d8bf6e34928cc64ed56407b3ffd550e426fc1cf40096e5b82bc80b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9da98fb0f48fd57743ae5c3a3124137da78062506e5e5cf82cc2494a96ce9479
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3be06c88f0d9c1b7838be8272c3139ed1872603f93104c59dd7f28fddec9257
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b2d3353fb831693b8588540928d4aeac78bd7a9649139e73f42e949e599d85e4
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b9c42acf5d046b720ec9b5dc527e793f042b99ddf5c53481d6913c9e6766472f
c32906775261693700b234cb6101b26f1af2f3649d2b6f1779e89a116b6a8d0a
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c8ee951e9723d1bf019e84475c64fd6c251a07a5d658c86b3bda02d89fe33d47
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd911729403decd6e3b74702fdc4d2c1b1e3ecf35a147f7e5373669932cc708
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ea31048ed21bd3fb40bb09e6d4f49792da9588b27008978c544e312036fbb8e2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c7d1f2446218e74dd367a7f5269c518851e001f9e94f5d472c1456196d6625
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f74a35653bc79d385a51d150163066c13d508bfdfb908135d102c43453d797a5
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fa5a48e7c051389fce888904d5a43aa682dfaa77acd87653d9de8c8f69504b5b
fe4725d967cdafe16e972f934768dd5794a931d2e16f10a19a3e681f4afad7eb

ricowhaz.com Open in urlscan Pro 67.213.82.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

138 Requests

68 %HTTPS

41 %IPv6

27 Domains

38 Subdomains

24 IPs

6 Countries

1517 kBTransfer

3744 kBSize

32 Cookies

4 Outgoing links

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ricowhaz.com Open in urlscan Pro
67.213.82.10 Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

68 %
HTTPS

41 %
IPv6

27
Domains

38
Subdomains

24
IPs

6
Countries

1517 kB
Transfer

3744 kB
Size

32
Cookies

138 HTTP transactions
12 data transactions