urlscan.io logo urlscan.io
SecurityTrails logo

window-rock-az.asbe.us Open in urlscan Pro
2606:4700:3032::6815:51d1  Public Scan

Go To Rescan Add Verdict Report
URL: https://window-rock-az.asbe.us/
Submission Tags: @phishunt_io
Submission: On August 08 via api from DE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 4 countries across 26 domains to perform 201 HTTP transactions. The main IP is 2606:4700:3032::6815:51d1, located in United States and belongs to CLOUDFLARENET, US. The main domain is window-rock-az.asbe.us.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 4th 2022. Valid for: a year.
This is the only time window-rock-az.asbe.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
11 2607:f8b0:400... 15169 (GOOGLE)
1 185.177.92.147 39572 (ADVANCEDH...)
1 2600:9000:21d... 16509 (AMAZON-02)
3 7 2a02:6b8::1:119 208722 (GLOBAL_DC)
5 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
13 2607:f8b0:400... 15169 (GOOGLE)
5 142.250.72.98 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
16 2607:f8b0:400... 15169 (GOOGLE)
5 2620:100:a001... 19750 (AS-CRITEO)
3 2620:100:a001::3 19750 (AS-CRITEO)
2 2620:100:a005... 19750 (AS-CRITEO)
37 2620:100:a001::4 19750 (AS-CRITEO)
5 74.119.119.147 19750 (AS-CRITEO)
5 2606:4700::68... 13335 (CLOUDFLAR...)
27 74.119.119.137 19750 (AS-CRITEO)
7 74.119.119.149 19750 (AS-CRITEO)
8 96.17.64.29 16625 (AKAMAI-AS)
1 104.117.182.27 20940 (AKAMAI-ASN1)
3 104.77.220.25 16625 (AKAMAI-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
1 1 169.55.104.49 36351 (SOFTLAYER)
1 9 142.250.80.98 15169 (GOOGLE)
2 2 15.197.193.217 16509 (AMAZON-02)
1 1 3.211.146.183 14618 (AMAZON-AES)
2 2 185.167.164.37 198622 (ADFORM)
1 1 69.173.151.100 26667 (RUBICONPR...)
1 1 52.207.57.53 14618 (AMAZON-AES)
2 2 35.207.24.140 15169 (GOOGLE)
3 104.117.182.24 20940 (AKAMAI-ASN1)
201 30
11    2606:4700:3032::6815:51d1 (United States)

ASN13335 (CLOUDFLARENET, US)
window-rock-az.asbe.us
1    2607:f8b0:4006:81d::2008 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
11    2607:f8b0:4006:821::2002 (New York, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    185.177.92.147 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-92-147.ah-server.com
us03.biz
1    2600:9000:21dd:0:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
5    2607:f8b0:4006:80d::200a (New York, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2607:f8b0:4006:80e::2003 (New York, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    2607:f8b0:4006:80c::2002 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2607:f8b0:4006:81c::200e (New York, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
13    2607:f8b0:4006:822::2002 (New York, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    142.250.72.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
1    2607:f8b0:4006:80f::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2607:f8b0:4006:822::2001 (New York, United States)

ASN15169 (GOOGLE, US)
7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
16    2607:f8b0:4006:81f::2001 (New York, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)
ads.us.criteo.com
3    2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)
rtb.va.us.criteo.com
2    2620:100:a005::14 (United States)

ASN19750 (AS-CRITEO, US)
rtb.da.us.criteo.com
37    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
5    74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)
cat.va.us.criteo.com
5    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
27    74.119.119.137 (United States)

ASN19750 (AS-CRITEO, US)
PTR: pix.va1.vip.prod.criteo.com
pix.us.criteo.net
7    74.119.119.149 (United States)

ASN19750 (AS-CRITEO, US)
csm.us.criteo.net
8    96.17.64.29 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-64-29.deploy.static.akamaitechnologies.com
hblg.media.net
warp.media.net
lg3.media.net
cs.media.net
1    104.117.182.27 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-27.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
3    104.77.220.25 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-220-25.deploy.static.akamaitechnologies.com
contextual.media.net
2    2607:f8b0:4006:816::2004 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    169.55.104.49 (Ashburn, United States)

ASN36351 (SOFTLAYER, US)
PTR: 31.68.37a9.ip4.static.sl-reverse.com
um.simpli.fi
9    142.250.80.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
cm.g.doubleclick.net
2    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    3.211.146.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-146-183.compute-1.amazonaws.com
sync.extend.tv
2    185.167.164.37 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    52.207.57.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-57-53.compute-1.amazonaws.com
cc.adingo.jp
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
3    104.117.182.24 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-24.deploy.static.akamaitechnologies.com
res-a.akamaihd.net
Apex Domain
Subdomains		 Transfer
71 criteo.net
static.criteo.net — Cisco Umbrella Rank: 627
pix.us.criteo.net — Cisco Umbrella Rank: 1936
csm.us.criteo.net — Cisco Umbrella Rank: 1915
323 KB
29 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
280 KB
26 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
206 KB
15 criteo.com
ads.us.criteo.com — Cisco Umbrella Rank: 1876
rtb.va.us.criteo.com — Cisco Umbrella Rank: 4868
rtb.da.us.criteo.com — Cisco Umbrella Rank: 6224
cat.va.us.criteo.com — Cisco Umbrella Rank: 2568
238 KB
11 media.net
hblg.media.net — Cisco Umbrella Rank: 1513
contextual.media.net — Cisco Umbrella Rank: 526
warp.media.net — Cisco Umbrella Rank: 2188
lg3.media.net — Cisco Umbrella Rank: 3520
cs.media.net — Cisco Umbrella Rank: 1437
153 KB
11 asbe.us
window-rock-az.asbe.us
90 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
285 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
25 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 10493
2 KB
5 gstatic.com
fonts.gstatic.com
137 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
3 KB
4 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1794
res-a.akamaihd.net — Cisco Umbrella Rank: 6524
113 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 98
www.google.com — Cisco Umbrella Rank: 10
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 886
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 603
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 381
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3617
56 KB
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 3380
451 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 326
504 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1715
651 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 826
746 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 862
462 B
1 optad360.io
get.optad360.io — Cisco Umbrella Rank: 25239
7 KB
1 us03.biz
us03.biz — Cisco Umbrella Rank: 708062
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
41 KB
201 26
Domain Requested by
37 static.criteo.net ads.us.criteo.com
27 pix.us.criteo.net ads.us.criteo.com
16 tpc.googlesyndication.com googleads.g.doubleclick.net
7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
13 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
11 pagead2.googlesyndication.com window-rock-az.asbe.us
pagead2.googlesyndication.com
7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
www.googletagservices.com
tpc.googlesyndication.com
11 window-rock-az.asbe.us window-rock-az.asbe.us
9 cm.g.doubleclick.net 1 redirects 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
7 csm.us.criteo.net ads.us.criteo.com
7 www.googletagservices.com get.optad360.io
googleads.g.doubleclick.net
7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
5 cdnjs.cloudflare.com ads.us.criteo.com
5 cat.va.us.criteo.com ads.us.criteo.com
5 ads.us.criteo.com googleads.g.doubleclick.net
5 mc.yandex.com 2 redirects window-rock-az.asbe.us
5 fonts.gstatic.com fonts.googleapis.com
5 fonts.googleapis.com window-rock-az.asbe.us
cdnjs.cloudflare.com
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
window-rock-az.asbe.us
3 res-a.akamaihd.net contextual.media.net
3 lg3.media.net 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
contextual.media.net
3 contextual.media.net 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
contextual.media.net
3 hblg.media.net window-rock-az.asbe.us
7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
3 rtb.va.us.criteo.com googleads.g.doubleclick.net
2 rtb.mfadsrvr.com 2 redirects
2 c1.adform.net 2 redirects
2 match.adsrvr.org 2 redirects
2 www.google.com 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
tpc.googlesyndication.com
2 rtb.da.us.criteo.com googleads.g.doubleclick.net
2 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 mc.yandex.ru 1 redirects window-rock-az.asbe.us
1 cs.media.net contextual.media.net
1 cc.adingo.jp 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 sync.extend.tv 1 redirects
1 um.simpli.fi 1 redirects
1 warp.media.net 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
1 qsearch-a.akamaihd.net window-rock-az.asbe.us
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 get.optad360.io window-rock-az.asbe.us
1 us03.biz window-rock-az.asbe.us
1 www.googletagmanager.com window-rock-az.asbe.us
201 41
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-04 -
2023-05-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
us00.biz
R3		 2022-07-04 -
2022-10-02		 3 months crt.sh
*.optad360.io
Amazon		 2021-11-17 -
2022-12-15		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-05-21 -
2022-10-31		 5 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-07-28 -
2022-10-22		 3 months crt.sh
*.va.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-05 -
2022-10-30		 3 months crt.sh
*.da.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-07-13 -
2022-10-16		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.us.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-23 -
2022-09-19		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh

This page contains 21 frames:

Primary Page: https://window-rock-az.asbe.us/
Frame ID: 868B55BCCBF344CE5240BB06D47FD601
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20190131/zrt_lookup.html
Frame ID: 47D1FED0D2A8DCDAB58CC89691AD316D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7637664810868603&output=html&adk=1812271804&adf=3025194257&lmt=1659918663&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663211&bpp=4&bdt=661&idt=281&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=593208793467&frm=20&pv=2&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=304
Frame ID: D367A37DD942B6CFE537DA8F588CB452
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=1324227149&adf=1331380594&pi=t.ma~as.7445429383&w=728&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663215&bpp=3&bdt=666&idt=307&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=593208793467&frm=20&pv=2&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=350&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LjMZdITfoJ&p=https%3A//window-rock-az.asbe.us&dtd=313
Frame ID: 7558B2D34AC167E93A44593CDC811032
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=1584250594&adf=2093808581&pi=t.ma~as.7445429383&w=728&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663218&bpp=2&bdt=668&idt=320&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=1466&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=3qqSyMZ1TV&p=https%3A//window-rock-az.asbe.us&dtd=324
Frame ID: 4ED2743E299EA8D4EE09EC8EFC4D3A0A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=1324227149&adf=2160614633&pi=t.ma~as.7445429383&w=728&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663220&bpp=2&bdt=671&idt=326&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=2554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vgVUZ1WrOY&p=https%3A//window-rock-az.asbe.us&dtd=329
Frame ID: 95D46DEFE421FF176734D05A1F0B8978
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=1480869927&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663222&bpp=1&bdt=673&idt=330&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=6uiAYVdfTf&p=https%3A//window-rock-az.asbe.us&dtd=334
Frame ID: EABE68912B143D4D46508654A9FA2ED0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=1377853048&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663223&bpp=1&bdt=674&idt=338&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C336x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=lG5tCK5rNX&p=https%3A//window-rock-az.asbe.us&dtd=341
Frame ID: B3071E587DA9596088E104F714120EC7
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=3412998640&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663224&bpp=1&bdt=674&idt=344&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C336x280%2C336x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=2170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=GfeA4KnkYL&p=https%3A//window-rock-az.asbe.us&dtd=348
Frame ID: A0FFCA664F655FE6D042539AB9974B5C
Requests: 7 HTTP requests in this frame

Frame: https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 255E792296AC575EE24779C7337D37E5
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3L8IaA6iAAcFn5rnXZcyQPm3T0iyZA&u=%7Cb8DkHa3%2FizVfKJHKu7B0Isv97JajqkjYaa7%2Bht5yc%2BA%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MyPEuabJ8EFsiEL6iHTKDBTV-GCkFAih2bg6OirWurEdEIusSTv92zPXupyRXMUR0xT67Z5jRDGKSK4igCbqu4tqsYSiFkseivGk0pG42_SAPT8ik44Mud-JH8Na7gptv3W7V5gnmPh_R4daIggRjG9Za1MPFBOAdBZTCnEUa1AwHtV1Kp7AYyx3yEIvQgAy-c_urtUDWf12BwXXmVa8A7zNTo1_HTaalYFqS3IRHMIdy9Lh66Oj2vCr-k_1iBeXNmcf5YmWwMHU500SIvJyF_eF6ny1qgDhHtjRbICQzwYU9_FiO5yI1biu8KvgW83my9nifW9YS-6t_kFokM7xPTKjGG3Ma_M58WMTmgbwwKrqQfPPj7McHvhcxLad4riWwebAWb9ORFLs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9aMOR1nwYr-5J6KdoPMPn4scnIHvsFyiyqeqdMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTU5MTM5ODk0MTQ4MzYzMDWgAazd_ugDyAEJqAMBqgTJAU_QAN1qZBicXb80vZInWpF3P_DjtfgpjbNSfNNgf_jtLVQ1AqF4TVBJNbbHayXxplUjblJ5cOXgiORmHZxMAlYd6eAEQ5tlSEsIOUiPdRXLGQSxUDIWbmYfCrToxOcNIp1SySet3c2KvFPE1a--h0OulFhQdEnVnhQlOTaRU9rIMY4HK6JHy5pKZOrRXPtujQ_GGkm_YTO9krzJeOShwQq-fU8xfVwdMjzrIXrx2mpJZ_etG4p_nQBn1aG34iNwiKOY8xFSWfBFeoAG-srwwcjd5LxIoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Nq0UQ2yUE9SYOuGO6Jkx2ezlcww%26client%3Dca-pub-5913989414836305%26adurl%3D
Frame ID: 5B3465B825675751519FB111ABCA407C
Requests: 20 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ4VEIaA4NAAi-t7jXpAIE7CPcgn5swA&u=%7Cb8DkHa3%2FizXifI8hdqNMwgmYjQB5rdz3lpS6de9iNcw%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MMe-JRpJ5GvdAwtDTxwS89kfagzzOxoKjOWnfOIVcRIJygB4kJ1EmsYgzvaFcJegMEB6gksyHR6RcZTOYg0bs_Ih3fI1m1WBnsEcyywHrn9AjLBpVQzAJbubjuTj_FNeKvon75XJGStnrPvE6srJ_a6y8OfGPQNlkhtuwiepKaDXZNBb7SDgBw3eyTweAli9W3rUaGCDAHPpc50b_0N2S0QNORu6ZuroA2Op8qtcPA3J4jLI3A0qd3hwJWBr1diT6uh_0cq22ZRhKBb_UKLjT26c3P2ZeqtsCD_ptoaPLh6NW7KJMMkSdN18Xuzab18qLcqkLSFsnqRCFAA2ER7WwDxqiD-nvBpIOdvNZjpfN7MQPqYoxmxTQcrOpK3qyTxxk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3xBrR1nwYtHCJ42coPMPt_2i6Aecge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9DEHsZXHYQt5GqZ9FJthGsZLyx7JcvX_xB4Cdsx3YR1ZSsGLVMrCP5ZOpSFdgKJ8cxQVdOf-CT_9IsMHQRp1Es3bT7fLF7NU70BBcVnB61ob8mmN2ZaeJa4pxLpnwqbUriQ5bDlNLju3Xs5tSqJJkIJZEbfPAxEQo-bLde_4l65cN6E86N538BtAtbuJrpSUym3hIdxUTH_ChmPKs70u5HE4mbbHdjk7p8LfOFPQWw9zaoIC7JZZltYZn5lhRXMOkzdd_05lw4fgAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JHxkHxLH_Rzwt_lol2R-rZ6T_CQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Frame ID: D174179D2A856310532B7BB12AE1114C
Requests: 20 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3CcIaArqAA8Qk1m3lBBgaroolJl5ZQ&u=%7Cb8DkHa3%2FizVAnMxfGXL6stWUxHVT2%2BY03r4dbVW5d8Q%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdiOaeXUa_BrlZgdlqjxaCfARhT6TV4FTHDOks4gc_D2GZNhhU5y6huCU0jSZZaEdPnyMMQD5E-8h8hJyHaGpbAOuauuQjcyrJDfLsWduNYs2VyZ81wQcF2LdEnj-W3UyxDfjHOwJjSQznMhvZYyu3DN6V82HgUocPNFzo_ikY9EXQyUOv9SAqW3sUG1dqzocDxJWt6B9r5d6N-FUf1Tx33Hm8WOuWu_ZZdWhdLJXJx6pBvhqeSqZDQ1ZeQZbIjk8xGSvItnoN_D18eH3urYW5m0k2hpV7sPgaYJdoEW4AOOCHjehRcsrlXQk6ofXLj-Tjau9ephfGnUBNWAb9RiZ_P5ksV-LbPmdZkwp88YSmJtQWCw6CS1CCweC0WrunQkGma3O8VonYpbfDzVeBLVjxn4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeuVFR1nwYqe4J-qVoPMPk6G8GJyB77Bckpq3jKcBwI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMMBT9DinJxm4raScagD1_OAB1vMlNbJJhxSo7VhTgWJheSs2y9p-3vBzd47WlOb3-3_NNem_ZGBrJLEB4LfMPvFnYe46jmHt9aQk8iu8euK7uHqFlG6CTDQJk2H682LJ1N8psmZSUttbTO6sv62e5YxmEZbU8XItDwsGVjsGU_ACp3nL88vPvvj1Sq0GiXDpP23aiKcXoySeZwA7dLeizHDJTExMKFTSlpxU8PC3eW-ydLLXhfv3RPgrRWQ2yCP1Odo2riqgAbqvbC0n6z-ikagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3EY3K6u4ObUFvBXL0tIX_YWeKzEw%26client%3Dca-pub-5913989414836305%26adurl%3D
Frame ID: 2D0D8C91288C2E6F1ECFFB0C2EF44ED8
Requests: 16 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAKFC8IaAvIAAbCEW5rx0LZ3bW24JHG8w&u=%7Cb8DkHa3%2FizWfD3JKbP7eBsHuR5gBBeMjiIPWw%2BRT0e0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZeZTd39aZKOmGn4QLaGA7eGk4Bwc0SWX3jpRJC61-m1wsSexiMol-QOrbsnnJqZmKSEepWm_nVX0ZlA1adJch4_ovCzRqbfYqIhjxTxtO_bfOxGeVTlOYzECZDH4wJtf-Q4DBeMnXNqGhEfOzQ2eFIL0rxzX_wpTtn5PRf6r6hOY86l-b7vzzIF_3IN0n1tve9hwUNsS5ieQYTkMkjw1cXwJv_9Ofm7aLEy_yal3qwkaAUFk7GEjDmdF1Bt73Xq6gicrk_DTcPMXAaDSueaEg8KWPN_WdW3_TXRqXrRKJcRzislPRPXHHDdhRSh_kaw48lJFxf9NnGxZg4pKMgGGxgfJ7Gzz02CJvVz-2uz1quC0I85P_8xWTTri8frTGt23lbiNBpVI9Vc_HuryVgCtTWYs3NKHtLW3w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEylsR1nwYq-oKMiXoPMPkYSb4Aicge-wXJrwqKp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9CgJkHcfXekCauD5sr_PbpCBpkkm4mP1ezFjSsw_0m7B6fiTvcoCx9AIfEyuRuwnMkGy9IPS9jGmiAl9ZXjX9P_CtVT7GJqd_wGsEWpc9Eu0N-tpQo3554pJRhJV6QjvGO321V-za7A7iItUiVwbtH5YHUoo7UO0G3Clv3CarbsZSRPiOFrK4Qz6dupvYFvU6fLXSb0NfQoUtlr7Oic8zZFTFkSsVRSIJRbIA2iV7jvaGR_Ot9Rhcbxr-loXy31ghoIN5g39oFngAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0334XfLKIyp1JUEJh5axXP1_vuIQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Frame ID: 2CB8A79C038CA937CBCF08273A8B581E
Requests: 17 HTTP requests in this frame

Frame: https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 51DE2FFEEF3B796681C4519EC51FDEC1
Requests: 17 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3zMIaAooAAielbBINCih2UptgV-Few&u=%7Cb8DkHa3%2FizUnE8Uf4LGaeAjGFp%2FWuNxCZZsJYMg3WpM%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MhK7bu9yqYwflV60ZIaNn9jku4TIP6WGSmAzHY7aoRA8pwI_44QcHVzl-j8iNLf7A5RZLU8AUVDrriQ3dLntN6xcLCx3JQrqAg3IIoywVfLdYg9jywvCQxyD4fCWx-6R8_qcEAirfGm_D_9XHmAYhrT3KSLf2EY6nF7cxh0OK7tQzOC559EIfVAggRu_iP_2X3PPOU8VYm38IezKOnImeb8qkJzW173jWjt1kh5I5Uj2fbYbvNCtaIEjsUC6Jhptbuxs8vNXcQAoMficqDkNdckJw3FsfNX8iuTO56sLDk7dJiQyx2r-h1WFspR2gbYf7eY2gn43VOeKslYiAdd_SYbpqoIHMHdnAtyHeSmTepxPvyql5nay-j-O31OvMLntggvXXuBdTznw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBaQsR1nwYrO-J6iUoPMPlb2i8AGcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwHIAwKqBMMBT9Cp5bWjPmUB-h4GBjw4Puj0WdDJh8voa-QQnhYTzMtv-QhcLOBRySQMGBiPB0JNsRDdSUBFAoveTfoWXMvgKHJfYXle5tWaygDgTQzk1L5-F0pMT6oaMBcKkmV4VdAxlTT6rEkW5N1LJ_85kvWRjMeeMcX9Q6NaeL8567hzE9hMyIDB1lijcFW1CN0YLI-Jnk8qgglIEt3brwRmFw-NccXVG0jEQrJbRbFHZ83UcmhkVoQQeM4USOVNn8XCAzPE9-1ogAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16PGkyyfBNl9H--xO6tml5DCdzQQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Frame ID: 6963C11A676D415BC0DB0398167D7661
Requests: 21 HTTP requests in this frame

Frame: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=764724967&size=728x90&cc=US&sc=IL&chnm=HARMONY&pid=8POJ4N28G&tpid=TL388V6&https=1&vif=2&requrl=https%3A%2F%2Fwindow-rock-az.asbe.us&nse=5&vi=1659918664989404393&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&bae=B4zaaBag4/&bcpf=B8fOnRrolnfOur84zaaBag4%2F&bdrId=294&ntv=0&matchstring=hr%3D0%7C&kttle=SafeFrame%20Container&katpre=1&katbid=-102&pgid=p0727862344t202208080031&goent=1&htmlsrc=1&allsc=IL
Frame ID: 785E9F52FA511C3C87C187450A6758C5
Requests: 8 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: DE911DB0F0A4DD7AB7E80BAA83F4F222
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E1F9DC1C10D173D8F7F4DFA521578C4B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B8DE23561EE79C475AF3C3FE834FDB5B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 52326AD4CC619B01561A96DE88694B9C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Stores in Window Rock, Arizona

Detected technologies

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

201
Requests

95 %
HTTPS

53 %
IPv6

26
Domains

41
Subdomains

30
IPs

4
Countries

1998 kB
Transfer

4428 kB
Size

31
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9723.a2q8d7qaE2fUyh19VnlqIyo033aXOpWPEEYD7ws-4K1ByP4rXIdYDp9_YJ7wS_bY.VjkLwwtieUvQ7mshbjAIj2bPrTI%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9723.uoNicIAuMYmoBacqist88VfzfseBYWecSk2oP9Eqc4gPBsu7PSp-szitgsT7XgarenqVLLLszMgJgWWbp1rXbg%2C%2C.6-UazYaj2adXG77gD8e3fxl6TaY%2C
Request Chain 140
  • https://mc.yandex.com/watch/83817100?wmode=7&page-url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2xjocdbdc4o86v7h18qg%3Afp%3A431%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A850%3Acn%3A1%3Adp%3A0%3Als%3A537592827502%3Ahid%3A304790411%3Az%3A0%3Ai%3A20220808003103%3Aet%3A1659918664%3Ac%3A1%3Arn%3A252365715%3Arqn%3A1%3Au%3A1659918664290706329%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1659918662252%3Ads%3A43%2C65%2C181%2C6%2C0%2C0%2C%2C148%2C1%2C%2C%2C%2C444%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1659918665%3At%3AStores%20in%20Window%20Rock%2C%20Arizona&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/83817100/1?wmode=7&page-url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2xjocdbdc4o86v7h18qg%3Afp%3A431%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A850%3Acn%3A1%3Adp%3A0%3Als%3A537592827502%3Ahid%3A304790411%3Az%3A0%3Ai%3A20220808003103%3Aet%3A1659918664%3Ac%3A1%3Arn%3A252365715%3Arqn%3A1%3Au%3A1659918664290706329%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1659918662252%3Ads%3A43%2C65%2C181%2C6%2C0%2C0%2C%2C148%2C1%2C%2C%2C%2C444%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1659918665%3At%3AStores%20in%20Window%20Rock%2C%20Arizona&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Request Chain 176
  • https://um.simpli.fi/gp_match?google_gid=CAESEEQ0oZDVaV_YsU5Y4dla2MU&google_cver=1&google_push=AehlK4BigguuKOTwDoIVDiJoQTS2X5m8vtpIa3cwyRV_F_QnhyQfFN3n8wl07m8n1rfN2IcE9pV8X8YHlQ5ERPeQZNEXql-qQTAAPpUa-Qvw-ocZU5YnlCwlMTpfXDVGuArYg0tnqsf6HpY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BA719D7C095F4E64B572FA4911F2F29D&google_push=AehlK4BigguuKOTwDoIVDiJoQTS2X5m8vtpIa3cwyRV_F_QnhyQfFN3n8wl07m8n1rfN2IcE9pV8X8YHlQ5ERPeQZNEXql-qQTAAPpUa-Qvw-ocZU5YnlCwlMTpfXDVGuArYg0tnqsf6HpY
Request Chain 177
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPI93T7Rnlr7s7iMss4telQ&google_cver=1&google_push=AehlK4Bcz-pyzA89peuPDkJstLzRHSZyJM6WXfhu1lBng3pe_pyQJJWzficLhZEyNbsQfmdBUMJyKsmOpTFfyZpNhLQAXoo8GTgSzC97l3xfkhDbEJf9PdTbmjNKjExpCxEPn7-cD1NLeuI HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEPI93T7Rnlr7s7iMss4telQ&google_cver=1&google_push=AehlK4Bcz-pyzA89peuPDkJstLzRHSZyJM6WXfhu1lBng3pe_pyQJJWzficLhZEyNbsQfmdBUMJyKsmOpTFfyZpNhLQAXoo8GTgSzC97l3xfkhDbEJf9PdTbmjNKjExpCxEPn7-cD1NLeuI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NjdjYmVkMjktZTQ2OS00N2RjLWFlMzQtYjNlZTZmNjI5MmIy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=67cbed29-e469-47dc-ae34-b3ee6f6292b2
Request Chain 178
  • https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEN2n5Kn7dFImEqxpOOvHl3Y&google_cver=1&google_push=AehlK4CvUDtX9mjjp0hMZ9lsSpkbNzIAOWYmbIhLY9fUh3cS8oWoJ9rxy5A-B0O3uEUVDBdVBQVQk8Fp2AoK09pHvXgbcDXwSpfmrosGmxkmWdFEdJTGUgbot60Mp4XaxoFp0U_gWw5SvSE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AehlK4CvUDtX9mjjp0hMZ9lsSpkbNzIAOWYmbIhLY9fUh3cS8oWoJ9rxy5A-B0O3uEUVDBdVBQVQk8Fp2AoK09pHvXgbcDXwSpfmrosGmxkmWdFEdJTGUgbot60Mp4XaxoFp0U_gWw5SvSE
Request Chain 179
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPI6cyx4edlN0X_v-MZVDGM&google_cver=1&google_push=AehlK4DJiaj0Str0d2MyudG6C1vTR3GkRgN_rbexO_9fcrUeQ-DRrsEahRJ-EivCVNIz-2Z9Plzhs3B68zBz3ym0VFRIVEEPovleD1vf6b8Dvb3uh-uKWORhf9nzisKS_lRYL35D-7W1AjQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPI6cyx4edlN0X_v-MZVDGM&google_cver=1&google_push=AehlK4DJiaj0Str0d2MyudG6C1vTR3GkRgN_rbexO_9fcrUeQ-DRrsEahRJ-EivCVNIz-2Z9Plzhs3B68zBz3ym0VFRIVEEPovleD1vf6b8Dvb3uh-uKWORhf9nzisKS_lRYL35D-7W1AjQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDcxNDA2MzEzNTY3NDA0NDYwNw&google_push=AehlK4DJiaj0Str0d2MyudG6C1vTR3GkRgN_rbexO_9fcrUeQ-DRrsEahRJ-EivCVNIz-2Z9Plzhs3B68zBz3ym0VFRIVEEPovleD1vf6b8Dvb3uh-uKWORhf9nzisKS_lRYL35D-7W1AjQ
Request Chain 180
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI9f8WqU6NCZdBcfxJf883U&google_cver=1&google_push=AehlK4B-FRRsq0sd_6_SXZ52P96HuxqAH3rOh-zu0ffKO6uRmhlIVWOW2NwB3pIp7gqewqclQ4S5-jcqkEFE0Sy7WlQ-EflNeFdu6GqenYaoUeavqhX0fw4oZIMdqEaYvVqGzNbdfooSoZI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZLMFBSREktMTEtM1lHSw==&google_push=AehlK4B-FRRsq0sd_6_SXZ52P96HuxqAH3rOh-zu0ffKO6uRmhlIVWOW2NwB3pIp7gqewqclQ4S5-jcqkEFE0Sy7WlQ-EflNeFdu6GqenYaoUeavqhX0fw4oZIMdqEaYvVqGzNbdfooSoZI
Request Chain 181
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEL3_ho7Qg3fb7B1Gl_FdCA4&google_cver=1&google_push=AehlK4BIGUU9JSD_QdvzQ8ef8EyP2-JQYfMSLk3SnLeYdW7LmimjAR4dZH1mvkP1tOwTupc_jgLP_LmIgOPKTszBNldNkmAWV81WOondBmY2XemYrZ2-Pe_7yT9aMzP60gnVmXvvZ1J-Kw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4BIGUU9JSD_QdvzQ8ef8EyP2-JQYfMSLk3SnLeYdW7LmimjAR4dZH1mvkP1tOwTupc_jgLP_LmIgOPKTszBNldNkmAWV81WOondBmY2XemYrZ2-Pe_7yT9aMzP60gnVmXvvZ1J-Kw&google_hm=bce3aa7b5d7e0978a30414c5784aca1c
Request Chain 182
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESECNOzC10GIzJFVJrd1eosKM&google_cver=1&google_push=AehlK4CNU9xkbppVP0PKrlwzgwjWG-QADP6kTdtyBqLI6TyCUTzXeqMKAc603IJpKdUDH-GcrJXuFl3IvRDBHpAxd4U_wwnzpJn9XdyfhUDfm0L2StlX0UptF5Lq64D5pm_L-SD-VwZWFgw HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESECNOzC10GIzJFVJrd1eosKM&google_cver=1&google_push=AehlK4CNU9xkbppVP0PKrlwzgwjWG-QADP6kTdtyBqLI6TyCUTzXeqMKAc603IJpKdUDH-GcrJXuFl3IvRDBHpAxd4U_wwnzpJn9XdyfhUDfm0L2StlX0UptF5Lq64D5pm_L-SD-VwZWFgw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=zE5_3erYRU25Gcq0Q_i8cQ==&no_redirect=1&google_push=AehlK4CNU9xkbppVP0PKrlwzgwjWG-QADP6kTdtyBqLI6TyCUTzXeqMKAc603IJpKdUDH-GcrJXuFl3IvRDBHpAxd4U_wwnzpJn9XdyfhUDfm0L2StlX0UptF5Lq64D5pm_L-SD-VwZWFgw
Request Chain 188
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzAyOTIwMjY1NjQxOTU1MDAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIQ0LziIHD6DGxHd_Lry2qA&google_cver=1

201 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
window-rock-az.asbe.us/ 		35 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://window-rock-az.asbe.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:51d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21557c06eb81c4b4e8fde1cd3d85a91acd7ae95d9f8672a6193d5f38905ee3f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
73742597da85638d-ORD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 08 Aug 2022 00:31:02 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtYH7xYcFfYkhB6JchGybEY6wxp4vyETIzuKVoFOV%2FtJ8wPLAPs4bhv9yR3M6racUpZE3%2FtabZvYVlYpMNIrBjKSzS3y03y5%2BnKanUbURYz49ywNf89qxVGg1RAOQqISvTE0y%2Bm92VFY5rxNcmIWfF8bChzz"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-ua-compatible
IE=edge
main.css
window-rock-az.asbe.us/css/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://window-rock-az.asbe.us/css/main.css
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:51d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc0b9bfc26d18e28fbeae39fd1b51caee7c16a60c215549b05478f4bf3f7517
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Wed, 04 Apr 2018 13:36:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0Vbfv8%2FbuKmIW13%2BEhZ8YFiQBX9nN2O129fqAnd6A0Dg6HdFiFtpv%2BX1RLWQndr5ff4ktBoNDnb3IZ29M6%2BZBpRkNFt73cZuPVjaC%2BWXVrCyEN20A5xzcJbv3NiurjSgIyzZeC6NLVsqMYg%2FwE3OGR9etjp"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
737425990c68638d-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 08 Aug 2023 00:31:02 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-115920637-1
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c3633bcf53dcffdf7277f6b3a97c77b6ed2a8971339eb9a08520047a08c5c46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41890
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 Aug 2022 00:31:03 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		168 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d4855b8e6428ef8b76f623e096c1385af042ef85063d8832b3dcbc7c960b6c4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57220
x-xss-protection
0
server
cafe
etag
234015299030772969
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 08 Aug 2022 00:31:03 GMT
/
us03.biz/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us03.biz/?te=mq4wcyzyme5ha3ddf43donrt
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.92.147 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-92-147.ah-server.com
Software
nginx /
Resource Hash
b7e551912222a9afd4ea4ae1d443cb209a4e15cf7526328905f5fb86f185e8e7
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 08 Aug 2022 00:31:03 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
plugin.min.js
get.optad360.io/sf/6a8d596e-844a-11e8-b38b-06048607e8f8/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/6a8d596e-844a-11e8-b38b-06048607e8f8/plugin.min.js
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:0:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95d5ebf15a43edf88784473bd7599787effc57678afee99a2984db0d624d6122

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:03 GMT
content-encoding
gzip
last-modified
Wed, 27 Mar 2019 14:48:35 GMT
server
AmazonS3
age
579
etag
W/"0c22d11008d5ff0d846430cc91fcfb6a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2f04b33f21912079fa9d6afaee0c5dd0.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
EWR53-C2
x-amz-cf-id
fLZzWgeaa9_LzW9JvcPJIC3ayURsdjPvfUSV70Zj28uFQ69CNYpL8g==
main.js
window-rock-az.asbe.us/js/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://window-rock-az.asbe.us/js/main.js
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:51d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3602e923fce33a80e595e9008eb45f7d158f06f2b1bb14f29a599e751f9ce29
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 08 Oct 2018 11:42:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yj252SRKfJi09rt4b%2FDOyIfy6khyOZX0eQzKdQeg9p7dJOYLnlDiPG7G7WWpTpQb18g%2BRneuG6eiJmUQxVshGVb7%2BceuxoR3iEJq2WegkSbECuWgiPjYKnPhxisF9UKimfwBXqWxzsq8fM0mID%2BScq1SB8L7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
737425990c6f638d-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 08 Aug 2023 00:31:02 GMT
watch.js
mc.yandex.ru/metrika/ 		158 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
69c02f544b87a917384825923fc6a04d560452dc5ed97d2b05b4db60fbcef171
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:03 GMT
content-encoding
br
last-modified
Fri, 05 Aug 2022 13:14:52 GMT
etag
"62eced9c-ddfe"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
56830
expires
Mon, 08 Aug 2022 01:31:03 GMT
sprite.png
window-rock-az.asbe.us/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://window-rock-az.asbe.us/img/sprite.png
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:51d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a704e21bafda74efa92be5505df0a25d0e6b52d593007d02982a07405a6592c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:02 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4879
last-modified
Wed, 28 Mar 2018 21:02:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=me%2FEY4I4wWI6MN4srX1O2ZHR%2BoJglOSETU3jVQMmPoKlrS6SUHqbYkSL2J5rVRLdhLWBOztHIKaQ0hGpcTCwsnqHtKYKwkihJ0D5ukdv%2BYxgtPJKBM21MIIShu7JpDc2bG99NwEUGgvD0%2B%2B8LY8s9KNhPeZm"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
73742599cd87638d-ORD
expires
Wed, 07 Sep 2022 00:31:02 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,700&subset=latin
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f4ee745ddb73cf079c293a6aea2eac0fa10b70a47ccebc704d8aacaacc9bf8b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 00:22:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 08 Aug 2022 00:31:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Aug 2022 00:31:03 GMT
staticmap.php
window-rock-az.asbe.us/staticmaplite/ 		845 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://window-rock-az.asbe.us/staticmaplite/staticmap.php?center=35.6658055,-109.0558270&zoom=15&size=127x127&maptype=mapnik&markers=35.6658055,-109.0558270,marker1
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:51d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8109781b045200453fbb3c638e604b7106f3ddccd8ac4e2ed2e39db0408de703
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
public
date
Mon, 08 Aug 2022 00:31:02 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TutIDJzK3WK5mS7xixFNbfL6wzYoVvQyvbPgAp9rXYz9%2Byoc9%2Fg0rrWl1KKfsrsaU8RibxlF19hodEG6Fm5OxyLlV7hVEV9PR4f%2BENI1USg6kXJhVvfWQvYbgS%2BrVqDAavQfp4d%2FoduCsU%2FaNfqOuIDIIOmm"}],"group":"cf-nel","max_age":604800}
content-type
image/png
expires
Mon, 22 Aug 2022 00:31:02 GMT
cache-control
maxage=1209600
cf-ray
73742599ddab638d-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
845
x-ua-compatible
IE=edge
4727.jpg
window-rock-az.asbe.us/img/companies/0/4/47/472/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://window-rock-az.asbe.us/img/companies/0/4/47/472/4727.jpg
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:51d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5104b74f2623ed1ca8110e56be6646e8ca50f504ad1fa92a2f0c998e79952ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:02 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21135
last-modified
Sun, 18 Mar 2018 14:51:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FomcTABkXYzRBGjtv1buffqKlqGEahkeyy7YRjRWlY7Y7gumswKFEgcrv%2BISWXgr1DjkHrNpjut4RrYX9PL5V6DJnX9r6nwchkvIEaSyBvzm%2B%2ByC2gj0M0QS5%2B7QvQGOdqiqTqFuGxVjSPf8P1DfK5OYxgjC"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
73742599ddad638d-ORD
expires
Wed, 07 Sep 2022 00:31:02 GMT
4728.jpg
window-rock-az.asbe.us/img/companies/0/4/47/472/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://window-rock-az.asbe.us/img/companies/0/4/47/472/4728.jpg
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:51d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
466bd520117f22b1b2aa74d417a270cc14af2627975ff26178187b2982c780db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:02 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34658
last-modified
Sun, 18 Mar 2018 14:51:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpUi35sed2IxVajXwaqu4Xk8d%2B9SbBzmZ9AAtDy%2BSziwJZWX7U5HBO4wtcJV8yTvTDVlXpj0TA1XEjJyiSpHmXZ%2FpgjuYNHBr2ZXSl7jr43%2FNG6g97QQXQN%2ByHg7e%2FE4lImyzHq5gHHElcXTvbc3aqGhtf7s"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
73742599ddb0638d-ORD
expires
Wed, 07 Sep 2022 00:31:02 GMT
staticmap.php
window-rock-az.asbe.us/staticmaplite/ 		845 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://window-rock-az.asbe.us/staticmaplite/staticmap.php?center=35.6657767,-109.0547636&zoom=15&size=127x127&maptype=mapnik&markers=35.6657767,-109.0547636,marker1
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:51d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8109781b045200453fbb3c638e604b7106f3ddccd8ac4e2ed2e39db0408de703
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
public
date
Mon, 08 Aug 2022 00:31:03 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NaHM0CcYA4HHLTWeaLqE%2B47xwskfjiszIaiYYP2ZOdxbHhfAuE%2FhtuCKgmIgBZlC1zeUS%2BONx%2B7rvO5jYjElh3HdJZQ6bxVYD2VI%2FNvkyGmBcS0IQgsulgeaJJTAScCw54jegmN9OKhqP7iHw9SC5vpQFFHR"}],"group":"cf-nel","max_age":604800}
content-type
image/png
expires
Mon, 22 Aug 2022 00:31:03 GMT
cache-control
maxage=1209600
cf-ray
73742599ddb1638d-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
845
x-ua-compatible
IE=edge
staticmap.php
window-rock-az.asbe.us/staticmaplite/ 		845 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://window-rock-az.asbe.us/staticmaplite/staticmap.php?center=35.6793090,-109.0547461&zoom=15&size=127x127&maptype=mapnik&markers=35.6793090,-109.0547461,marker1
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:51d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8109781b045200453fbb3c638e604b7106f3ddccd8ac4e2ed2e39db0408de703
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
public
date
Mon, 08 Aug 2022 00:31:02 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OseuaRt6u7o6q3XPuEuR1FLuoyGFWcCBRFCmTOSNnFsboZ6jx%2BWuCx21JSUlZiIf9Eeha7E83CGIMzpp8iAgXZUtGlCa8kZ9mIMYfUBI0d7UpKXOHz3JlqOKtc%2FXXAVPzXlQ1YNWOHRJH%2FsJYqDwszId63%2BN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
expires
Mon, 22 Aug 2022 00:31:02 GMT
cache-control
maxage=1209600
cf-ray
73742599ddb2638d-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
845
x-ua-compatible
IE=edge
staticmap.php
window-rock-az.asbe.us/staticmaplite/ 		845 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://window-rock-az.asbe.us/staticmaplite/staticmap.php?center=35.6639900,-109.0550511&zoom=15&size=127x127&maptype=mapnik&markers=35.6639900,-109.0550511,marker1
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:51d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8109781b045200453fbb3c638e604b7106f3ddccd8ac4e2ed2e39db0408de703
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
public
date
Mon, 08 Aug 2022 00:31:02 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ewSnqkUO%2BNDGZITUHmitFHxTEoJKmZJpVGjTcdmGkydgaS8fK792LjoTkFJfnDg5GX3xmw7kDn1%2B94CUwbhG1CJ5B27VyOYrklbe7HYdZIEcfovhnOoJdU5ECCT%2FjZ2q2XEjrA2hfu3eblcgwNPfRkYq%2Br9W"}],"group":"cf-nel","max_age":604800}
content-type
image/png
expires
Mon, 22 Aug 2022 00:31:02 GMT
cache-control
maxage=1209600
cf-ray
73742599ddb6638d-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
845
x-ua-compatible
IE=edge
staticmap.php
window-rock-az.asbe.us/staticmaplite/ 		845 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://window-rock-az.asbe.us/staticmaplite/staticmap.php?center=35.6805730,-109.0525929&zoom=15&size=127x127&maptype=mapnik&markers=35.6805730,-109.0525929,marker1
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:51d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8109781b045200453fbb3c638e604b7106f3ddccd8ac4e2ed2e39db0408de703
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
public
date
Mon, 08 Aug 2022 00:31:03 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUz2%2F7bL9JVQ9Gn8V%2FiXuPpC2kkL%2Bg1T63k%2FUkFEB6ewt7nX8%2FvIYqEXSNryrbXAwdNGBew1NNjfGI6JNtKJzTK%2FBOdkfaRwsyFDYCzZ2%2FxlZ8lAZJbHHeLYud15CQTgRUVCRuIwlxp6OIOdJyBnI5FiAmI8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
expires
Mon, 22 Aug 2022 00:31:03 GMT
cache-control
maxage=1209600
cf-ray
73742599ddb8638d-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
845
x-ua-compatible
IE=edge
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,700&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://window-rock-az.asbe.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 19:31:56 GMT
x-content-type-options
nosniff
age
363547
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Aug 2023 19:31:56 GMT
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/6a8d596e-844a-11e8-b38b-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77ae4aa7154e53d2d468b52b60f02f856a235e4964c79ac1e60f884412bae210
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28612
x-xss-protection
0
server
sffe
etag
"1297 / 397 of 1000 / last-modified: 1659737217"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 08 Aug 2022 00:31:03 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-115920637-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5322
date
Sun, 07 Aug 2022 23:02:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 08 Aug 2022 01:02:21 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/ 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_fy2021.js?bust=31068809
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd4ba897e5650ea9c127fb29855d43a052ddc116b47a4e536cd2f27741cb4f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122744
x-xss-protection
0
server
cafe
etag
8578341936985344907
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Aug 2022 00:31:03 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220803/r20190131/ Frame 47D1 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220803/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://window-rock-az.asbe.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3266
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 Aug 2022 23:36:37 GMT
etag
8616628553774171045
expires
Sun, 21 Aug 2022 23:36:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8545f789d157443e285020e59d3ede5a7725a9ab6d03ebaa996ef57914d1685c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2022080201.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080201.js?cb=31068764
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
sffe /
Resource Hash
f7a89d8edb260b58ede989d3b499765be906f60509dfce9ed08e9f9f4408036a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 12:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215584
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132754
x-xss-protection
0
last-modified
Tue, 02 Aug 2022 08:35:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 05 Aug 2023 12:37:59 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		76 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=window-rock-az.asbe.us
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
a337ff59f403b9b4c1aaf30b8dfe1a8bf163a02a9aef6c61d8788a90e0678963
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Aug 2022 00:31:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82
x-xss-protection
0
expires
Mon, 08 Aug 2022 00:31:03 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1050128011&t=pageview&_s=1&dl=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&ul=en-us&de=UTF-8&dt=Stores%20in%20Window%20Rock%2C%20Arizona&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1584679703&gjid=35092422&cid=444617771.1659918663&tid=UA-115920637-1&_gid=1636005991.1659918663&_r=1&gtm=2ou830&z=1134586866
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://window-rock-az.asbe.us/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://window-rock-az.asbe.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		381 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=window-rock-az.asbe.us&callback=_gfp_s_&client=ca-pub-7637664810868603&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_fy2021.js?bust=31068809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
ebe431d1b992ff6f19284860f162cc07071917e1d443930efa984b2d039ff46f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=window-rock-az.asbe.us
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_fy2021.js?bust=31068809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Aug 2022 00:31:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D367 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7637664810868603&output=html&adk=1812271804&adf=3025194257&lmt=1659918663&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663211&bpp=4&bdt=661&idt=281&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=593208793467&frm=20&pv=2&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=304
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_fy2021.js?bust=31068809
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://window-rock-az.asbe.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 00:31:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7558 		25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=1324227149&adf=1331380594&pi=t.ma~as.7445429383&w=728&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663215&bpp=3&bdt=666&idt=307&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=593208793467&frm=20&pv=2&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=350&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LjMZdITfoJ&p=https%3A//window-rock-az.asbe.us&dtd=313
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_fy2021.js?bust=31068809
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3dd3a5f0772cd6b5a236986cfa2ab828064292671fe664f91f092e11b857e64d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://window-rock-az.asbe.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10664
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 00:31:03 GMT
expires
Mon, 08 Aug 2022 00:31:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4ED2 		436 B
234 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=1584250594&adf=2093808581&pi=t.ma~as.7445429383&w=728&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663218&bpp=2&bdt=668&idt=320&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=1466&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=3qqSyMZ1TV&p=https%3A//window-rock-az.asbe.us&dtd=324
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_fy2021.js?bust=31068809
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
830d03307e405ab33e1813dad360894ba40e5163a31ddf4c29a23cbb9687af7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://window-rock-az.asbe.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
211
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 00:31:03 GMT
expires
Mon, 08 Aug 2022 00:31:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 95D4 		25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=1324227149&adf=2160614633&pi=t.ma~as.7445429383&w=728&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663220&bpp=2&bdt=671&idt=326&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=2554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vgVUZ1WrOY&p=https%3A//window-rock-az.asbe.us&dtd=329
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_fy2021.js?bust=31068809
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
138583c9a28a85b0f72252a4de85b21c4209a644136128d451571c7a9e63ae6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://window-rock-az.asbe.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10669
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 00:31:03 GMT
expires
Mon, 08 Aug 2022 00:31:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EABE 		25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=1480869927&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663222&bpp=1&bdt=673&idt=330&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=6uiAYVdfTf&p=https%3A//window-rock-az.asbe.us&dtd=334
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_fy2021.js?bust=31068809
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf061395c97f95cf43e469f93063d5acc8920e91539f32032dd7b793a7405dfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://window-rock-az.asbe.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10647
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 00:31:04 GMT
expires
Mon, 08 Aug 2022 00:31:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B307 		25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=1377853048&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663223&bpp=1&bdt=674&idt=338&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C336x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=lG5tCK5rNX&p=https%3A//window-rock-az.asbe.us&dtd=341
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_fy2021.js?bust=31068809
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9569a63b80bc003071927f8e6b50f6cc5112d85c47d1e50893ff063a7f661c52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://window-rock-az.asbe.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10673
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 00:31:03 GMT
expires
Mon, 08 Aug 2022 00:31:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A0FF 		25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=3412998640&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663224&bpp=1&bdt=674&idt=344&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C336x280%2C336x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=2170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=GfeA4KnkYL&p=https%3A//window-rock-az.asbe.us&dtd=348
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_fy2021.js?bust=31068809
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75d896125ab6b6c251b2980066ea18870432a7919dc56bb08d69ccd3cd63e3ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://window-rock-az.asbe.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10654
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 00:31:03 GMT
expires
Mon, 08 Aug 2022 00:31:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9723.a2q8d7qaE2fUyh19VnlqIyo033aXOpWPEEYD7ws-4K1ByP4rXIdYDp9_YJ7wS_bY.VjkLwwtieUvQ7mshbjAIj2bPrTI%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9723.uoNicIAuMYmoBacqist88VfzfseBYWecSk2oP9Eqc4gPBsu7PSp-szitgsT7XgarenqVLLLszMgJgWWbp1rXbg%2C%2C.6-UazYaj2adXG77gD8e3fxl6TaY%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9723.uoNicIAuMYmoBacqist88VfzfseBYWecSk2oP9Eqc4gPBsu7PSp-szitgsT7XgarenqVLLLszMgJgWWbp1rXbg%2C%2C.6-UazYaj2adXG77gD8e3fxl6TaY%2C
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9723.uoNicIAuMYmoBacqist88VfzfseBYWecSk2oP9Eqc4gPBsu7PSp-szitgsT7XgarenqVLLLszMgJgWWbp1rXbg%2C%2C.6-UazYaj2adXG77gD8e3fxl6TaY%2C
date
Mon, 08 Aug 2022 00:31:04 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:03 GMT
last-modified
Fri, 05 Aug 2022 13:14:52 GMT
etag
"62eced9c-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Mon, 08 Aug 2022 01:31:03 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		36 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3310107042177197&correlator=3973506124142670&eid=31068764%2C31068367%2C44770638%2C42531606%2C31064019&output=ldjh&gdfp_req=1&vrg=2022080201&ptt=17&impl=fif&iu_parts=121764058%2Cop13-market2buy.com_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=8&adks=2234238321&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3Dc42f8319b7d2502e-22662812ccd40000%3AT%3D1659918663%3ART%3D1659918663%3AS%3DALNI_MZSdiRNelPN6S-do2zq--XAclu6rg&gpic=UID%3D0000056ffe12ae21%3AT%3D1659918663%3ART%3D1659918663%3AS%3DALNI_MZ1v5kZqtjiBbUWKzNvdmS6Ei97nA&abxe=1&dt=1659918663675&lmt=1659918663&dlt=1659918662550&idt=1099&adxs=0&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&frm=20&vis=1&psz=0x-1&msz=728x-1&fws=512&ohw=0&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080201.js?cb=31068764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
115a9c6c19fea907f4f875b7536631a560ed4b1a6a8dbb2d2db8783c0b8abb3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16026
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://window-rock-az.asbe.us
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 255E 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080201.js?cb=31068764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://window-rock-az.asbe.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 00:31:03 GMT
expires
Tue, 08 Aug 2023 00:31:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame B307 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=1377853048&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663223&bpp=1&bdt=674&idt=338&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C336x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=lG5tCK5rNX&p=https%3A//window-rock-az.asbe.us&dtd=341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:27:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 00:27:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B307 		139 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=1377853048&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663223&bpp=1&bdt=674&idt=338&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C336x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=lG5tCK5rNX&p=https%3A//window-rock-az.asbe.us&dtd=341
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43822
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659527892023609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Aug 2022 00:31:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame B307 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=1377853048&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663223&bpp=1&bdt=674&idt=338&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C336x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=lG5tCK5rNX&p=https%3A//window-rock-az.asbe.us&dtd=341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:23:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
466
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7643
x-xss-protection
0
server
cafe
etag
5476907727954993956
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 00:23:18 GMT
afr.php
ads.us.criteo.com/delivery/r/ Frame 5B34 		144 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3L8IaA6iAAcFn5rnXZcyQPm3T0iyZA&u=%7Cb8DkHa3%2FizVfKJHKu7B0Isv97JajqkjYaa7%2Bht5yc%2BA%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MyPEuabJ8EFsiEL6iHTKDBTV-GCkFAih2bg6OirWurEdEIusSTv92zPXupyRXMUR0xT67Z5jRDGKSK4igCbqu4tqsYSiFkseivGk0pG42_SAPT8ik44Mud-JH8Na7gptv3W7V5gnmPh_R4daIggRjG9Za1MPFBOAdBZTCnEUa1AwHtV1Kp7AYyx3yEIvQgAy-c_urtUDWf12BwXXmVa8A7zNTo1_HTaalYFqS3IRHMIdy9Lh66Oj2vCr-k_1iBeXNmcf5YmWwMHU500SIvJyF_eF6ny1qgDhHtjRbICQzwYU9_FiO5yI1biu8KvgW83my9nifW9YS-6t_kFokM7xPTKjGG3Ma_M58WMTmgbwwKrqQfPPj7McHvhcxLad4riWwebAWb9ORFLs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9aMOR1nwYr-5J6KdoPMPn4scnIHvsFyiyqeqdMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTU5MTM5ODk0MTQ4MzYzMDWgAazd_ugDyAEJqAMBqgTJAU_QAN1qZBicXb80vZInWpF3P_DjtfgpjbNSfNNgf_jtLVQ1AqF4TVBJNbbHayXxplUjblJ5cOXgiORmHZxMAlYd6eAEQ5tlSEsIOUiPdRXLGQSxUDIWbmYfCrToxOcNIp1SySet3c2KvFPE1a--h0OulFhQdEnVnhQlOTaRU9rIMY4HK6JHy5pKZOrRXPtujQ_GGkm_YTO9krzJeOShwQq-fU8xfVwdMjzrIXrx2mpJZ_etG4p_nQBn1aG34iNwiKOY8xFSWfBFeoAG-srwwcjd5LxIoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Nq0UQ2yUE9SYOuGO6Jkx2ezlcww%26client%3Dca-pub-5913989414836305%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=1377853048&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663223&bpp=1&bdt=674&idt=338&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C336x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=lG5tCK5rNX&p=https%3A//window-rock-az.asbe.us&dtd=341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7f2d2b90831a5a0f4cc97928606590bb3988bb0946d888d0bfeffc26b935c54b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 00:31:03 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=mw6CI3WGJ-uCIdgwt8G3l5vASlo81vsARzkuYfJE-WfQe-pY7jpHJ0zio8eguaHlU-OKwnYZ9Wxgc83thv9gbOi14gJW-_y2LYrCchfzJ9SsyIo7LcsVxQ6u7eMU-TYu_80lIEb4cP4TqnvMNOGkKoM8FOuJ5G-JzaWcnwSZsvOyCosfWgJ-TO5o29wNVCnkedbs_y2TZwhjA1wXNrgBhsC80anFnzGMapYeLUMmE5wwNw_yuXY619FBrdGKgT9WhEQZmOgmxqaSPHHK"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
63855168
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
adview
googleads.g.doubleclick.net/pagead/ Frame B307 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C3z73R1nwYr-5J6KdoPMPn4scnIHvsFyiyqeqdMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTU5MTM5ODk0MTQ4MzYzMDWgAazd_ugDyAEJqAMBqgTGAU_QAN1qZBicXb80vZInWpF3P_DjtfgpjbNSfNNgf_jtLVQ1AqF4TVBJNbbHayXxplUjblJ5cOXgiORmHZxMAlYd6eAEQ5tlSEsIOUiPdRXLGQSxUDIWbmYfCrToxOcNIp1SySet3c2KvFPE1a--h0OulFhQdEnVnhQlOTaRU9rIMY4HK6JHy5pKZOrRXPtujQ_GGkm_YTO9krzJeOShwQq-P00R7_fvuzwoqBd9MRDApECRM4NRhcT8Jts-K51upLsxJYBSmoAG-srwwcjd5LxIoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTkxMzk4OTQxNDgzNjMwNRgA&sigh=jF7ewrBORZ8&uach_m=[UACH]&cid=CAQSGwCsnQUxsYuph3G6fuEvM-LKvdKlp2XWvcmKehgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=1377853048&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663223&bpp=1&bdt=674&idt=338&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C336x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=lG5tCK5rNX&p=https%3A//window-rock-az.asbe.us&dtd=341
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=1377853048&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663223&bpp=1&bdt=674&idt=338&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C336x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=lG5tCK5rNX&p=https%3A//window-rock-az.asbe.us&dtd=341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 08 Aug 2022 00:31:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 08 Aug 2022 00:31:03 GMT
notify
rtb.va.us.criteo.com/google/auction/ Frame B307 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=ktveD9iCMNACmALiIp0XAgAAAH8869fF4m-uPRonkhBGWfBi_jkWonVNWMTGej0AEgAA&wp=YvBZRwAJ3L8IaA6iAAcFn5rnXZcyQPm3T0iyZA&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=1377853048&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663223&bpp=1&bdt=674&idt=338&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C336x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=lG5tCK5rNX&p=https%3A//window-rock-az.asbe.us&dtd=341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:03 GMT
server
Kestrel
server-processing-duration-in-ticks
233601
content-length
0
strict-transport-security
max-age=31536000; preload;
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame A0FF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=3412998640&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663224&bpp=1&bdt=674&idt=344&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C336x280%2C336x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=2170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=GfeA4KnkYL&p=https%3A//window-rock-az.asbe.us&dtd=348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:27:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 00:27:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A0FF 		139 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=3412998640&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663224&bpp=1&bdt=674&idt=344&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C336x280%2C336x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=2170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=GfeA4KnkYL&p=https%3A//window-rock-az.asbe.us&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43822
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659527892023609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Aug 2022 00:31:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame A0FF 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=3412998640&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663224&bpp=1&bdt=674&idt=344&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C336x280%2C336x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=2170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=GfeA4KnkYL&p=https%3A//window-rock-az.asbe.us&dtd=348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:23:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
466
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7643
x-xss-protection
0
server
cafe
etag
5476907727954993956
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 00:23:18 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A0FF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CADE-R1nwYtHCJ42coPMPt_2i6Aecge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMYBT9DEHsZXHYQt5GqZ9FJthGsZLyx7JcvX_xB4Cdsx3YR1ZSsGLVMrCP5ZOpSFdgKJ8cxQVdOf-CT_9IsMHQRp1Es3bT7fLF7NU70BBcVnB61ob8mmN2ZaeJa4pxLpnwqbUriQ5bDlNLju3Xs5tSqJJkIJZEbfPAxEQo-bLde_4l65cN6E86N538BtAtbuJrpSUym3hIdxUTH_ChmPKs70u5GG4EZJtipt7lyCEW2kO-X-epYgApxBosCrHPesOwvgIuUL5v36gAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTEzOTg5NDE0ODM2MzA1GAA&sigh=MA3oa_Z-fVY&uach_m=[UACH]&cid=CAQSGwCsnQUxvKDLVjozBqclasmNihgpF2UEs9vfrBgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=3412998640&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663224&bpp=1&bdt=674&idt=344&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C336x280%2C336x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=2170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=GfeA4KnkYL&p=https%3A//window-rock-az.asbe.us&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=3412998640&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663224&bpp=1&bdt=674&idt=344&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C336x280%2C336x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=2170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=GfeA4KnkYL&p=https%3A//window-rock-az.asbe.us&dtd=348
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 08 Aug 2022 00:31:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 08 Aug 2022 00:31:03 GMT
notify
rtb.va.us.criteo.com/google/auction/ Frame A0FF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=ktveD9iCMNACmALiIp0XAgAAAH8869fF4m-uPRonkhBHWfBi3QKPQxdXnvnp_BgAEgAA&wp=YvBZRwAJ4VEIaA4NAAi-t7jXpAIE7CPcgn5swA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=3412998640&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663224&bpp=1&bdt=674&idt=344&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C336x280%2C336x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=2170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=GfeA4KnkYL&p=https%3A//window-rock-az.asbe.us&dtd=348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:03 GMT
server
Kestrel
server-processing-duration-in-ticks
203339
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.us.criteo.com/delivery/r/ Frame D174 		144 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ4VEIaA4NAAi-t7jXpAIE7CPcgn5swA&u=%7Cb8DkHa3%2FizXifI8hdqNMwgmYjQB5rdz3lpS6de9iNcw%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MMe-JRpJ5GvdAwtDTxwS89kfagzzOxoKjOWnfOIVcRIJygB4kJ1EmsYgzvaFcJegMEB6gksyHR6RcZTOYg0bs_Ih3fI1m1WBnsEcyywHrn9AjLBpVQzAJbubjuTj_FNeKvon75XJGStnrPvE6srJ_a6y8OfGPQNlkhtuwiepKaDXZNBb7SDgBw3eyTweAli9W3rUaGCDAHPpc50b_0N2S0QNORu6ZuroA2Op8qtcPA3J4jLI3A0qd3hwJWBr1diT6uh_0cq22ZRhKBb_UKLjT26c3P2ZeqtsCD_ptoaPLh6NW7KJMMkSdN18Xuzab18qLcqkLSFsnqRCFAA2ER7WwDxqiD-nvBpIOdvNZjpfN7MQPqYoxmxTQcrOpK3qyTxxk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3xBrR1nwYtHCJ42coPMPt_2i6Aecge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9DEHsZXHYQt5GqZ9FJthGsZLyx7JcvX_xB4Cdsx3YR1ZSsGLVMrCP5ZOpSFdgKJ8cxQVdOf-CT_9IsMHQRp1Es3bT7fLF7NU70BBcVnB61ob8mmN2ZaeJa4pxLpnwqbUriQ5bDlNLju3Xs5tSqJJkIJZEbfPAxEQo-bLde_4l65cN6E86N538BtAtbuJrpSUym3hIdxUTH_ChmPKs70u5HE4mbbHdjk7p8LfOFPQWw9zaoIC7JZZltYZn5lhRXMOkzdd_05lw4fgAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JHxkHxLH_Rzwt_lol2R-rZ6T_CQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=3412998640&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663224&bpp=1&bdt=674&idt=344&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C336x280%2C336x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=2170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=GfeA4KnkYL&p=https%3A//window-rock-az.asbe.us&dtd=348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
467b4a07fb7c3f3974a7910329c33bd52854a6e573f7a5a97b6af470a0c5633a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 00:31:03 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=06TOoHWGJ-uCIdgwsc_Jp6aGIrF8wyfe-u04DlPZsx30mKkWEkMuwkzQTv61PU2L-g4YSK4LIRhEzI2iUtdzEMOkvo4m9jpQOs46zo1kVoj2X_OcjJKY1rsxvl5CUmuX4E1cuzCjC4IkoAZWLg7eUzzhPtRc_vLHMIBSSHA-utq7Q0c80pS6K-ngPyyVzNodDkAOVVk3p_fPMYFPEzB7iNPnObGwvxAC7DbtcSIqMYo41DnP1A6NgMBnKvTeBjBJ1nR9Kg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
91921816
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame 7558 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=1324227149&adf=1331380594&pi=t.ma~as.7445429383&w=728&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663215&bpp=3&bdt=666&idt=307&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=593208793467&frm=20&pv=2&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=350&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LjMZdITfoJ&p=https%3A//window-rock-az.asbe.us&dtd=313
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:27:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 00:27:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7558 		139 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=1324227149&adf=1331380594&pi=t.ma~as.7445429383&w=728&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663215&bpp=3&bdt=666&idt=307&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=593208793467&frm=20&pv=2&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=350&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LjMZdITfoJ&p=https%3A//window-rock-az.asbe.us&dtd=313
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43822
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659527892023609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Aug 2022 00:31:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame 7558 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=1324227149&adf=1331380594&pi=t.ma~as.7445429383&w=728&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663215&bpp=3&bdt=666&idt=307&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=593208793467&frm=20&pv=2&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=350&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LjMZdITfoJ&p=https%3A//window-rock-az.asbe.us&dtd=313
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:23:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
466
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7643
x-xss-protection
0
server
cafe
etag
5476907727954993956
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 00:23:18 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7558 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CqbRaR1nwYqe4J-qVoPMPk6G8GJyB77Bckpq3jKcBwI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMABT9DinJxm4raScagD1_OAB1vMlNbJJhxSo7VhTgWJheSs2y9p-3vBzd47WlOb3-3_NNem_ZGBrJLEB4LfMPvFnYe46jmHt9aQk8iu8euK7uHqFlG6CTDQJk2H682LJ1N8psmZSUttbTO6sv62e5YxmEZbU8XItDwsGVjsGU_ACp3nL88vPvvj1Sq0GiXDpP23aiKcXoySeZwA7dKciRFRjsO4MGLaJ9aaKUoBatmWwPzTmowcp5opEwu8w4lZReergAbqvbC0n6z-ikagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTEzOTg5NDE0ODM2MzA1GAA&sigh=YtXL76Q9kqc&uach_m=[UACH]&cid=CAQSGwCsnQUxfSox4E2hXkgWNHDK0qwQSMjVX9lRZBgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=1324227149&adf=1331380594&pi=t.ma~as.7445429383&w=728&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663215&bpp=3&bdt=666&idt=307&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=593208793467&frm=20&pv=2&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=350&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LjMZdITfoJ&p=https%3A//window-rock-az.asbe.us&dtd=313
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=1324227149&adf=1331380594&pi=t.ma~as.7445429383&w=728&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663215&bpp=3&bdt=666&idt=307&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=593208793467&frm=20&pv=2&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=350&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LjMZdITfoJ&p=https%3A//window-rock-az.asbe.us&dtd=313
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 08 Aug 2022 00:31:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 08 Aug 2022 00:31:04 GMT
notify
rtb.da.us.criteo.com/google/auction/ Frame 7558 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.da.us.criteo.com/google/auction/notify?profile=14&payload=kvC1E836RNgFmALiIp0XAgAAAH8869fF4m-uPRonkhBHWfBiC5BrkrHwWFQqXqUAEgAA&wp=YvBZRwAJ3CcIaArqAA8Qk1m3lBBgaroolJl5ZQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=1324227149&adf=1331380594&pi=t.ma~as.7445429383&w=728&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663215&bpp=3&bdt=666&idt=307&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=593208793467&frm=20&pv=2&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=350&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LjMZdITfoJ&p=https%3A//window-rock-az.asbe.us&dtd=313
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a005::14 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:03 GMT
server
Kestrel
server-processing-duration-in-ticks
294892
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.us.criteo.com/delivery/r/ Frame 2D0D 		116 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3CcIaArqAA8Qk1m3lBBgaroolJl5ZQ&u=%7Cb8DkHa3%2FizVAnMxfGXL6stWUxHVT2%2BY03r4dbVW5d8Q%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdiOaeXUa_BrlZgdlqjxaCfARhT6TV4FTHDOks4gc_D2GZNhhU5y6huCU0jSZZaEdPnyMMQD5E-8h8hJyHaGpbAOuauuQjcyrJDfLsWduNYs2VyZ81wQcF2LdEnj-W3UyxDfjHOwJjSQznMhvZYyu3DN6V82HgUocPNFzo_ikY9EXQyUOv9SAqW3sUG1dqzocDxJWt6B9r5d6N-FUf1Tx33Hm8WOuWu_ZZdWhdLJXJx6pBvhqeSqZDQ1ZeQZbIjk8xGSvItnoN_D18eH3urYW5m0k2hpV7sPgaYJdoEW4AOOCHjehRcsrlXQk6ofXLj-Tjau9ephfGnUBNWAb9RiZ_P5ksV-LbPmdZkwp88YSmJtQWCw6CS1CCweC0WrunQkGma3O8VonYpbfDzVeBLVjxn4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeuVFR1nwYqe4J-qVoPMPk6G8GJyB77Bckpq3jKcBwI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMMBT9DinJxm4raScagD1_OAB1vMlNbJJhxSo7VhTgWJheSs2y9p-3vBzd47WlOb3-3_NNem_ZGBrJLEB4LfMPvFnYe46jmHt9aQk8iu8euK7uHqFlG6CTDQJk2H682LJ1N8psmZSUttbTO6sv62e5YxmEZbU8XItDwsGVjsGU_ACp3nL88vPvvj1Sq0GiXDpP23aiKcXoySeZwA7dLeizHDJTExMKFTSlpxU8PC3eW-ydLLXhfv3RPgrRWQ2yCP1Odo2riqgAbqvbC0n6z-ikagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3EY3K6u4ObUFvBXL0tIX_YWeKzEw%26client%3Dca-pub-5913989414836305%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=1324227149&adf=1331380594&pi=t.ma~as.7445429383&w=728&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663215&bpp=3&bdt=666&idt=307&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=593208793467&frm=20&pv=2&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=350&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LjMZdITfoJ&p=https%3A//window-rock-az.asbe.us&dtd=313
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
53d5e6422d7b346515a824df755ca4bfb92a83acd6543e96fc7ab4d21b817a15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 00:31:04 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=MxAZnHWGJ-uCIdgwk-rDyxhuN6AfMmtUgR-mjs6Oc6cr4VXAWAMLCW27NXlwW3OenO4BBGMoDtD5t6yaY7x-2imJSjKPhXRv42QqaZv-i0z2_CYeJdxwcks8yxZmUkco9M0xCAhLdXkc5VNt3UP6kzz_JBRJvtMj-7efO66odm9PUblCTN68RgLCONjPEy2LlbxowCUSXMG5nOp11igb2bem7rpM8XU4n0e2paUTpnnkwOE08pzhcVdfAEPkLd2m9Axw6A1ko7-V8iYm"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
56610707
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=1584250594&adf=2093808581&fmt=728x280&str=true&ad_y=1465.578125&vph=1200&r_nh=0&r_ifr=true&qid=CO-BtvL-tfkCFTcOaAgdUJgHTQ&w=728&h=280&nh=0&rsz=%7C%7CeE%7C&abl=CS&frsz=false&err=0&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame 95D4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=1324227149&adf=2160614633&pi=t.ma~as.7445429383&w=728&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663220&bpp=2&bdt=671&idt=326&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=2554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vgVUZ1WrOY&p=https%3A//window-rock-az.asbe.us&dtd=329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:27:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 00:27:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 95D4 		139 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=1324227149&adf=2160614633&pi=t.ma~as.7445429383&w=728&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663220&bpp=2&bdt=671&idt=326&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=2554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vgVUZ1WrOY&p=https%3A//window-rock-az.asbe.us&dtd=329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43822
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659527892023609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Aug 2022 00:31:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame 95D4 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=1324227149&adf=2160614633&pi=t.ma~as.7445429383&w=728&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663220&bpp=2&bdt=671&idt=326&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=2554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vgVUZ1WrOY&p=https%3A//window-rock-az.asbe.us&dtd=329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:23:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
466
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7643
x-xss-protection
0
server
cafe
etag
5476907727954993956
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 00:23:18 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 95D4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CCbIfR1nwYq-oKMiXoPMPkYSb4Aicge-wXJrwqKp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMYBT9CgJkHcfXekCauD5sr_PbpCBpkkm4mP1ezFjSsw_0m7B6fiTvcoCx9AIfEyuRuwnMkGy9IPS9jGmiAl9ZXjX9P_CtVT7GJqd_wGsEWpc9Eu0N-tpQo3554pJRhJV6QjvGO321V-za7A7iItUiVwbtH5YHUoo7UO0G3Clv3CarbsZSRPiOFrK4Qz6dupvYFvU6fLXSb0NfQoUtlr7Oic8zYHTnmAGqbbIFfSTYFJLTEs31hXM_FJQV0C1WCh4TPZmrPeppj0gAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTEzOTg5NDE0ODM2MzA1GAA&sigh=m-sIX_PYOfY&uach_m=[UACH]&cid=CAQSGwCsnQUxoai1XcrkQHBIuZKcvtZG8DgzIRKl5BgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=1324227149&adf=2160614633&pi=t.ma~as.7445429383&w=728&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663220&bpp=2&bdt=671&idt=326&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=2554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vgVUZ1WrOY&p=https%3A//window-rock-az.asbe.us&dtd=329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=1324227149&adf=2160614633&pi=t.ma~as.7445429383&w=728&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663220&bpp=2&bdt=671&idt=326&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=2554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vgVUZ1WrOY&p=https%3A//window-rock-az.asbe.us&dtd=329
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 08 Aug 2022 00:31:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.da.us.criteo.com/google/auction/ Frame 95D4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.da.us.criteo.com/google/auction/notify?profile=14&payload=ktveD836RNgFmALiIp0XAgAAAH8869fF4m-uPRonkhBHWfBi1pRO8YkKhM9Rh9EAEgAA&wp=YvBZRwAKFC8IaAvIAAbCEW5rx0LZ3bW24JHG8w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=1324227149&adf=2160614633&pi=t.ma~as.7445429383&w=728&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663220&bpp=2&bdt=671&idt=326&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=2554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vgVUZ1WrOY&p=https%3A//window-rock-az.asbe.us&dtd=329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a005::14 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
server
Kestrel
server-processing-duration-in-ticks
295866
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.us.criteo.com/delivery/r/ Frame 2CB8 		141 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAKFC8IaAvIAAbCEW5rx0LZ3bW24JHG8w&u=%7Cb8DkHa3%2FizWfD3JKbP7eBsHuR5gBBeMjiIPWw%2BRT0e0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZeZTd39aZKOmGn4QLaGA7eGk4Bwc0SWX3jpRJC61-m1wsSexiMol-QOrbsnnJqZmKSEepWm_nVX0ZlA1adJch4_ovCzRqbfYqIhjxTxtO_bfOxGeVTlOYzECZDH4wJtf-Q4DBeMnXNqGhEfOzQ2eFIL0rxzX_wpTtn5PRf6r6hOY86l-b7vzzIF_3IN0n1tve9hwUNsS5ieQYTkMkjw1cXwJv_9Ofm7aLEy_yal3qwkaAUFk7GEjDmdF1Bt73Xq6gicrk_DTcPMXAaDSueaEg8KWPN_WdW3_TXRqXrRKJcRzislPRPXHHDdhRSh_kaw48lJFxf9NnGxZg4pKMgGGxgfJ7Gzz02CJvVz-2uz1quC0I85P_8xWTTri8frTGt23lbiNBpVI9Vc_HuryVgCtTWYs3NKHtLW3w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEylsR1nwYq-oKMiXoPMPkYSb4Aicge-wXJrwqKp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9CgJkHcfXekCauD5sr_PbpCBpkkm4mP1ezFjSsw_0m7B6fiTvcoCx9AIfEyuRuwnMkGy9IPS9jGmiAl9ZXjX9P_CtVT7GJqd_wGsEWpc9Eu0N-tpQo3554pJRhJV6QjvGO321V-za7A7iItUiVwbtH5YHUoo7UO0G3Clv3CarbsZSRPiOFrK4Qz6dupvYFvU6fLXSb0NfQoUtlr7Oic8zZFTFkSsVRSIJRbIA2iV7jvaGR_Ot9Rhcbxr-loXy31ghoIN5g39oFngAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0334XfLKIyp1JUEJh5axXP1_vuIQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=1324227149&adf=2160614633&pi=t.ma~as.7445429383&w=728&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663220&bpp=2&bdt=671&idt=326&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=2554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vgVUZ1WrOY&p=https%3A//window-rock-az.asbe.us&dtd=329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
37b29411c4a911a348f82a34b96bc711f3fae2cfbeb93450d2b1257c9d4bae3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 00:31:04 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=Bw8efXWGJ-uCIdgw2HFCkNKIlBoyBT2GDt34hcF5bg_4n3PjI4jLSqYHdRl8Qytd_dvDsy2lT7wreYkREJW5doWMOxrnR35Zdgk5I0rXpplGZLHqq1fpIVrETix3lZ_c7bJwoThkLmosLbIoSuDR18DYpMd6gARXcJDhRhn2uKJqCp4AP-dlzbx5AKS9ZahEoaKLioCszbPpF6Z-3LlDPGNy1cmJI_tOg_vgJuw8ngT3sXmhBf0XZ5zM9q0ZcqT41AxjVNELrN2t5LzI"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
129899176
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
container.html
7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 51DE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080201.js?cb=31068764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://window-rock-az.asbe.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 00:31:03 GMT
expires
Tue, 08 Aug 2023 00:31:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7558 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8587c95e31d09f99f40dcc88520ca82c33ae738945361375fd1d7ae5bea28b45

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B307 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f89a0ac1364a8011f8d4a672a39ee3cfa2cc04fecabc392133889de6925ebc65

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 2D0D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3CcIaArqAA8Qk1m3lBBgaroolJl5ZQ&u=%7Cb8DkHa3%2FizVAnMxfGXL6stWUxHVT2%2BY03r4dbVW5d8Q%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdiOaeXUa_BrlZgdlqjxaCfARhT6TV4FTHDOks4gc_D2GZNhhU5y6huCU0jSZZaEdPnyMMQD5E-8h8hJyHaGpbAOuauuQjcyrJDfLsWduNYs2VyZ81wQcF2LdEnj-W3UyxDfjHOwJjSQznMhvZYyu3DN6V82HgUocPNFzo_ikY9EXQyUOv9SAqW3sUG1dqzocDxJWt6B9r5d6N-FUf1Tx33Hm8WOuWu_ZZdWhdLJXJx6pBvhqeSqZDQ1ZeQZbIjk8xGSvItnoN_D18eH3urYW5m0k2hpV7sPgaYJdoEW4AOOCHjehRcsrlXQk6ofXLj-Tjau9ephfGnUBNWAb9RiZ_P5ksV-LbPmdZkwp88YSmJtQWCw6CS1CCweC0WrunQkGma3O8VonYpbfDzVeBLVjxn4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeuVFR1nwYqe4J-qVoPMPk6G8GJyB77Bckpq3jKcBwI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMMBT9DinJxm4raScagD1_OAB1vMlNbJJhxSo7VhTgWJheSs2y9p-3vBzd47WlOb3-3_NNem_ZGBrJLEB4LfMPvFnYe46jmHt9aQk8iu8euK7uHqFlG6CTDQJk2H682LJ1N8psmZSUttbTO6sv62e5YxmEZbU8XItDwsGVjsGU_ACp3nL88vPvvj1Sq0GiXDpP23aiKcXoySeZwA7dLeizHDJTExMKFTSlpxU8PC3eW-ydLLXhfv3RPgrRWQ2yCP1Odo2riqgAbqvbC0n6z-ikagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3EY3K6u4ObUFvBXL0tIX_YWeKzEw%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 2D0D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3CcIaArqAA8Qk1m3lBBgaroolJl5ZQ&u=%7Cb8DkHa3%2FizVAnMxfGXL6stWUxHVT2%2BY03r4dbVW5d8Q%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdiOaeXUa_BrlZgdlqjxaCfARhT6TV4FTHDOks4gc_D2GZNhhU5y6huCU0jSZZaEdPnyMMQD5E-8h8hJyHaGpbAOuauuQjcyrJDfLsWduNYs2VyZ81wQcF2LdEnj-W3UyxDfjHOwJjSQznMhvZYyu3DN6V82HgUocPNFzo_ikY9EXQyUOv9SAqW3sUG1dqzocDxJWt6B9r5d6N-FUf1Tx33Hm8WOuWu_ZZdWhdLJXJx6pBvhqeSqZDQ1ZeQZbIjk8xGSvItnoN_D18eH3urYW5m0k2hpV7sPgaYJdoEW4AOOCHjehRcsrlXQk6ofXLj-Tjau9ephfGnUBNWAb9RiZ_P5ksV-LbPmdZkwp88YSmJtQWCw6CS1CCweC0WrunQkGma3O8VonYpbfDzVeBLVjxn4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeuVFR1nwYqe4J-qVoPMPk6G8GJyB77Bckpq3jKcBwI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMMBT9DinJxm4raScagD1_OAB1vMlNbJJhxSo7VhTgWJheSs2y9p-3vBzd47WlOb3-3_NNem_ZGBrJLEB4LfMPvFnYe46jmHt9aQk8iu8euK7uHqFlG6CTDQJk2H682LJ1N8psmZSUttbTO6sv62e5YxmEZbU8XItDwsGVjsGU_ACp3nL88vPvvj1Sq0GiXDpP23aiKcXoySeZwA7dLeizHDJTExMKFTSlpxU8PC3eW-ydLLXhfv3RPgrRWQ2yCP1Odo2riqgAbqvbC0n6z-ikagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3EY3K6u4ObUFvBXL0tIX_YWeKzEw%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 2D0D 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3CcIaArqAA8Qk1m3lBBgaroolJl5ZQ&u=%7Cb8DkHa3%2FizVAnMxfGXL6stWUxHVT2%2BY03r4dbVW5d8Q%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdiOaeXUa_BrlZgdlqjxaCfARhT6TV4FTHDOks4gc_D2GZNhhU5y6huCU0jSZZaEdPnyMMQD5E-8h8hJyHaGpbAOuauuQjcyrJDfLsWduNYs2VyZ81wQcF2LdEnj-W3UyxDfjHOwJjSQznMhvZYyu3DN6V82HgUocPNFzo_ikY9EXQyUOv9SAqW3sUG1dqzocDxJWt6B9r5d6N-FUf1Tx33Hm8WOuWu_ZZdWhdLJXJx6pBvhqeSqZDQ1ZeQZbIjk8xGSvItnoN_D18eH3urYW5m0k2hpV7sPgaYJdoEW4AOOCHjehRcsrlXQk6ofXLj-Tjau9ephfGnUBNWAb9RiZ_P5ksV-LbPmdZkwp88YSmJtQWCw6CS1CCweC0WrunQkGma3O8VonYpbfDzVeBLVjxn4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeuVFR1nwYqe4J-qVoPMPk6G8GJyB77Bckpq3jKcBwI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMMBT9DinJxm4raScagD1_OAB1vMlNbJJhxSo7VhTgWJheSs2y9p-3vBzd47WlOb3-3_NNem_ZGBrJLEB4LfMPvFnYe46jmHt9aQk8iu8euK7uHqFlG6CTDQJk2H682LJ1N8psmZSUttbTO6sv62e5YxmEZbU8XItDwsGVjsGU_ACp3nL88vPvvj1Sq0GiXDpP23aiKcXoySeZwA7dLeizHDJTExMKFTSlpxU8PC3eW-ydLLXhfv3RPgrRWQ2yCP1Odo2riqgAbqvbC0n6z-ikagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3EY3K6u4ObUFvBXL0tIX_YWeKzEw%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 03 Aug 2023 00:31:04 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 2D0D 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3CcIaArqAA8Qk1m3lBBgaroolJl5ZQ&u=%7Cb8DkHa3%2FizVAnMxfGXL6stWUxHVT2%2BY03r4dbVW5d8Q%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdiOaeXUa_BrlZgdlqjxaCfARhT6TV4FTHDOks4gc_D2GZNhhU5y6huCU0jSZZaEdPnyMMQD5E-8h8hJyHaGpbAOuauuQjcyrJDfLsWduNYs2VyZ81wQcF2LdEnj-W3UyxDfjHOwJjSQznMhvZYyu3DN6V82HgUocPNFzo_ikY9EXQyUOv9SAqW3sUG1dqzocDxJWt6B9r5d6N-FUf1Tx33Hm8WOuWu_ZZdWhdLJXJx6pBvhqeSqZDQ1ZeQZbIjk8xGSvItnoN_D18eH3urYW5m0k2hpV7sPgaYJdoEW4AOOCHjehRcsrlXQk6ofXLj-Tjau9ephfGnUBNWAb9RiZ_P5ksV-LbPmdZkwp88YSmJtQWCw6CS1CCweC0WrunQkGma3O8VonYpbfDzVeBLVjxn4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeuVFR1nwYqe4J-qVoPMPk6G8GJyB77Bckpq3jKcBwI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMMBT9DinJxm4raScagD1_OAB1vMlNbJJhxSo7VhTgWJheSs2y9p-3vBzd47WlOb3-3_NNem_ZGBrJLEB4LfMPvFnYe46jmHt9aQk8iu8euK7uHqFlG6CTDQJk2H682LJ1N8psmZSUttbTO6sv62e5YxmEZbU8XItDwsGVjsGU_ACp3nL88vPvvj1Sq0GiXDpP23aiKcXoySeZwA7dLeizHDJTExMKFTSlpxU8PC3eW-ydLLXhfv3RPgrRWQ2yCP1Odo2riqgAbqvbC0n6z-ikagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3EY3K6u4ObUFvBXL0tIX_YWeKzEw%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 03 Aug 2023 00:31:04 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 2D0D 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=qTV5A3m44W8GqITV2MjljHs71DZNRDqdw7jbI_MIggVMe-TMza55rB9BDZnX8rc9fQFdfK6t-NqfVd2PaIgNwKEDFtBP4w7eFDozN-MzZNLDSg3SV0_BD8vWVFTuovadfJxCQ8PuqHDBfwgXsQ-MG3IyXzE6EECZUF9HO6HLIV2omaYq8j7W8Ccn6PFW9MjvuHq8Qe0a6DEGpazwcwF4KxRW2PYJiTcftRghynMX5Wor6r2Cl4QITQHkc8flU9ZCyL0hl3z54hugVhKiEYA7-bKXBx-7HjzVjR9BGwZxsyFQtPFotp5VOr-VznC0ZwVFRb_JU7-kyp9Fo8CWjBMbRGp-tLF7z8sjz9b56dsFZajFk9tT7oeoxIIvF7ykhG_Wphe4FIdl02k6QJAn_iGbIlKjLC05kGQltgFCO96hzyph-wua
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3CcIaArqAA8Qk1m3lBBgaroolJl5ZQ&u=%7Cb8DkHa3%2FizVAnMxfGXL6stWUxHVT2%2BY03r4dbVW5d8Q%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdiOaeXUa_BrlZgdlqjxaCfARhT6TV4FTHDOks4gc_D2GZNhhU5y6huCU0jSZZaEdPnyMMQD5E-8h8hJyHaGpbAOuauuQjcyrJDfLsWduNYs2VyZ81wQcF2LdEnj-W3UyxDfjHOwJjSQznMhvZYyu3DN6V82HgUocPNFzo_ikY9EXQyUOv9SAqW3sUG1dqzocDxJWt6B9r5d6N-FUf1Tx33Hm8WOuWu_ZZdWhdLJXJx6pBvhqeSqZDQ1ZeQZbIjk8xGSvItnoN_D18eH3urYW5m0k2hpV7sPgaYJdoEW4AOOCHjehRcsrlXQk6ofXLj-Tjau9ephfGnUBNWAb9RiZ_P5ksV-LbPmdZkwp88YSmJtQWCw6CS1CCweC0WrunQkGma3O8VonYpbfDzVeBLVjxn4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeuVFR1nwYqe4J-qVoPMPk6G8GJyB77Bckpq3jKcBwI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMMBT9DinJxm4raScagD1_OAB1vMlNbJJhxSo7VhTgWJheSs2y9p-3vBzd47WlOb3-3_NNem_ZGBrJLEB4LfMPvFnYe46jmHt9aQk8iu8euK7uHqFlG6CTDQJk2H682LJ1N8psmZSUttbTO6sv62e5YxmEZbU8XItDwsGVjsGU_ACp3nL88vPvvj1Sq0GiXDpP23aiKcXoySeZwA7dLeizHDJTExMKFTSlpxU8PC3eW-ydLLXhfv3RPgrRWQ2yCP1Odo2riqgAbqvbC0n6z-ikagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3EY3K6u4ObUFvBXL0tIX_YWeKzEw%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:03 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3317139
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame EABE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=1480869927&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663222&bpp=1&bdt=673&idt=330&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=6uiAYVdfTf&p=https%3A//window-rock-az.asbe.us&dtd=334
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:27:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 00:27:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EABE 		139 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=1480869927&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663222&bpp=1&bdt=673&idt=330&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=6uiAYVdfTf&p=https%3A//window-rock-az.asbe.us&dtd=334
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43822
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659527892023609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Aug 2022 00:31:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame EABE 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=1480869927&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663222&bpp=1&bdt=673&idt=330&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=6uiAYVdfTf&p=https%3A//window-rock-az.asbe.us&dtd=334
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:23:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
466
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7643
x-xss-protection
0
server
cafe
etag
5476907727954993956
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 00:23:18 GMT
truncated
/ Frame A0FF 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26bc9c6dfdbf3b68e6dc1831aebbc853bc394ca60afea9b1da8a88fce19f2062

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 2D0D 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3CcIaArqAA8Qk1m3lBBgaroolJl5ZQ&u=%7Cb8DkHa3%2FizVAnMxfGXL6stWUxHVT2%2BY03r4dbVW5d8Q%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdiOaeXUa_BrlZgdlqjxaCfARhT6TV4FTHDOks4gc_D2GZNhhU5y6huCU0jSZZaEdPnyMMQD5E-8h8hJyHaGpbAOuauuQjcyrJDfLsWduNYs2VyZ81wQcF2LdEnj-W3UyxDfjHOwJjSQznMhvZYyu3DN6V82HgUocPNFzo_ikY9EXQyUOv9SAqW3sUG1dqzocDxJWt6B9r5d6N-FUf1Tx33Hm8WOuWu_ZZdWhdLJXJx6pBvhqeSqZDQ1ZeQZbIjk8xGSvItnoN_D18eH3urYW5m0k2hpV7sPgaYJdoEW4AOOCHjehRcsrlXQk6ofXLj-Tjau9ephfGnUBNWAb9RiZ_P5ksV-LbPmdZkwp88YSmJtQWCw6CS1CCweC0WrunQkGma3O8VonYpbfDzVeBLVjxn4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeuVFR1nwYqe4J-qVoPMPk6G8GJyB77Bckpq3jKcBwI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMMBT9DinJxm4raScagD1_OAB1vMlNbJJhxSo7VhTgWJheSs2y9p-3vBzd47WlOb3-3_NNem_ZGBrJLEB4LfMPvFnYe46jmHt9aQk8iu8euK7uHqFlG6CTDQJk2H682LJ1N8psmZSUttbTO6sv62e5YxmEZbU8XItDwsGVjsGU_ACp3nL88vPvvj1Sq0GiXDpP23aiKcXoySeZwA7dLeizHDJTExMKFTSlpxU8PC3eW-ydLLXhfv3RPgrRWQ2yCP1Odo2riqgAbqvbC0n6z-ikagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3EY3K6u4ObUFvBXL0tIX_YWeKzEw%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
296809
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2Fa6lWymv58tYWUNFpAwSaVlQfc%2FZpxteVGPtqVFNVymNXMowyL7jN5nmPJzeJ01H3S%2B81aPvHmV4oexCgSLGRcpW12wNC%2BuT10K6HEcxd5zfPOnPqvoMMKdXnjI0kGKzVgN%2BwQPwCs50NucxZ2zOsgr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
737425a45be28105-ORD
expires
Sat, 29 Jul 2023 00:31:04 GMT
animejs.js
static.criteo.net/animejs/ Frame 2D0D 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3CcIaArqAA8Qk1m3lBBgaroolJl5ZQ&u=%7Cb8DkHa3%2FizVAnMxfGXL6stWUxHVT2%2BY03r4dbVW5d8Q%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdiOaeXUa_BrlZgdlqjxaCfARhT6TV4FTHDOks4gc_D2GZNhhU5y6huCU0jSZZaEdPnyMMQD5E-8h8hJyHaGpbAOuauuQjcyrJDfLsWduNYs2VyZ81wQcF2LdEnj-W3UyxDfjHOwJjSQznMhvZYyu3DN6V82HgUocPNFzo_ikY9EXQyUOv9SAqW3sUG1dqzocDxJWt6B9r5d6N-FUf1Tx33Hm8WOuWu_ZZdWhdLJXJx6pBvhqeSqZDQ1ZeQZbIjk8xGSvItnoN_D18eH3urYW5m0k2hpV7sPgaYJdoEW4AOOCHjehRcsrlXQk6ofXLj-Tjau9ephfGnUBNWAb9RiZ_P5ksV-LbPmdZkwp88YSmJtQWCw6CS1CCweC0WrunQkGma3O8VonYpbfDzVeBLVjxn4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeuVFR1nwYqe4J-qVoPMPk6G8GJyB77Bckpq3jKcBwI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMMBT9DinJxm4raScagD1_OAB1vMlNbJJhxSo7VhTgWJheSs2y9p-3vBzd47WlOb3-3_NNem_ZGBrJLEB4LfMPvFnYe46jmHt9aQk8iu8euK7uHqFlG6CTDQJk2H682LJ1N8psmZSUttbTO6sv62e5YxmEZbU8XItDwsGVjsGU_ACp3nL88vPvvj1Sq0GiXDpP23aiKcXoySeZwA7dLeizHDJTExMKFTSlpxU8PC3eW-ydLLXhfv3RPgrRWQ2yCP1Odo2riqgAbqvbC0n6z-ikagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3EY3K6u4ObUFvBXL0tIX_YWeKzEw%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 5B34 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3L8IaA6iAAcFn5rnXZcyQPm3T0iyZA&u=%7Cb8DkHa3%2FizVfKJHKu7B0Isv97JajqkjYaa7%2Bht5yc%2BA%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MyPEuabJ8EFsiEL6iHTKDBTV-GCkFAih2bg6OirWurEdEIusSTv92zPXupyRXMUR0xT67Z5jRDGKSK4igCbqu4tqsYSiFkseivGk0pG42_SAPT8ik44Mud-JH8Na7gptv3W7V5gnmPh_R4daIggRjG9Za1MPFBOAdBZTCnEUa1AwHtV1Kp7AYyx3yEIvQgAy-c_urtUDWf12BwXXmVa8A7zNTo1_HTaalYFqS3IRHMIdy9Lh66Oj2vCr-k_1iBeXNmcf5YmWwMHU500SIvJyF_eF6ny1qgDhHtjRbICQzwYU9_FiO5yI1biu8KvgW83my9nifW9YS-6t_kFokM7xPTKjGG3Ma_M58WMTmgbwwKrqQfPPj7McHvhcxLad4riWwebAWb9ORFLs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9aMOR1nwYr-5J6KdoPMPn4scnIHvsFyiyqeqdMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTU5MTM5ODk0MTQ4MzYzMDWgAazd_ugDyAEJqAMBqgTJAU_QAN1qZBicXb80vZInWpF3P_DjtfgpjbNSfNNgf_jtLVQ1AqF4TVBJNbbHayXxplUjblJ5cOXgiORmHZxMAlYd6eAEQ5tlSEsIOUiPdRXLGQSxUDIWbmYfCrToxOcNIp1SySet3c2KvFPE1a--h0OulFhQdEnVnhQlOTaRU9rIMY4HK6JHy5pKZOrRXPtujQ_GGkm_YTO9krzJeOShwQq-fU8xfVwdMjzrIXrx2mpJZ_etG4p_nQBn1aG34iNwiKOY8xFSWfBFeoAG-srwwcjd5LxIoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Nq0UQ2yUE9SYOuGO6Jkx2ezlcww%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 5B34 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3L8IaA6iAAcFn5rnXZcyQPm3T0iyZA&u=%7Cb8DkHa3%2FizVfKJHKu7B0Isv97JajqkjYaa7%2Bht5yc%2BA%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MyPEuabJ8EFsiEL6iHTKDBTV-GCkFAih2bg6OirWurEdEIusSTv92zPXupyRXMUR0xT67Z5jRDGKSK4igCbqu4tqsYSiFkseivGk0pG42_SAPT8ik44Mud-JH8Na7gptv3W7V5gnmPh_R4daIggRjG9Za1MPFBOAdBZTCnEUa1AwHtV1Kp7AYyx3yEIvQgAy-c_urtUDWf12BwXXmVa8A7zNTo1_HTaalYFqS3IRHMIdy9Lh66Oj2vCr-k_1iBeXNmcf5YmWwMHU500SIvJyF_eF6ny1qgDhHtjRbICQzwYU9_FiO5yI1biu8KvgW83my9nifW9YS-6t_kFokM7xPTKjGG3Ma_M58WMTmgbwwKrqQfPPj7McHvhcxLad4riWwebAWb9ORFLs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9aMOR1nwYr-5J6KdoPMPn4scnIHvsFyiyqeqdMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTU5MTM5ODk0MTQ4MzYzMDWgAazd_ugDyAEJqAMBqgTJAU_QAN1qZBicXb80vZInWpF3P_DjtfgpjbNSfNNgf_jtLVQ1AqF4TVBJNbbHayXxplUjblJ5cOXgiORmHZxMAlYd6eAEQ5tlSEsIOUiPdRXLGQSxUDIWbmYfCrToxOcNIp1SySet3c2KvFPE1a--h0OulFhQdEnVnhQlOTaRU9rIMY4HK6JHy5pKZOrRXPtujQ_GGkm_YTO9krzJeOShwQq-fU8xfVwdMjzrIXrx2mpJZ_etG4p_nQBn1aG34iNwiKOY8xFSWfBFeoAG-srwwcjd5LxIoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Nq0UQ2yUE9SYOuGO6Jkx2ezlcww%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 5B34 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3L8IaA6iAAcFn5rnXZcyQPm3T0iyZA&u=%7Cb8DkHa3%2FizVfKJHKu7B0Isv97JajqkjYaa7%2Bht5yc%2BA%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MyPEuabJ8EFsiEL6iHTKDBTV-GCkFAih2bg6OirWurEdEIusSTv92zPXupyRXMUR0xT67Z5jRDGKSK4igCbqu4tqsYSiFkseivGk0pG42_SAPT8ik44Mud-JH8Na7gptv3W7V5gnmPh_R4daIggRjG9Za1MPFBOAdBZTCnEUa1AwHtV1Kp7AYyx3yEIvQgAy-c_urtUDWf12BwXXmVa8A7zNTo1_HTaalYFqS3IRHMIdy9Lh66Oj2vCr-k_1iBeXNmcf5YmWwMHU500SIvJyF_eF6ny1qgDhHtjRbICQzwYU9_FiO5yI1biu8KvgW83my9nifW9YS-6t_kFokM7xPTKjGG3Ma_M58WMTmgbwwKrqQfPPj7McHvhcxLad4riWwebAWb9ORFLs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9aMOR1nwYr-5J6KdoPMPn4scnIHvsFyiyqeqdMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTU5MTM5ODk0MTQ4MzYzMDWgAazd_ugDyAEJqAMBqgTJAU_QAN1qZBicXb80vZInWpF3P_DjtfgpjbNSfNNgf_jtLVQ1AqF4TVBJNbbHayXxplUjblJ5cOXgiORmHZxMAlYd6eAEQ5tlSEsIOUiPdRXLGQSxUDIWbmYfCrToxOcNIp1SySet3c2KvFPE1a--h0OulFhQdEnVnhQlOTaRU9rIMY4HK6JHy5pKZOrRXPtujQ_GGkm_YTO9krzJeOShwQq-fU8xfVwdMjzrIXrx2mpJZ_etG4p_nQBn1aG34iNwiKOY8xFSWfBFeoAG-srwwcjd5LxIoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Nq0UQ2yUE9SYOuGO6Jkx2ezlcww%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 03 Aug 2023 00:31:04 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 5B34 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3L8IaA6iAAcFn5rnXZcyQPm3T0iyZA&u=%7Cb8DkHa3%2FizVfKJHKu7B0Isv97JajqkjYaa7%2Bht5yc%2BA%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MyPEuabJ8EFsiEL6iHTKDBTV-GCkFAih2bg6OirWurEdEIusSTv92zPXupyRXMUR0xT67Z5jRDGKSK4igCbqu4tqsYSiFkseivGk0pG42_SAPT8ik44Mud-JH8Na7gptv3W7V5gnmPh_R4daIggRjG9Za1MPFBOAdBZTCnEUa1AwHtV1Kp7AYyx3yEIvQgAy-c_urtUDWf12BwXXmVa8A7zNTo1_HTaalYFqS3IRHMIdy9Lh66Oj2vCr-k_1iBeXNmcf5YmWwMHU500SIvJyF_eF6ny1qgDhHtjRbICQzwYU9_FiO5yI1biu8KvgW83my9nifW9YS-6t_kFokM7xPTKjGG3Ma_M58WMTmgbwwKrqQfPPj7McHvhcxLad4riWwebAWb9ORFLs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9aMOR1nwYr-5J6KdoPMPn4scnIHvsFyiyqeqdMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTU5MTM5ODk0MTQ4MzYzMDWgAazd_ugDyAEJqAMBqgTJAU_QAN1qZBicXb80vZInWpF3P_DjtfgpjbNSfNNgf_jtLVQ1AqF4TVBJNbbHayXxplUjblJ5cOXgiORmHZxMAlYd6eAEQ5tlSEsIOUiPdRXLGQSxUDIWbmYfCrToxOcNIp1SySet3c2KvFPE1a--h0OulFhQdEnVnhQlOTaRU9rIMY4HK6JHy5pKZOrRXPtujQ_GGkm_YTO9krzJeOShwQq-fU8xfVwdMjzrIXrx2mpJZ_etG4p_nQBn1aG34iNwiKOY8xFSWfBFeoAG-srwwcjd5LxIoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Nq0UQ2yUE9SYOuGO6Jkx2ezlcww%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 03 Aug 2023 00:31:04 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 5B34 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=x1kkVAQq6mUh6NZtE2icu_xDCQUQSt3NjGF9E4G1dcco0VYqAW-hZpegdodZXOr6jtKoFnh4837i5LI4B2GDhXgxtmvT1tBEy6WfsON8bNpBDVuuWm0m24FEWf2qeVK0CjSclpr07yrfwMEi2PRlQZwDQ8AozIXkmAwL_f3rXp5QECGLR16IdCjjpLCUstGnoem3J4XwXeRtDO5FUdhuC5MuSGMZsNtoITnAz68romJqS9QFwYkz9cYb81tCZPH9Z8xJNtkLtLkiCwYh3V6FSNqa-rCyBSw9kjhTH6uugM4LvdHfLmhp54jXfsPDonW2lQpZIprbXjHgpb2MWRGXHdZ8l51pXEW6gjFsmOOR0DTZsAXEUaYiB4Du9wpAPeoM5wwMcZZZoC-0vV1IlVKInLMXDP0559dVPlC8XjlZWwNoNC_J
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3L8IaA6iAAcFn5rnXZcyQPm3T0iyZA&u=%7Cb8DkHa3%2FizVfKJHKu7B0Isv97JajqkjYaa7%2Bht5yc%2BA%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MyPEuabJ8EFsiEL6iHTKDBTV-GCkFAih2bg6OirWurEdEIusSTv92zPXupyRXMUR0xT67Z5jRDGKSK4igCbqu4tqsYSiFkseivGk0pG42_SAPT8ik44Mud-JH8Na7gptv3W7V5gnmPh_R4daIggRjG9Za1MPFBOAdBZTCnEUa1AwHtV1Kp7AYyx3yEIvQgAy-c_urtUDWf12BwXXmVa8A7zNTo1_HTaalYFqS3IRHMIdy9Lh66Oj2vCr-k_1iBeXNmcf5YmWwMHU500SIvJyF_eF6ny1qgDhHtjRbICQzwYU9_FiO5yI1biu8KvgW83my9nifW9YS-6t_kFokM7xPTKjGG3Ma_M58WMTmgbwwKrqQfPPj7McHvhcxLad4riWwebAWb9ORFLs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9aMOR1nwYr-5J6KdoPMPn4scnIHvsFyiyqeqdMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTU5MTM5ODk0MTQ4MzYzMDWgAazd_ugDyAEJqAMBqgTJAU_QAN1qZBicXb80vZInWpF3P_DjtfgpjbNSfNNgf_jtLVQ1AqF4TVBJNbbHayXxplUjblJ5cOXgiORmHZxMAlYd6eAEQ5tlSEsIOUiPdRXLGQSxUDIWbmYfCrToxOcNIp1SySet3c2KvFPE1a--h0OulFhQdEnVnhQlOTaRU9rIMY4HK6JHy5pKZOrRXPtujQ_GGkm_YTO9krzJeOShwQq-fU8xfVwdMjzrIXrx2mpJZ_etG4p_nQBn1aG34iNwiKOY8xFSWfBFeoAG-srwwcjd5LxIoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Nq0UQ2yUE9SYOuGO6Jkx2ezlcww%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:04 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1964655
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame EABE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CgXeHR1nwYrO-J6iUoPMPlb2i8AGcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwHIAwKqBMABT9Cp5bWjPmUB-h4GBjw4Puj0WdDJh8voa-QQnhYTzMtv-QhcLOBRySQMGBiPB0JNsRDdSUBFAoveTfoWXMvgKHJfYXle5tWaygDgTQzk1L5-F0pMT6oaMBcKkmV4VdAxlTT6rEkW5N1LJ_85kvWRjMeeMcX9Q6NaeL8567hzE9hMyIDB1lijcFW1CN0YLI-Jnk8qgglIEt3brwQkFS8f2jdcG4tNLz6wPziE0PH8e0Z8kh_jAkfd9vthh2wUkjMHgAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTEzOTg5NDE0ODM2MzA1GAA&sigh=rym0xy6CCu8&uach_m=[UACH]&cid=CAQSGwCsnQUxuTcHcf4UnHfFigbTtkR5AzEdTT6eGhgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=1480869927&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663222&bpp=1&bdt=673&idt=330&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=6uiAYVdfTf&p=https%3A//window-rock-az.asbe.us&dtd=334
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=1480869927&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663222&bpp=1&bdt=673&idt=330&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=6uiAYVdfTf&p=https%3A//window-rock-az.asbe.us&dtd=334
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 08 Aug 2022 00:31:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.va.us.criteo.com/google/auction/ Frame EABE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=ktveD9iCMNACmALiIp0XAgAAAH8869fF4m-uPRonkhBHWfBiwVOGBAHrhLN5PYEAEgAA&wp=YvBZRwAJ3zMIaAooAAielbBINCih2UptgV-Few
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=1480869927&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663222&bpp=1&bdt=673&idt=330&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=6uiAYVdfTf&p=https%3A//window-rock-az.asbe.us&dtd=334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:03 GMT
server
Kestrel
server-processing-duration-in-ticks
199614
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.us.criteo.com/delivery/r/ Frame 6963 		148 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3zMIaAooAAielbBINCih2UptgV-Few&u=%7Cb8DkHa3%2FizUnE8Uf4LGaeAjGFp%2FWuNxCZZsJYMg3WpM%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MhK7bu9yqYwflV60ZIaNn9jku4TIP6WGSmAzHY7aoRA8pwI_44QcHVzl-j8iNLf7A5RZLU8AUVDrriQ3dLntN6xcLCx3JQrqAg3IIoywVfLdYg9jywvCQxyD4fCWx-6R8_qcEAirfGm_D_9XHmAYhrT3KSLf2EY6nF7cxh0OK7tQzOC559EIfVAggRu_iP_2X3PPOU8VYm38IezKOnImeb8qkJzW173jWjt1kh5I5Uj2fbYbvNCtaIEjsUC6Jhptbuxs8vNXcQAoMficqDkNdckJw3FsfNX8iuTO56sLDk7dJiQyx2r-h1WFspR2gbYf7eY2gn43VOeKslYiAdd_SYbpqoIHMHdnAtyHeSmTepxPvyql5nay-j-O31OvMLntggvXXuBdTznw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBaQsR1nwYrO-J6iUoPMPlb2i8AGcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwHIAwKqBMMBT9Cp5bWjPmUB-h4GBjw4Puj0WdDJh8voa-QQnhYTzMtv-QhcLOBRySQMGBiPB0JNsRDdSUBFAoveTfoWXMvgKHJfYXle5tWaygDgTQzk1L5-F0pMT6oaMBcKkmV4VdAxlTT6rEkW5N1LJ_85kvWRjMeeMcX9Q6NaeL8567hzE9hMyIDB1lijcFW1CN0YLI-Jnk8qgglIEt3brwRmFw-NccXVG0jEQrJbRbFHZ83UcmhkVoQQeM4USOVNn8XCAzPE9-1ogAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16PGkyyfBNl9H--xO6tml5DCdzQQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=1480869927&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663222&bpp=1&bdt=673&idt=330&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=6uiAYVdfTf&p=https%3A//window-rock-az.asbe.us&dtd=334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
27cf69bbef852dfb0c523ac2d0d8d1081e393d9833a288b7d413405461be278e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 00:31:03 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=DCShjXWGJ-uCIdgwj4Mi5pTKdSFUmqDVIgH6RVNdSajjbKXj8XRqe4OlccI91zxGyuL66nDOdPe5TxjAcDQWfPjvHQKAcsCzWmcKzcb5RLiA7CPJ6Zne6ihhy0BotGnMb4AGdRUW0rs0YdVlPi0prDYh3BQFq5hhzTyBAMRRFoCKur4upYJlnHajbx4b_1pwLYSTF_vWxEKTILLnQhijAGIY3MG59S57Q1T7apwe_g6cwto4PbhfennOZO-OgE9fK-q5PxC-MR4Wb19R"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
68474576
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truncated
/ Frame 95D4 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
356b0063e7ee5278dbc13936bfb4e712d1be9f40e4a1eab2c1ddbc818c4ed117

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
80507424a411483faedc735e69c2852f_geomanist-regular.woff
static.criteo.net/design/dt/ Frame 2D0D 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/80507424a411483faedc735e69c2852f_geomanist-regular.woff
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3CcIaArqAA8Qk1m3lBBgaroolJl5ZQ&u=%7Cb8DkHa3%2FizVAnMxfGXL6stWUxHVT2%2BY03r4dbVW5d8Q%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdiOaeXUa_BrlZgdlqjxaCfARhT6TV4FTHDOks4gc_D2GZNhhU5y6huCU0jSZZaEdPnyMMQD5E-8h8hJyHaGpbAOuauuQjcyrJDfLsWduNYs2VyZ81wQcF2LdEnj-W3UyxDfjHOwJjSQznMhvZYyu3DN6V82HgUocPNFzo_ikY9EXQyUOv9SAqW3sUG1dqzocDxJWt6B9r5d6N-FUf1Tx33Hm8WOuWu_ZZdWhdLJXJx6pBvhqeSqZDQ1ZeQZbIjk8xGSvItnoN_D18eH3urYW5m0k2hpV7sPgaYJdoEW4AOOCHjehRcsrlXQk6ofXLj-Tjau9ephfGnUBNWAb9RiZ_P5ksV-LbPmdZkwp88YSmJtQWCw6CS1CCweC0WrunQkGma3O8VonYpbfDzVeBLVjxn4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeuVFR1nwYqe4J-qVoPMPk6G8GJyB77Bckpq3jKcBwI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMMBT9DinJxm4raScagD1_OAB1vMlNbJJhxSo7VhTgWJheSs2y9p-3vBzd47WlOb3-3_NNem_ZGBrJLEB4LfMPvFnYe46jmHt9aQk8iu8euK7uHqFlG6CTDQJk2H682LJ1N8psmZSUttbTO6sv62e5YxmEZbU8XItDwsGVjsGU_ACp3nL88vPvvj1Sq0GiXDpP23aiKcXoySeZwA7dLeizHDJTExMKFTSlpxU8PC3eW-ydLLXhfv3RPgrRWQ2yCP1Odo2riqgAbqvbC0n6z-ikagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3EY3K6u4ObUFvBXL0tIX_YWeKzEw%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
553bded3ff0bf474130a082d75a0c4d066c853914433557d593dc992d9d51fe2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Sat, 03 Nov 2018 17:36:51 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bdddcb3-5488"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
b57e4fccc721420c922d322fe7c764b8_geomanist-bold.woff
static.criteo.net/design/dt/ Frame 2D0D 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/b57e4fccc721420c922d322fe7c764b8_geomanist-bold.woff
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3CcIaArqAA8Qk1m3lBBgaroolJl5ZQ&u=%7Cb8DkHa3%2FizVAnMxfGXL6stWUxHVT2%2BY03r4dbVW5d8Q%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdiOaeXUa_BrlZgdlqjxaCfARhT6TV4FTHDOks4gc_D2GZNhhU5y6huCU0jSZZaEdPnyMMQD5E-8h8hJyHaGpbAOuauuQjcyrJDfLsWduNYs2VyZ81wQcF2LdEnj-W3UyxDfjHOwJjSQznMhvZYyu3DN6V82HgUocPNFzo_ikY9EXQyUOv9SAqW3sUG1dqzocDxJWt6B9r5d6N-FUf1Tx33Hm8WOuWu_ZZdWhdLJXJx6pBvhqeSqZDQ1ZeQZbIjk8xGSvItnoN_D18eH3urYW5m0k2hpV7sPgaYJdoEW4AOOCHjehRcsrlXQk6ofXLj-Tjau9ephfGnUBNWAb9RiZ_P5ksV-LbPmdZkwp88YSmJtQWCw6CS1CCweC0WrunQkGma3O8VonYpbfDzVeBLVjxn4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeuVFR1nwYqe4J-qVoPMPk6G8GJyB77Bckpq3jKcBwI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMMBT9DinJxm4raScagD1_OAB1vMlNbJJhxSo7VhTgWJheSs2y9p-3vBzd47WlOb3-3_NNem_ZGBrJLEB4LfMPvFnYe46jmHt9aQk8iu8euK7uHqFlG6CTDQJk2H682LJ1N8psmZSUttbTO6sv62e5YxmEZbU8XItDwsGVjsGU_ACp3nL88vPvvj1Sq0GiXDpP23aiKcXoySeZwA7dLeizHDJTExMKFTSlpxU8PC3eW-ydLLXhfv3RPgrRWQ2yCP1Odo2riqgAbqvbC0n6z-ikagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3EY3K6u4ObUFvBXL0tIX_YWeKzEw%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
e998c052a3d814d2983353e5c03daf0620ba9caa61d5677a9ae6de76b34f7721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Sat, 03 Nov 2018 17:36:51 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bdddcb3-52b0"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
img
pix.us.criteo.net/img/ Frame 2D0D 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=556&m=0&partner=96246&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F96246%2F220519%2F2e80e139ca66464988ecb967ddc7368f_truewerk_logo.png&v=3&w=196&s=CjONg2HBmhzCK66Gr12Xr509
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3CcIaArqAA8Qk1m3lBBgaroolJl5ZQ&u=%7Cb8DkHa3%2FizVAnMxfGXL6stWUxHVT2%2BY03r4dbVW5d8Q%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdiOaeXUa_BrlZgdlqjxaCfARhT6TV4FTHDOks4gc_D2GZNhhU5y6huCU0jSZZaEdPnyMMQD5E-8h8hJyHaGpbAOuauuQjcyrJDfLsWduNYs2VyZ81wQcF2LdEnj-W3UyxDfjHOwJjSQznMhvZYyu3DN6V82HgUocPNFzo_ikY9EXQyUOv9SAqW3sUG1dqzocDxJWt6B9r5d6N-FUf1Tx33Hm8WOuWu_ZZdWhdLJXJx6pBvhqeSqZDQ1ZeQZbIjk8xGSvItnoN_D18eH3urYW5m0k2hpV7sPgaYJdoEW4AOOCHjehRcsrlXQk6ofXLj-Tjau9ephfGnUBNWAb9RiZ_P5ksV-LbPmdZkwp88YSmJtQWCw6CS1CCweC0WrunQkGma3O8VonYpbfDzVeBLVjxn4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeuVFR1nwYqe4J-qVoPMPk6G8GJyB77Bckpq3jKcBwI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMMBT9DinJxm4raScagD1_OAB1vMlNbJJhxSo7VhTgWJheSs2y9p-3vBzd47WlOb3-3_NNem_ZGBrJLEB4LfMPvFnYe46jmHt9aQk8iu8euK7uHqFlG6CTDQJk2H682LJ1N8psmZSUttbTO6sv62e5YxmEZbU8XItDwsGVjsGU_ACp3nL88vPvvj1Sq0GiXDpP23aiKcXoySeZwA7dLeizHDJTExMKFTSlpxU8PC3eW-ydLLXhfv3RPgrRWQ2yCP1Odo2riqgAbqvbC0n6z-ikagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3EY3K6u4ObUFvBXL0tIX_YWeKzEw%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
eecb367bb48813253613e806accefef9692fc6486febc963dc0c424bd0553105
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=26789939
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8236
expires
Wed, 14 Jun 2023 02:10:04 GMT
img
pix.us.criteo.net/img/ Frame 2D0D 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96246&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0888%2F4876%2Fproducts%2FTruewerk-T1-WerkPant-Olive-FRONT.jpg%3Fv%3D1656305914&v=3&w=800&s=6ArP0xLMu8wGVJhaK_sbozN2&b=800
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3CcIaArqAA8Qk1m3lBBgaroolJl5ZQ&u=%7Cb8DkHa3%2FizVAnMxfGXL6stWUxHVT2%2BY03r4dbVW5d8Q%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdiOaeXUa_BrlZgdlqjxaCfARhT6TV4FTHDOks4gc_D2GZNhhU5y6huCU0jSZZaEdPnyMMQD5E-8h8hJyHaGpbAOuauuQjcyrJDfLsWduNYs2VyZ81wQcF2LdEnj-W3UyxDfjHOwJjSQznMhvZYyu3DN6V82HgUocPNFzo_ikY9EXQyUOv9SAqW3sUG1dqzocDxJWt6B9r5d6N-FUf1Tx33Hm8WOuWu_ZZdWhdLJXJx6pBvhqeSqZDQ1ZeQZbIjk8xGSvItnoN_D18eH3urYW5m0k2hpV7sPgaYJdoEW4AOOCHjehRcsrlXQk6ofXLj-Tjau9ephfGnUBNWAb9RiZ_P5ksV-LbPmdZkwp88YSmJtQWCw6CS1CCweC0WrunQkGma3O8VonYpbfDzVeBLVjxn4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeuVFR1nwYqe4J-qVoPMPk6G8GJyB77Bckpq3jKcBwI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMMBT9DinJxm4raScagD1_OAB1vMlNbJJhxSo7VhTgWJheSs2y9p-3vBzd47WlOb3-3_NNem_ZGBrJLEB4LfMPvFnYe46jmHt9aQk8iu8euK7uHqFlG6CTDQJk2H682LJ1N8psmZSUttbTO6sv62e5YxmEZbU8XItDwsGVjsGU_ACp3nL88vPvvj1Sq0GiXDpP23aiKcXoySeZwA7dLeizHDJTExMKFTSlpxU8PC3eW-ydLLXhfv3RPgrRWQ2yCP1Odo2riqgAbqvbC0n6z-ikagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3EY3K6u4ObUFvBXL0tIX_YWeKzEw%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e00b9150c12c0f4c1942cd14c1afc324dc0679e473ce137db1246cf10b5c06fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28009384
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
28722
expires
Wed, 28 Jun 2023 04:54:09 GMT
all
csm.us.criteo.net/ Frame 2D0D 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=MxAZnHWGJ-uCIdgwk-rDyxhuN6AfMmtUgR-mjs6Oc6cr4VXAWAMLCW27NXlwW3OenO4BBGMoDtD5t6yaY7x-2imJSjKPhXRv42QqaZv-i0z2_CYeJdxwcks8yxZmUkco9M0xCAhLdXkc5VNt3UP6kzz_JBRJvtMj-7efO66odm9PUblCTN68RgLCONjPEy2LlbxowCUSXMG5nOp11igb2bem7rpM8XU4n0e2paUTpnnkwOE08pzhcVdfAEPkLd2m9Axw6A1ko7-V8iYm&sds=2&rev=82344&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3CcIaArqAA8Qk1m3lBBgaroolJl5ZQ&u=%7Cb8DkHa3%2FizVAnMxfGXL6stWUxHVT2%2BY03r4dbVW5d8Q%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdiOaeXUa_BrlZgdlqjxaCfARhT6TV4FTHDOks4gc_D2GZNhhU5y6huCU0jSZZaEdPnyMMQD5E-8h8hJyHaGpbAOuauuQjcyrJDfLsWduNYs2VyZ81wQcF2LdEnj-W3UyxDfjHOwJjSQznMhvZYyu3DN6V82HgUocPNFzo_ikY9EXQyUOv9SAqW3sUG1dqzocDxJWt6B9r5d6N-FUf1Tx33Hm8WOuWu_ZZdWhdLJXJx6pBvhqeSqZDQ1ZeQZbIjk8xGSvItnoN_D18eH3urYW5m0k2hpV7sPgaYJdoEW4AOOCHjehRcsrlXQk6ofXLj-Tjau9ephfGnUBNWAb9RiZ_P5ksV-LbPmdZkwp88YSmJtQWCw6CS1CCweC0WrunQkGma3O8VonYpbfDzVeBLVjxn4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeuVFR1nwYqe4J-qVoPMPk6G8GJyB77Bckpq3jKcBwI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMMBT9DinJxm4raScagD1_OAB1vMlNbJJhxSo7VhTgWJheSs2y9p-3vBzd47WlOb3-3_NNem_ZGBrJLEB4LfMPvFnYe46jmHt9aQk8iu8euK7uHqFlG6CTDQJk2H682LJ1N8psmZSUttbTO6sv62e5YxmEZbU8XItDwsGVjsGU_ACp3nL88vPvvj1Sq0GiXDpP23aiKcXoySeZwA7dLeizHDJTExMKFTSlpxU8PC3eW-ydLLXhfv3RPgrRWQ2yCP1Odo2riqgAbqvbC0n6z-ikagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3EY3K6u4ObUFvBXL0tIX_YWeKzEw%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 08 Aug 2022 00:31:03 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2D0D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3CcIaArqAA8Qk1m3lBBgaroolJl5ZQ&u=%7Cb8DkHa3%2FizVAnMxfGXL6stWUxHVT2%2BY03r4dbVW5d8Q%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdiOaeXUa_BrlZgdlqjxaCfARhT6TV4FTHDOks4gc_D2GZNhhU5y6huCU0jSZZaEdPnyMMQD5E-8h8hJyHaGpbAOuauuQjcyrJDfLsWduNYs2VyZ81wQcF2LdEnj-W3UyxDfjHOwJjSQznMhvZYyu3DN6V82HgUocPNFzo_ikY9EXQyUOv9SAqW3sUG1dqzocDxJWt6B9r5d6N-FUf1Tx33Hm8WOuWu_ZZdWhdLJXJx6pBvhqeSqZDQ1ZeQZbIjk8xGSvItnoN_D18eH3urYW5m0k2hpV7sPgaYJdoEW4AOOCHjehRcsrlXQk6ofXLj-Tjau9ephfGnUBNWAb9RiZ_P5ksV-LbPmdZkwp88YSmJtQWCw6CS1CCweC0WrunQkGma3O8VonYpbfDzVeBLVjxn4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeuVFR1nwYqe4J-qVoPMPk6G8GJyB77Bckpq3jKcBwI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMMBT9DinJxm4raScagD1_OAB1vMlNbJJhxSo7VhTgWJheSs2y9p-3vBzd47WlOb3-3_NNem_ZGBrJLEB4LfMPvFnYe46jmHt9aQk8iu8euK7uHqFlG6CTDQJk2H682LJ1N8psmZSUttbTO6sv62e5YxmEZbU8XItDwsGVjsGU_ACp3nL88vPvvj1Sq0GiXDpP23aiKcXoySeZwA7dLeizHDJTExMKFTSlpxU8PC3eW-ydLLXhfv3RPgrRWQ2yCP1Odo2riqgAbqvbC0n6z-ikagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3EY3K6u4ObUFvBXL0tIX_YWeKzEw%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 2D0D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3CcIaArqAA8Qk1m3lBBgaroolJl5ZQ&u=%7Cb8DkHa3%2FizVAnMxfGXL6stWUxHVT2%2BY03r4dbVW5d8Q%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdiOaeXUa_BrlZgdlqjxaCfARhT6TV4FTHDOks4gc_D2GZNhhU5y6huCU0jSZZaEdPnyMMQD5E-8h8hJyHaGpbAOuauuQjcyrJDfLsWduNYs2VyZ81wQcF2LdEnj-W3UyxDfjHOwJjSQznMhvZYyu3DN6V82HgUocPNFzo_ikY9EXQyUOv9SAqW3sUG1dqzocDxJWt6B9r5d6N-FUf1Tx33Hm8WOuWu_ZZdWhdLJXJx6pBvhqeSqZDQ1ZeQZbIjk8xGSvItnoN_D18eH3urYW5m0k2hpV7sPgaYJdoEW4AOOCHjehRcsrlXQk6ofXLj-Tjau9ephfGnUBNWAb9RiZ_P5ksV-LbPmdZkwp88YSmJtQWCw6CS1CCweC0WrunQkGma3O8VonYpbfDzVeBLVjxn4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeuVFR1nwYqe4J-qVoPMPk6G8GJyB77Bckpq3jKcBwI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMMBT9DinJxm4raScagD1_OAB1vMlNbJJhxSo7VhTgWJheSs2y9p-3vBzd47WlOb3-3_NNem_ZGBrJLEB4LfMPvFnYe46jmHt9aQk8iu8euK7uHqFlG6CTDQJk2H682LJ1N8psmZSUttbTO6sv62e5YxmEZbU8XItDwsGVjsGU_ACp3nL88vPvvj1Sq0GiXDpP23aiKcXoySeZwA7dLeizHDJTExMKFTSlpxU8PC3eW-ydLLXhfv3RPgrRWQ2yCP1Odo2riqgAbqvbC0n6z-ikagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3EY3K6u4ObUFvBXL0tIX_YWeKzEw%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame D174 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ4VEIaA4NAAi-t7jXpAIE7CPcgn5swA&u=%7Cb8DkHa3%2FizXifI8hdqNMwgmYjQB5rdz3lpS6de9iNcw%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MMe-JRpJ5GvdAwtDTxwS89kfagzzOxoKjOWnfOIVcRIJygB4kJ1EmsYgzvaFcJegMEB6gksyHR6RcZTOYg0bs_Ih3fI1m1WBnsEcyywHrn9AjLBpVQzAJbubjuTj_FNeKvon75XJGStnrPvE6srJ_a6y8OfGPQNlkhtuwiepKaDXZNBb7SDgBw3eyTweAli9W3rUaGCDAHPpc50b_0N2S0QNORu6ZuroA2Op8qtcPA3J4jLI3A0qd3hwJWBr1diT6uh_0cq22ZRhKBb_UKLjT26c3P2ZeqtsCD_ptoaPLh6NW7KJMMkSdN18Xuzab18qLcqkLSFsnqRCFAA2ER7WwDxqiD-nvBpIOdvNZjpfN7MQPqYoxmxTQcrOpK3qyTxxk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3xBrR1nwYtHCJ42coPMPt_2i6Aecge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9DEHsZXHYQt5GqZ9FJthGsZLyx7JcvX_xB4Cdsx3YR1ZSsGLVMrCP5ZOpSFdgKJ8cxQVdOf-CT_9IsMHQRp1Es3bT7fLF7NU70BBcVnB61ob8mmN2ZaeJa4pxLpnwqbUriQ5bDlNLju3Xs5tSqJJkIJZEbfPAxEQo-bLde_4l65cN6E86N538BtAtbuJrpSUym3hIdxUTH_ChmPKs70u5HE4mbbHdjk7p8LfOFPQWw9zaoIC7JZZltYZn5lhRXMOkzdd_05lw4fgAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JHxkHxLH_Rzwt_lol2R-rZ6T_CQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame D174 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ4VEIaA4NAAi-t7jXpAIE7CPcgn5swA&u=%7Cb8DkHa3%2FizXifI8hdqNMwgmYjQB5rdz3lpS6de9iNcw%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MMe-JRpJ5GvdAwtDTxwS89kfagzzOxoKjOWnfOIVcRIJygB4kJ1EmsYgzvaFcJegMEB6gksyHR6RcZTOYg0bs_Ih3fI1m1WBnsEcyywHrn9AjLBpVQzAJbubjuTj_FNeKvon75XJGStnrPvE6srJ_a6y8OfGPQNlkhtuwiepKaDXZNBb7SDgBw3eyTweAli9W3rUaGCDAHPpc50b_0N2S0QNORu6ZuroA2Op8qtcPA3J4jLI3A0qd3hwJWBr1diT6uh_0cq22ZRhKBb_UKLjT26c3P2ZeqtsCD_ptoaPLh6NW7KJMMkSdN18Xuzab18qLcqkLSFsnqRCFAA2ER7WwDxqiD-nvBpIOdvNZjpfN7MQPqYoxmxTQcrOpK3qyTxxk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3xBrR1nwYtHCJ42coPMPt_2i6Aecge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9DEHsZXHYQt5GqZ9FJthGsZLyx7JcvX_xB4Cdsx3YR1ZSsGLVMrCP5ZOpSFdgKJ8cxQVdOf-CT_9IsMHQRp1Es3bT7fLF7NU70BBcVnB61ob8mmN2ZaeJa4pxLpnwqbUriQ5bDlNLju3Xs5tSqJJkIJZEbfPAxEQo-bLde_4l65cN6E86N538BtAtbuJrpSUym3hIdxUTH_ChmPKs70u5HE4mbbHdjk7p8LfOFPQWw9zaoIC7JZZltYZn5lhRXMOkzdd_05lw4fgAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JHxkHxLH_Rzwt_lol2R-rZ6T_CQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame D174 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ4VEIaA4NAAi-t7jXpAIE7CPcgn5swA&u=%7Cb8DkHa3%2FizXifI8hdqNMwgmYjQB5rdz3lpS6de9iNcw%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MMe-JRpJ5GvdAwtDTxwS89kfagzzOxoKjOWnfOIVcRIJygB4kJ1EmsYgzvaFcJegMEB6gksyHR6RcZTOYg0bs_Ih3fI1m1WBnsEcyywHrn9AjLBpVQzAJbubjuTj_FNeKvon75XJGStnrPvE6srJ_a6y8OfGPQNlkhtuwiepKaDXZNBb7SDgBw3eyTweAli9W3rUaGCDAHPpc50b_0N2S0QNORu6ZuroA2Op8qtcPA3J4jLI3A0qd3hwJWBr1diT6uh_0cq22ZRhKBb_UKLjT26c3P2ZeqtsCD_ptoaPLh6NW7KJMMkSdN18Xuzab18qLcqkLSFsnqRCFAA2ER7WwDxqiD-nvBpIOdvNZjpfN7MQPqYoxmxTQcrOpK3qyTxxk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3xBrR1nwYtHCJ42coPMPt_2i6Aecge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9DEHsZXHYQt5GqZ9FJthGsZLyx7JcvX_xB4Cdsx3YR1ZSsGLVMrCP5ZOpSFdgKJ8cxQVdOf-CT_9IsMHQRp1Es3bT7fLF7NU70BBcVnB61ob8mmN2ZaeJa4pxLpnwqbUriQ5bDlNLju3Xs5tSqJJkIJZEbfPAxEQo-bLde_4l65cN6E86N538BtAtbuJrpSUym3hIdxUTH_ChmPKs70u5HE4mbbHdjk7p8LfOFPQWw9zaoIC7JZZltYZn5lhRXMOkzdd_05lw4fgAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JHxkHxLH_Rzwt_lol2R-rZ6T_CQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 03 Aug 2023 00:31:04 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame D174 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ4VEIaA4NAAi-t7jXpAIE7CPcgn5swA&u=%7Cb8DkHa3%2FizXifI8hdqNMwgmYjQB5rdz3lpS6de9iNcw%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MMe-JRpJ5GvdAwtDTxwS89kfagzzOxoKjOWnfOIVcRIJygB4kJ1EmsYgzvaFcJegMEB6gksyHR6RcZTOYg0bs_Ih3fI1m1WBnsEcyywHrn9AjLBpVQzAJbubjuTj_FNeKvon75XJGStnrPvE6srJ_a6y8OfGPQNlkhtuwiepKaDXZNBb7SDgBw3eyTweAli9W3rUaGCDAHPpc50b_0N2S0QNORu6ZuroA2Op8qtcPA3J4jLI3A0qd3hwJWBr1diT6uh_0cq22ZRhKBb_UKLjT26c3P2ZeqtsCD_ptoaPLh6NW7KJMMkSdN18Xuzab18qLcqkLSFsnqRCFAA2ER7WwDxqiD-nvBpIOdvNZjpfN7MQPqYoxmxTQcrOpK3qyTxxk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3xBrR1nwYtHCJ42coPMPt_2i6Aecge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9DEHsZXHYQt5GqZ9FJthGsZLyx7JcvX_xB4Cdsx3YR1ZSsGLVMrCP5ZOpSFdgKJ8cxQVdOf-CT_9IsMHQRp1Es3bT7fLF7NU70BBcVnB61ob8mmN2ZaeJa4pxLpnwqbUriQ5bDlNLju3Xs5tSqJJkIJZEbfPAxEQo-bLde_4l65cN6E86N538BtAtbuJrpSUym3hIdxUTH_ChmPKs70u5HE4mbbHdjk7p8LfOFPQWw9zaoIC7JZZltYZn5lhRXMOkzdd_05lw4fgAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JHxkHxLH_Rzwt_lol2R-rZ6T_CQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 03 Aug 2023 00:31:04 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame D174 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=-0svrAQq6mUh6NZtE2icu_xDCQXnXTUHBzH0s_Aojl6QZo4gEVc4b23MZ8xDp68qNVBaoeicLQ2SNaTFymhu9dXg3B-ITZOVx8PQ_fqolV7BMVEMUdg5EIddvUC3ddpUJBgMfKgtPXdA1qZiVP0U8QMYTOmiy6YHjCciabPYrqutqLLgV-snM4-ErGBTGnKcd3e0pjwLxLXm0-oSoJekcOXj1pGrkQgsrQTsJSlUZa98BJcd4mt5i0WrLFr2LTd3-_jwKRUIuHv41E8YScDibKTElDOCxPPH0UiNySNAXJJHal6yoagFdJorpOmER93VY0MYaYcIqPSRw4OGVkR7LP-pZuRB1CzKz1HA9C1RhAdeUzGxcDR__CIbJ2-wrJWFkyYkBJwX1fnmTv6xT852WMKvb0SwEznYGCMZo7N3689jAsNc
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ4VEIaA4NAAi-t7jXpAIE7CPcgn5swA&u=%7Cb8DkHa3%2FizXifI8hdqNMwgmYjQB5rdz3lpS6de9iNcw%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MMe-JRpJ5GvdAwtDTxwS89kfagzzOxoKjOWnfOIVcRIJygB4kJ1EmsYgzvaFcJegMEB6gksyHR6RcZTOYg0bs_Ih3fI1m1WBnsEcyywHrn9AjLBpVQzAJbubjuTj_FNeKvon75XJGStnrPvE6srJ_a6y8OfGPQNlkhtuwiepKaDXZNBb7SDgBw3eyTweAli9W3rUaGCDAHPpc50b_0N2S0QNORu6ZuroA2Op8qtcPA3J4jLI3A0qd3hwJWBr1diT6uh_0cq22ZRhKBb_UKLjT26c3P2ZeqtsCD_ptoaPLh6NW7KJMMkSdN18Xuzab18qLcqkLSFsnqRCFAA2ER7WwDxqiD-nvBpIOdvNZjpfN7MQPqYoxmxTQcrOpK3qyTxxk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3xBrR1nwYtHCJ42coPMPt_2i6Aecge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9DEHsZXHYQt5GqZ9FJthGsZLyx7JcvX_xB4Cdsx3YR1ZSsGLVMrCP5ZOpSFdgKJ8cxQVdOf-CT_9IsMHQRp1Es3bT7fLF7NU70BBcVnB61ob8mmN2ZaeJa4pxLpnwqbUriQ5bDlNLju3Xs5tSqJJkIJZEbfPAxEQo-bLde_4l65cN6E86N538BtAtbuJrpSUym3hIdxUTH_ChmPKs70u5HE4mbbHdjk7p8LfOFPQWw9zaoIC7JZZltYZn5lhRXMOkzdd_05lw4fgAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JHxkHxLH_Rzwt_lol2R-rZ6T_CQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:03 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3159474
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5B34 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3L8IaA6iAAcFn5rnXZcyQPm3T0iyZA&u=%7Cb8DkHa3%2FizVfKJHKu7B0Isv97JajqkjYaa7%2Bht5yc%2BA%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MyPEuabJ8EFsiEL6iHTKDBTV-GCkFAih2bg6OirWurEdEIusSTv92zPXupyRXMUR0xT67Z5jRDGKSK4igCbqu4tqsYSiFkseivGk0pG42_SAPT8ik44Mud-JH8Na7gptv3W7V5gnmPh_R4daIggRjG9Za1MPFBOAdBZTCnEUa1AwHtV1Kp7AYyx3yEIvQgAy-c_urtUDWf12BwXXmVa8A7zNTo1_HTaalYFqS3IRHMIdy9Lh66Oj2vCr-k_1iBeXNmcf5YmWwMHU500SIvJyF_eF6ny1qgDhHtjRbICQzwYU9_FiO5yI1biu8KvgW83my9nifW9YS-6t_kFokM7xPTKjGG3Ma_M58WMTmgbwwKrqQfPPj7McHvhcxLad4riWwebAWb9ORFLs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9aMOR1nwYr-5J6KdoPMPn4scnIHvsFyiyqeqdMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTU5MTM5ODk0MTQ4MzYzMDWgAazd_ugDyAEJqAMBqgTJAU_QAN1qZBicXb80vZInWpF3P_DjtfgpjbNSfNNgf_jtLVQ1AqF4TVBJNbbHayXxplUjblJ5cOXgiORmHZxMAlYd6eAEQ5tlSEsIOUiPdRXLGQSxUDIWbmYfCrToxOcNIp1SySet3c2KvFPE1a--h0OulFhQdEnVnhQlOTaRU9rIMY4HK6JHy5pKZOrRXPtujQ_GGkm_YTO9krzJeOShwQq-fU8xfVwdMjzrIXrx2mpJZ_etG4p_nQBn1aG34iNwiKOY8xFSWfBFeoAG-srwwcjd5LxIoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Nq0UQ2yUE9SYOuGO6Jkx2ezlcww%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
296809
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BxC%2BLKRRrBTZW5A%2FAu6TrxadSU2N0TijOdQ9KIuTdGqObcDYfJEA83IlhvfmLgQihlxb8YLdZO17PX3M83SYTubYM4%2BDIcfBEogd8qAhm%2B%2BMdBx85DdlGx7Cs5LSTgLqTkuFGAZX6sLC9K8ueNrLlQGC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
737425a47c1d8105-ORD
expires
Sat, 29 Jul 2023 00:31:04 GMT
animejs.js
static.criteo.net/animejs/ Frame 5B34 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3L8IaA6iAAcFn5rnXZcyQPm3T0iyZA&u=%7Cb8DkHa3%2FizVfKJHKu7B0Isv97JajqkjYaa7%2Bht5yc%2BA%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MyPEuabJ8EFsiEL6iHTKDBTV-GCkFAih2bg6OirWurEdEIusSTv92zPXupyRXMUR0xT67Z5jRDGKSK4igCbqu4tqsYSiFkseivGk0pG42_SAPT8ik44Mud-JH8Na7gptv3W7V5gnmPh_R4daIggRjG9Za1MPFBOAdBZTCnEUa1AwHtV1Kp7AYyx3yEIvQgAy-c_urtUDWf12BwXXmVa8A7zNTo1_HTaalYFqS3IRHMIdy9Lh66Oj2vCr-k_1iBeXNmcf5YmWwMHU500SIvJyF_eF6ny1qgDhHtjRbICQzwYU9_FiO5yI1biu8KvgW83my9nifW9YS-6t_kFokM7xPTKjGG3Ma_M58WMTmgbwwKrqQfPPj7McHvhcxLad4riWwebAWb9ORFLs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9aMOR1nwYr-5J6KdoPMPn4scnIHvsFyiyqeqdMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTU5MTM5ODk0MTQ4MzYzMDWgAazd_ugDyAEJqAMBqgTJAU_QAN1qZBicXb80vZInWpF3P_DjtfgpjbNSfNNgf_jtLVQ1AqF4TVBJNbbHayXxplUjblJ5cOXgiORmHZxMAlYd6eAEQ5tlSEsIOUiPdRXLGQSxUDIWbmYfCrToxOcNIp1SySet3c2KvFPE1a--h0OulFhQdEnVnhQlOTaRU9rIMY4HK6JHy5pKZOrRXPtujQ_GGkm_YTO9krzJeOShwQq-fU8xfVwdMjzrIXrx2mpJZ_etG4p_nQBn1aG34iNwiKOY8xFSWfBFeoAG-srwwcjd5LxIoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Nq0UQ2yUE9SYOuGO6Jkx2ezlcww%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
img
pix.us.criteo.net/img/ Frame 5B34 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=92&m=0&partner=83857&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F82240%2F210225%2F2f2477e7e3ee4f8abe645188aa715ff5_leibish_logo.png&v=3&w=668&s=V9tHR8lN_8O4GRu2zu0uZqbM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3L8IaA6iAAcFn5rnXZcyQPm3T0iyZA&u=%7Cb8DkHa3%2FizVfKJHKu7B0Isv97JajqkjYaa7%2Bht5yc%2BA%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MyPEuabJ8EFsiEL6iHTKDBTV-GCkFAih2bg6OirWurEdEIusSTv92zPXupyRXMUR0xT67Z5jRDGKSK4igCbqu4tqsYSiFkseivGk0pG42_SAPT8ik44Mud-JH8Na7gptv3W7V5gnmPh_R4daIggRjG9Za1MPFBOAdBZTCnEUa1AwHtV1Kp7AYyx3yEIvQgAy-c_urtUDWf12BwXXmVa8A7zNTo1_HTaalYFqS3IRHMIdy9Lh66Oj2vCr-k_1iBeXNmcf5YmWwMHU500SIvJyF_eF6ny1qgDhHtjRbICQzwYU9_FiO5yI1biu8KvgW83my9nifW9YS-6t_kFokM7xPTKjGG3Ma_M58WMTmgbwwKrqQfPPj7McHvhcxLad4riWwebAWb9ORFLs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9aMOR1nwYr-5J6KdoPMPn4scnIHvsFyiyqeqdMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTU5MTM5ODk0MTQ4MzYzMDWgAazd_ugDyAEJqAMBqgTJAU_QAN1qZBicXb80vZInWpF3P_DjtfgpjbNSfNNgf_jtLVQ1AqF4TVBJNbbHayXxplUjblJ5cOXgiORmHZxMAlYd6eAEQ5tlSEsIOUiPdRXLGQSxUDIWbmYfCrToxOcNIp1SySet3c2KvFPE1a--h0OulFhQdEnVnhQlOTaRU9rIMY4HK6JHy5pKZOrRXPtujQ_GGkm_YTO9krzJeOShwQq-fU8xfVwdMjzrIXrx2mpJZ_etG4p_nQBn1aG34iNwiKOY8xFSWfBFeoAG-srwwcjd5LxIoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Nq0UQ2yUE9SYOuGO6Jkx2ezlcww%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f0ca343071723f2dc279a0c7df9b8c3bb20556501faa6df5c29bc8f8d0008477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:05 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=26626650
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2707
expires
Mon, 12 Jun 2023 04:48:35 GMT
img
pix.us.criteo.net/img/ Frame 5B34 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=83857&q=80&r=0&u=https%3A%2F%2Fcdn.leibish.com%2Fmedia%2Fjewelry%2Fthumb_w470%2Fjewelry-27377r-ring-18k_gold-gold_all_white-0e6c5.jpg&v=3&w=400&s=x0YOspIa43bZAUc283NuiAVA&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3L8IaA6iAAcFn5rnXZcyQPm3T0iyZA&u=%7Cb8DkHa3%2FizVfKJHKu7B0Isv97JajqkjYaa7%2Bht5yc%2BA%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MyPEuabJ8EFsiEL6iHTKDBTV-GCkFAih2bg6OirWurEdEIusSTv92zPXupyRXMUR0xT67Z5jRDGKSK4igCbqu4tqsYSiFkseivGk0pG42_SAPT8ik44Mud-JH8Na7gptv3W7V5gnmPh_R4daIggRjG9Za1MPFBOAdBZTCnEUa1AwHtV1Kp7AYyx3yEIvQgAy-c_urtUDWf12BwXXmVa8A7zNTo1_HTaalYFqS3IRHMIdy9Lh66Oj2vCr-k_1iBeXNmcf5YmWwMHU500SIvJyF_eF6ny1qgDhHtjRbICQzwYU9_FiO5yI1biu8KvgW83my9nifW9YS-6t_kFokM7xPTKjGG3Ma_M58WMTmgbwwKrqQfPPj7McHvhcxLad4riWwebAWb9ORFLs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9aMOR1nwYr-5J6KdoPMPn4scnIHvsFyiyqeqdMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTU5MTM5ODk0MTQ4MzYzMDWgAazd_ugDyAEJqAMBqgTJAU_QAN1qZBicXb80vZInWpF3P_DjtfgpjbNSfNNgf_jtLVQ1AqF4TVBJNbbHayXxplUjblJ5cOXgiORmHZxMAlYd6eAEQ5tlSEsIOUiPdRXLGQSxUDIWbmYfCrToxOcNIp1SySet3c2KvFPE1a--h0OulFhQdEnVnhQlOTaRU9rIMY4HK6JHy5pKZOrRXPtujQ_GGkm_YTO9krzJeOShwQq-fU8xfVwdMjzrIXrx2mpJZ_etG4p_nQBn1aG34iNwiKOY8xFSWfBFeoAG-srwwcjd5LxIoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Nq0UQ2yUE9SYOuGO6Jkx2ezlcww%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
424983be23bc4bcd388da63b3647222bef56e36973ed9386c03377ab15c90261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1777414
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11410
expires
Sun, 28 Aug 2022 14:14:39 GMT
img
pix.us.criteo.net/img/ Frame 5B34 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=83857&q=80&r=0&u=https%3A%2F%2Fcdn.leibish.com%2Fmedia%2Fjewelry%2Fthumb_w470%2Fjewelry-27861r-earrings-18k_gold-gold_all_white-3eb88.jpg&v=3&w=400&s=8rEhNQO-m4XNnLg7oAgDDSBO&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3L8IaA6iAAcFn5rnXZcyQPm3T0iyZA&u=%7Cb8DkHa3%2FizVfKJHKu7B0Isv97JajqkjYaa7%2Bht5yc%2BA%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MyPEuabJ8EFsiEL6iHTKDBTV-GCkFAih2bg6OirWurEdEIusSTv92zPXupyRXMUR0xT67Z5jRDGKSK4igCbqu4tqsYSiFkseivGk0pG42_SAPT8ik44Mud-JH8Na7gptv3W7V5gnmPh_R4daIggRjG9Za1MPFBOAdBZTCnEUa1AwHtV1Kp7AYyx3yEIvQgAy-c_urtUDWf12BwXXmVa8A7zNTo1_HTaalYFqS3IRHMIdy9Lh66Oj2vCr-k_1iBeXNmcf5YmWwMHU500SIvJyF_eF6ny1qgDhHtjRbICQzwYU9_FiO5yI1biu8KvgW83my9nifW9YS-6t_kFokM7xPTKjGG3Ma_M58WMTmgbwwKrqQfPPj7McHvhcxLad4riWwebAWb9ORFLs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9aMOR1nwYr-5J6KdoPMPn4scnIHvsFyiyqeqdMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTU5MTM5ODk0MTQ4MzYzMDWgAazd_ugDyAEJqAMBqgTJAU_QAN1qZBicXb80vZInWpF3P_DjtfgpjbNSfNNgf_jtLVQ1AqF4TVBJNbbHayXxplUjblJ5cOXgiORmHZxMAlYd6eAEQ5tlSEsIOUiPdRXLGQSxUDIWbmYfCrToxOcNIp1SySet3c2KvFPE1a--h0OulFhQdEnVnhQlOTaRU9rIMY4HK6JHy5pKZOrRXPtujQ_GGkm_YTO9krzJeOShwQq-fU8xfVwdMjzrIXrx2mpJZ_etG4p_nQBn1aG34iNwiKOY8xFSWfBFeoAG-srwwcjd5LxIoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Nq0UQ2yUE9SYOuGO6Jkx2ezlcww%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
3054b873b5da579c37e1acd0a12010765115894ec03cd028abbcad7edf269605
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1793969
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6286
expires
Sun, 28 Aug 2022 18:50:34 GMT
img
pix.us.criteo.net/img/ Frame 5B34 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=83857&q=80&r=0&u=https%3A%2F%2Fcdn.leibish.com%2Fmedia%2Fjewelry%2Fthumb_w470%2Fjewelry-134767-ring-18k_gold-gold_white_yellow-25ce6.jpg&v=3&w=400&s=xqwr_NJPcMMYeakcq78PVgBk&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3L8IaA6iAAcFn5rnXZcyQPm3T0iyZA&u=%7Cb8DkHa3%2FizVfKJHKu7B0Isv97JajqkjYaa7%2Bht5yc%2BA%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MyPEuabJ8EFsiEL6iHTKDBTV-GCkFAih2bg6OirWurEdEIusSTv92zPXupyRXMUR0xT67Z5jRDGKSK4igCbqu4tqsYSiFkseivGk0pG42_SAPT8ik44Mud-JH8Na7gptv3W7V5gnmPh_R4daIggRjG9Za1MPFBOAdBZTCnEUa1AwHtV1Kp7AYyx3yEIvQgAy-c_urtUDWf12BwXXmVa8A7zNTo1_HTaalYFqS3IRHMIdy9Lh66Oj2vCr-k_1iBeXNmcf5YmWwMHU500SIvJyF_eF6ny1qgDhHtjRbICQzwYU9_FiO5yI1biu8KvgW83my9nifW9YS-6t_kFokM7xPTKjGG3Ma_M58WMTmgbwwKrqQfPPj7McHvhcxLad4riWwebAWb9ORFLs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9aMOR1nwYr-5J6KdoPMPn4scnIHvsFyiyqeqdMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTU5MTM5ODk0MTQ4MzYzMDWgAazd_ugDyAEJqAMBqgTJAU_QAN1qZBicXb80vZInWpF3P_DjtfgpjbNSfNNgf_jtLVQ1AqF4TVBJNbbHayXxplUjblJ5cOXgiORmHZxMAlYd6eAEQ5tlSEsIOUiPdRXLGQSxUDIWbmYfCrToxOcNIp1SySet3c2KvFPE1a--h0OulFhQdEnVnhQlOTaRU9rIMY4HK6JHy5pKZOrRXPtujQ_GGkm_YTO9krzJeOShwQq-fU8xfVwdMjzrIXrx2mpJZ_etG4p_nQBn1aG34iNwiKOY8xFSWfBFeoAG-srwwcjd5LxIoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Nq0UQ2yUE9SYOuGO6Jkx2ezlcww%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4a78752ef60de6805154dc3af5dc7992478434c5203b3e956b93abeb0d5e5081
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1249250
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
12776
expires
Mon, 22 Aug 2022 11:31:55 GMT
all
csm.us.criteo.net/ Frame 5B34 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=mw6CI3WGJ-uCIdgwt8G3l5vASlo81vsARzkuYfJE-WfQe-pY7jpHJ0zio8eguaHlU-OKwnYZ9Wxgc83thv9gbOi14gJW-_y2LYrCchfzJ9SsyIo7LcsVxQ6u7eMU-TYu_80lIEb4cP4TqnvMNOGkKoM8FOuJ5G-JzaWcnwSZsvOyCosfWgJ-TO5o29wNVCnkedbs_y2TZwhjA1wXNrgBhsC80anFnzGMapYeLUMmE5wwNw_yuXY619FBrdGKgT9WhEQZmOgmxqaSPHHK&sds=2&rev=82344&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3L8IaA6iAAcFn5rnXZcyQPm3T0iyZA&u=%7Cb8DkHa3%2FizVfKJHKu7B0Isv97JajqkjYaa7%2Bht5yc%2BA%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MyPEuabJ8EFsiEL6iHTKDBTV-GCkFAih2bg6OirWurEdEIusSTv92zPXupyRXMUR0xT67Z5jRDGKSK4igCbqu4tqsYSiFkseivGk0pG42_SAPT8ik44Mud-JH8Na7gptv3W7V5gnmPh_R4daIggRjG9Za1MPFBOAdBZTCnEUa1AwHtV1Kp7AYyx3yEIvQgAy-c_urtUDWf12BwXXmVa8A7zNTo1_HTaalYFqS3IRHMIdy9Lh66Oj2vCr-k_1iBeXNmcf5YmWwMHU500SIvJyF_eF6ny1qgDhHtjRbICQzwYU9_FiO5yI1biu8KvgW83my9nifW9YS-6t_kFokM7xPTKjGG3Ma_M58WMTmgbwwKrqQfPPj7McHvhcxLad4riWwebAWb9ORFLs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9aMOR1nwYr-5J6KdoPMPn4scnIHvsFyiyqeqdMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTU5MTM5ODk0MTQ4MzYzMDWgAazd_ugDyAEJqAMBqgTJAU_QAN1qZBicXb80vZInWpF3P_DjtfgpjbNSfNNgf_jtLVQ1AqF4TVBJNbbHayXxplUjblJ5cOXgiORmHZxMAlYd6eAEQ5tlSEsIOUiPdRXLGQSxUDIWbmYfCrToxOcNIp1SySet3c2KvFPE1a--h0OulFhQdEnVnhQlOTaRU9rIMY4HK6JHy5pKZOrRXPtujQ_GGkm_YTO9krzJeOShwQq-fU8xfVwdMjzrIXrx2mpJZ_etG4p_nQBn1aG34iNwiKOY8xFSWfBFeoAG-srwwcjd5LxIoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Nq0UQ2yUE9SYOuGO6Jkx2ezlcww%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 08 Aug 2022 00:31:03 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5B34 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3L8IaA6iAAcFn5rnXZcyQPm3T0iyZA&u=%7Cb8DkHa3%2FizVfKJHKu7B0Isv97JajqkjYaa7%2Bht5yc%2BA%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MyPEuabJ8EFsiEL6iHTKDBTV-GCkFAih2bg6OirWurEdEIusSTv92zPXupyRXMUR0xT67Z5jRDGKSK4igCbqu4tqsYSiFkseivGk0pG42_SAPT8ik44Mud-JH8Na7gptv3W7V5gnmPh_R4daIggRjG9Za1MPFBOAdBZTCnEUa1AwHtV1Kp7AYyx3yEIvQgAy-c_urtUDWf12BwXXmVa8A7zNTo1_HTaalYFqS3IRHMIdy9Lh66Oj2vCr-k_1iBeXNmcf5YmWwMHU500SIvJyF_eF6ny1qgDhHtjRbICQzwYU9_FiO5yI1biu8KvgW83my9nifW9YS-6t_kFokM7xPTKjGG3Ma_M58WMTmgbwwKrqQfPPj7McHvhcxLad4riWwebAWb9ORFLs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9aMOR1nwYr-5J6KdoPMPn4scnIHvsFyiyqeqdMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTU5MTM5ODk0MTQ4MzYzMDWgAazd_ugDyAEJqAMBqgTJAU_QAN1qZBicXb80vZInWpF3P_DjtfgpjbNSfNNgf_jtLVQ1AqF4TVBJNbbHayXxplUjblJ5cOXgiORmHZxMAlYd6eAEQ5tlSEsIOUiPdRXLGQSxUDIWbmYfCrToxOcNIp1SySet3c2KvFPE1a--h0OulFhQdEnVnhQlOTaRU9rIMY4HK6JHy5pKZOrRXPtujQ_GGkm_YTO9krzJeOShwQq-fU8xfVwdMjzrIXrx2mpJZ_etG4p_nQBn1aG34iNwiKOY8xFSWfBFeoAG-srwwcjd5LxIoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Nq0UQ2yUE9SYOuGO6Jkx2ezlcww%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 5B34 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3L8IaA6iAAcFn5rnXZcyQPm3T0iyZA&u=%7Cb8DkHa3%2FizVfKJHKu7B0Isv97JajqkjYaa7%2Bht5yc%2BA%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MyPEuabJ8EFsiEL6iHTKDBTV-GCkFAih2bg6OirWurEdEIusSTv92zPXupyRXMUR0xT67Z5jRDGKSK4igCbqu4tqsYSiFkseivGk0pG42_SAPT8ik44Mud-JH8Na7gptv3W7V5gnmPh_R4daIggRjG9Za1MPFBOAdBZTCnEUa1AwHtV1Kp7AYyx3yEIvQgAy-c_urtUDWf12BwXXmVa8A7zNTo1_HTaalYFqS3IRHMIdy9Lh66Oj2vCr-k_1iBeXNmcf5YmWwMHU500SIvJyF_eF6ny1qgDhHtjRbICQzwYU9_FiO5yI1biu8KvgW83my9nifW9YS-6t_kFokM7xPTKjGG3Ma_M58WMTmgbwwKrqQfPPj7McHvhcxLad4riWwebAWb9ORFLs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9aMOR1nwYr-5J6KdoPMPn4scnIHvsFyiyqeqdMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTU5MTM5ODk0MTQ4MzYzMDWgAazd_ugDyAEJqAMBqgTJAU_QAN1qZBicXb80vZInWpF3P_DjtfgpjbNSfNNgf_jtLVQ1AqF4TVBJNbbHayXxplUjblJ5cOXgiORmHZxMAlYd6eAEQ5tlSEsIOUiPdRXLGQSxUDIWbmYfCrToxOcNIp1SySet3c2KvFPE1a--h0OulFhQdEnVnhQlOTaRU9rIMY4HK6JHy5pKZOrRXPtujQ_GGkm_YTO9krzJeOShwQq-fU8xfVwdMjzrIXrx2mpJZ_etG4p_nQBn1aG34iNwiKOY8xFSWfBFeoAG-srwwcjd5LxIoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Nq0UQ2yUE9SYOuGO6Jkx2ezlcww%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 2CB8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAKFC8IaAvIAAbCEW5rx0LZ3bW24JHG8w&u=%7Cb8DkHa3%2FizWfD3JKbP7eBsHuR5gBBeMjiIPWw%2BRT0e0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZeZTd39aZKOmGn4QLaGA7eGk4Bwc0SWX3jpRJC61-m1wsSexiMol-QOrbsnnJqZmKSEepWm_nVX0ZlA1adJch4_ovCzRqbfYqIhjxTxtO_bfOxGeVTlOYzECZDH4wJtf-Q4DBeMnXNqGhEfOzQ2eFIL0rxzX_wpTtn5PRf6r6hOY86l-b7vzzIF_3IN0n1tve9hwUNsS5ieQYTkMkjw1cXwJv_9Ofm7aLEy_yal3qwkaAUFk7GEjDmdF1Bt73Xq6gicrk_DTcPMXAaDSueaEg8KWPN_WdW3_TXRqXrRKJcRzislPRPXHHDdhRSh_kaw48lJFxf9NnGxZg4pKMgGGxgfJ7Gzz02CJvVz-2uz1quC0I85P_8xWTTri8frTGt23lbiNBpVI9Vc_HuryVgCtTWYs3NKHtLW3w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEylsR1nwYq-oKMiXoPMPkYSb4Aicge-wXJrwqKp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9CgJkHcfXekCauD5sr_PbpCBpkkm4mP1ezFjSsw_0m7B6fiTvcoCx9AIfEyuRuwnMkGy9IPS9jGmiAl9ZXjX9P_CtVT7GJqd_wGsEWpc9Eu0N-tpQo3554pJRhJV6QjvGO321V-za7A7iItUiVwbtH5YHUoo7UO0G3Clv3CarbsZSRPiOFrK4Qz6dupvYFvU6fLXSb0NfQoUtlr7Oic8zZFTFkSsVRSIJRbIA2iV7jvaGR_Ot9Rhcbxr-loXy31ghoIN5g39oFngAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0334XfLKIyp1JUEJh5axXP1_vuIQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 2CB8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAKFC8IaAvIAAbCEW5rx0LZ3bW24JHG8w&u=%7Cb8DkHa3%2FizWfD3JKbP7eBsHuR5gBBeMjiIPWw%2BRT0e0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZeZTd39aZKOmGn4QLaGA7eGk4Bwc0SWX3jpRJC61-m1wsSexiMol-QOrbsnnJqZmKSEepWm_nVX0ZlA1adJch4_ovCzRqbfYqIhjxTxtO_bfOxGeVTlOYzECZDH4wJtf-Q4DBeMnXNqGhEfOzQ2eFIL0rxzX_wpTtn5PRf6r6hOY86l-b7vzzIF_3IN0n1tve9hwUNsS5ieQYTkMkjw1cXwJv_9Ofm7aLEy_yal3qwkaAUFk7GEjDmdF1Bt73Xq6gicrk_DTcPMXAaDSueaEg8KWPN_WdW3_TXRqXrRKJcRzislPRPXHHDdhRSh_kaw48lJFxf9NnGxZg4pKMgGGxgfJ7Gzz02CJvVz-2uz1quC0I85P_8xWTTri8frTGt23lbiNBpVI9Vc_HuryVgCtTWYs3NKHtLW3w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEylsR1nwYq-oKMiXoPMPkYSb4Aicge-wXJrwqKp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9CgJkHcfXekCauD5sr_PbpCBpkkm4mP1ezFjSsw_0m7B6fiTvcoCx9AIfEyuRuwnMkGy9IPS9jGmiAl9ZXjX9P_CtVT7GJqd_wGsEWpc9Eu0N-tpQo3554pJRhJV6QjvGO321V-za7A7iItUiVwbtH5YHUoo7UO0G3Clv3CarbsZSRPiOFrK4Qz6dupvYFvU6fLXSb0NfQoUtlr7Oic8zZFTFkSsVRSIJRbIA2iV7jvaGR_Ot9Rhcbxr-loXy31ghoIN5g39oFngAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0334XfLKIyp1JUEJh5axXP1_vuIQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 2CB8 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAKFC8IaAvIAAbCEW5rx0LZ3bW24JHG8w&u=%7Cb8DkHa3%2FizWfD3JKbP7eBsHuR5gBBeMjiIPWw%2BRT0e0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZeZTd39aZKOmGn4QLaGA7eGk4Bwc0SWX3jpRJC61-m1wsSexiMol-QOrbsnnJqZmKSEepWm_nVX0ZlA1adJch4_ovCzRqbfYqIhjxTxtO_bfOxGeVTlOYzECZDH4wJtf-Q4DBeMnXNqGhEfOzQ2eFIL0rxzX_wpTtn5PRf6r6hOY86l-b7vzzIF_3IN0n1tve9hwUNsS5ieQYTkMkjw1cXwJv_9Ofm7aLEy_yal3qwkaAUFk7GEjDmdF1Bt73Xq6gicrk_DTcPMXAaDSueaEg8KWPN_WdW3_TXRqXrRKJcRzislPRPXHHDdhRSh_kaw48lJFxf9NnGxZg4pKMgGGxgfJ7Gzz02CJvVz-2uz1quC0I85P_8xWTTri8frTGt23lbiNBpVI9Vc_HuryVgCtTWYs3NKHtLW3w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEylsR1nwYq-oKMiXoPMPkYSb4Aicge-wXJrwqKp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9CgJkHcfXekCauD5sr_PbpCBpkkm4mP1ezFjSsw_0m7B6fiTvcoCx9AIfEyuRuwnMkGy9IPS9jGmiAl9ZXjX9P_CtVT7GJqd_wGsEWpc9Eu0N-tpQo3554pJRhJV6QjvGO321V-za7A7iItUiVwbtH5YHUoo7UO0G3Clv3CarbsZSRPiOFrK4Qz6dupvYFvU6fLXSb0NfQoUtlr7Oic8zZFTFkSsVRSIJRbIA2iV7jvaGR_Ot9Rhcbxr-loXy31ghoIN5g39oFngAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0334XfLKIyp1JUEJh5axXP1_vuIQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 03 Aug 2023 00:31:04 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 2CB8 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAKFC8IaAvIAAbCEW5rx0LZ3bW24JHG8w&u=%7Cb8DkHa3%2FizWfD3JKbP7eBsHuR5gBBeMjiIPWw%2BRT0e0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZeZTd39aZKOmGn4QLaGA7eGk4Bwc0SWX3jpRJC61-m1wsSexiMol-QOrbsnnJqZmKSEepWm_nVX0ZlA1adJch4_ovCzRqbfYqIhjxTxtO_bfOxGeVTlOYzECZDH4wJtf-Q4DBeMnXNqGhEfOzQ2eFIL0rxzX_wpTtn5PRf6r6hOY86l-b7vzzIF_3IN0n1tve9hwUNsS5ieQYTkMkjw1cXwJv_9Ofm7aLEy_yal3qwkaAUFk7GEjDmdF1Bt73Xq6gicrk_DTcPMXAaDSueaEg8KWPN_WdW3_TXRqXrRKJcRzislPRPXHHDdhRSh_kaw48lJFxf9NnGxZg4pKMgGGxgfJ7Gzz02CJvVz-2uz1quC0I85P_8xWTTri8frTGt23lbiNBpVI9Vc_HuryVgCtTWYs3NKHtLW3w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEylsR1nwYq-oKMiXoPMPkYSb4Aicge-wXJrwqKp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9CgJkHcfXekCauD5sr_PbpCBpkkm4mP1ezFjSsw_0m7B6fiTvcoCx9AIfEyuRuwnMkGy9IPS9jGmiAl9ZXjX9P_CtVT7GJqd_wGsEWpc9Eu0N-tpQo3554pJRhJV6QjvGO321V-za7A7iItUiVwbtH5YHUoo7UO0G3Clv3CarbsZSRPiOFrK4Qz6dupvYFvU6fLXSb0NfQoUtlr7Oic8zZFTFkSsVRSIJRbIA2iV7jvaGR_Ot9Rhcbxr-loXy31ghoIN5g39oFngAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0334XfLKIyp1JUEJh5axXP1_vuIQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 03 Aug 2023 00:31:04 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 2CB8 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=f-0mDQW5oXEOU8og9WET21QcT5-ay8YPaROe98km_aC-guUZuFDfgqG_ZjtLWn-Tps7SfiF9Cv24jWoBrL9uLBwNIqTjgzTbnQGXMg4a-YWFNVQmkzhc75zn2W0X6vilzR4MBlCqp-57M9q9hWmIuMlhXCXICCFsv_QuTg6_V3JNs9XhoZBTwyijX8E77ctX4jahoKsk0gF1pSxTF8j7LotJ_4bRGXoxFdQNz5uKAXT-IiQwtkPLVuqxRoB_Y7hxwyNDr5z7t8obGN0w2w6UEv_VGOE4y0BK2P6IHY7fRiTO7JdSSuL4J4oCsY5ntkeXojbgMwSJrO0hUJfir3KOvkM3q09ePlq8bW0ZSwyk7GE4nIeE6pXHUv_DexYNyV4qk3x50NqdG-iaI60T34wK16Ep8jEXc_5dY7Cznqq6xHnQw2GslHJHXSPojkIGvpzO7gRBoA
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAKFC8IaAvIAAbCEW5rx0LZ3bW24JHG8w&u=%7Cb8DkHa3%2FizWfD3JKbP7eBsHuR5gBBeMjiIPWw%2BRT0e0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZeZTd39aZKOmGn4QLaGA7eGk4Bwc0SWX3jpRJC61-m1wsSexiMol-QOrbsnnJqZmKSEepWm_nVX0ZlA1adJch4_ovCzRqbfYqIhjxTxtO_bfOxGeVTlOYzECZDH4wJtf-Q4DBeMnXNqGhEfOzQ2eFIL0rxzX_wpTtn5PRf6r6hOY86l-b7vzzIF_3IN0n1tve9hwUNsS5ieQYTkMkjw1cXwJv_9Ofm7aLEy_yal3qwkaAUFk7GEjDmdF1Bt73Xq6gicrk_DTcPMXAaDSueaEg8KWPN_WdW3_TXRqXrRKJcRzislPRPXHHDdhRSh_kaw48lJFxf9NnGxZg4pKMgGGxgfJ7Gzz02CJvVz-2uz1quC0I85P_8xWTTri8frTGt23lbiNBpVI9Vc_HuryVgCtTWYs3NKHtLW3w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEylsR1nwYq-oKMiXoPMPkYSb4Aicge-wXJrwqKp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9CgJkHcfXekCauD5sr_PbpCBpkkm4mP1ezFjSsw_0m7B6fiTvcoCx9AIfEyuRuwnMkGy9IPS9jGmiAl9ZXjX9P_CtVT7GJqd_wGsEWpc9Eu0N-tpQo3554pJRhJV6QjvGO321V-za7A7iItUiVwbtH5YHUoo7UO0G3Clv3CarbsZSRPiOFrK4Qz6dupvYFvU6fLXSb0NfQoUtlr7Oic8zZFTFkSsVRSIJRbIA2iV7jvaGR_Ot9Rhcbxr-loXy31ghoIN5g39oFngAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0334XfLKIyp1JUEJh5axXP1_vuIQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:04 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1994609
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D174 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ4VEIaA4NAAi-t7jXpAIE7CPcgn5swA&u=%7Cb8DkHa3%2FizXifI8hdqNMwgmYjQB5rdz3lpS6de9iNcw%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MMe-JRpJ5GvdAwtDTxwS89kfagzzOxoKjOWnfOIVcRIJygB4kJ1EmsYgzvaFcJegMEB6gksyHR6RcZTOYg0bs_Ih3fI1m1WBnsEcyywHrn9AjLBpVQzAJbubjuTj_FNeKvon75XJGStnrPvE6srJ_a6y8OfGPQNlkhtuwiepKaDXZNBb7SDgBw3eyTweAli9W3rUaGCDAHPpc50b_0N2S0QNORu6ZuroA2Op8qtcPA3J4jLI3A0qd3hwJWBr1diT6uh_0cq22ZRhKBb_UKLjT26c3P2ZeqtsCD_ptoaPLh6NW7KJMMkSdN18Xuzab18qLcqkLSFsnqRCFAA2ER7WwDxqiD-nvBpIOdvNZjpfN7MQPqYoxmxTQcrOpK3qyTxxk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3xBrR1nwYtHCJ42coPMPt_2i6Aecge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9DEHsZXHYQt5GqZ9FJthGsZLyx7JcvX_xB4Cdsx3YR1ZSsGLVMrCP5ZOpSFdgKJ8cxQVdOf-CT_9IsMHQRp1Es3bT7fLF7NU70BBcVnB61ob8mmN2ZaeJa4pxLpnwqbUriQ5bDlNLju3Xs5tSqJJkIJZEbfPAxEQo-bLde_4l65cN6E86N538BtAtbuJrpSUym3hIdxUTH_ChmPKs70u5HE4mbbHdjk7p8LfOFPQWw9zaoIC7JZZltYZn5lhRXMOkzdd_05lw4fgAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JHxkHxLH_Rzwt_lol2R-rZ6T_CQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
363095
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpmLI3JYvgKG9hTt6WTdIU6H4ZcAo%2F10ByKMfAW7KCpWlCVzBw8sm5OTHLY8uK163YmeylEkbT0GHdRirmfwlRdPvJaLB3LJkG0DK3OVnjBkTEh7T%2FjIi8HbfT8DWgevKS6wRsTV3exowhS3JsJ8EM3O"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
737425a52d4f28ef-ORD
expires
Sat, 29 Jul 2023 00:31:04 GMT
animejs.js
static.criteo.net/animejs/ Frame D174 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ4VEIaA4NAAi-t7jXpAIE7CPcgn5swA&u=%7Cb8DkHa3%2FizXifI8hdqNMwgmYjQB5rdz3lpS6de9iNcw%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MMe-JRpJ5GvdAwtDTxwS89kfagzzOxoKjOWnfOIVcRIJygB4kJ1EmsYgzvaFcJegMEB6gksyHR6RcZTOYg0bs_Ih3fI1m1WBnsEcyywHrn9AjLBpVQzAJbubjuTj_FNeKvon75XJGStnrPvE6srJ_a6y8OfGPQNlkhtuwiepKaDXZNBb7SDgBw3eyTweAli9W3rUaGCDAHPpc50b_0N2S0QNORu6ZuroA2Op8qtcPA3J4jLI3A0qd3hwJWBr1diT6uh_0cq22ZRhKBb_UKLjT26c3P2ZeqtsCD_ptoaPLh6NW7KJMMkSdN18Xuzab18qLcqkLSFsnqRCFAA2ER7WwDxqiD-nvBpIOdvNZjpfN7MQPqYoxmxTQcrOpK3qyTxxk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3xBrR1nwYtHCJ42coPMPt_2i6Aecge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9DEHsZXHYQt5GqZ9FJthGsZLyx7JcvX_xB4Cdsx3YR1ZSsGLVMrCP5ZOpSFdgKJ8cxQVdOf-CT_9IsMHQRp1Es3bT7fLF7NU70BBcVnB61ob8mmN2ZaeJa4pxLpnwqbUriQ5bDlNLju3Xs5tSqJJkIJZEbfPAxEQo-bLde_4l65cN6E86N538BtAtbuJrpSUym3hIdxUTH_ChmPKs70u5HE4mbbHdjk7p8LfOFPQWw9zaoIC7JZZltYZn5lhRXMOkzdd_05lw4fgAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JHxkHxLH_Rzwt_lol2R-rZ6T_CQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
img
pix.us.criteo.net/img/ Frame D174 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=92&m=0&partner=83857&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F82240%2F210225%2F2f2477e7e3ee4f8abe645188aa715ff5_leibish_logo.png&v=3&w=668&s=V9tHR8lN_8O4GRu2zu0uZqbM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ4VEIaA4NAAi-t7jXpAIE7CPcgn5swA&u=%7Cb8DkHa3%2FizXifI8hdqNMwgmYjQB5rdz3lpS6de9iNcw%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MMe-JRpJ5GvdAwtDTxwS89kfagzzOxoKjOWnfOIVcRIJygB4kJ1EmsYgzvaFcJegMEB6gksyHR6RcZTOYg0bs_Ih3fI1m1WBnsEcyywHrn9AjLBpVQzAJbubjuTj_FNeKvon75XJGStnrPvE6srJ_a6y8OfGPQNlkhtuwiepKaDXZNBb7SDgBw3eyTweAli9W3rUaGCDAHPpc50b_0N2S0QNORu6ZuroA2Op8qtcPA3J4jLI3A0qd3hwJWBr1diT6uh_0cq22ZRhKBb_UKLjT26c3P2ZeqtsCD_ptoaPLh6NW7KJMMkSdN18Xuzab18qLcqkLSFsnqRCFAA2ER7WwDxqiD-nvBpIOdvNZjpfN7MQPqYoxmxTQcrOpK3qyTxxk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3xBrR1nwYtHCJ42coPMPt_2i6Aecge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9DEHsZXHYQt5GqZ9FJthGsZLyx7JcvX_xB4Cdsx3YR1ZSsGLVMrCP5ZOpSFdgKJ8cxQVdOf-CT_9IsMHQRp1Es3bT7fLF7NU70BBcVnB61ob8mmN2ZaeJa4pxLpnwqbUriQ5bDlNLju3Xs5tSqJJkIJZEbfPAxEQo-bLde_4l65cN6E86N538BtAtbuJrpSUym3hIdxUTH_ChmPKs70u5HE4mbbHdjk7p8LfOFPQWw9zaoIC7JZZltYZn5lhRXMOkzdd_05lw4fgAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JHxkHxLH_Rzwt_lol2R-rZ6T_CQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f0ca343071723f2dc279a0c7df9b8c3bb20556501faa6df5c29bc8f8d0008477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=26626650
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2707
expires
Mon, 12 Jun 2023 04:48:35 GMT
img
pix.us.criteo.net/img/ Frame D174 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=83857&q=80&r=0&u=https%3A%2F%2Fcdn.leibish.com%2Fmedia%2Fjewelry%2Fthumb_w470%2Fjewelry-27377r-ring-18k_gold-gold_all_white-0e6c5.jpg&v=3&w=400&s=x0YOspIa43bZAUc283NuiAVA&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ4VEIaA4NAAi-t7jXpAIE7CPcgn5swA&u=%7Cb8DkHa3%2FizXifI8hdqNMwgmYjQB5rdz3lpS6de9iNcw%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MMe-JRpJ5GvdAwtDTxwS89kfagzzOxoKjOWnfOIVcRIJygB4kJ1EmsYgzvaFcJegMEB6gksyHR6RcZTOYg0bs_Ih3fI1m1WBnsEcyywHrn9AjLBpVQzAJbubjuTj_FNeKvon75XJGStnrPvE6srJ_a6y8OfGPQNlkhtuwiepKaDXZNBb7SDgBw3eyTweAli9W3rUaGCDAHPpc50b_0N2S0QNORu6ZuroA2Op8qtcPA3J4jLI3A0qd3hwJWBr1diT6uh_0cq22ZRhKBb_UKLjT26c3P2ZeqtsCD_ptoaPLh6NW7KJMMkSdN18Xuzab18qLcqkLSFsnqRCFAA2ER7WwDxqiD-nvBpIOdvNZjpfN7MQPqYoxmxTQcrOpK3qyTxxk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3xBrR1nwYtHCJ42coPMPt_2i6Aecge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9DEHsZXHYQt5GqZ9FJthGsZLyx7JcvX_xB4Cdsx3YR1ZSsGLVMrCP5ZOpSFdgKJ8cxQVdOf-CT_9IsMHQRp1Es3bT7fLF7NU70BBcVnB61ob8mmN2ZaeJa4pxLpnwqbUriQ5bDlNLju3Xs5tSqJJkIJZEbfPAxEQo-bLde_4l65cN6E86N538BtAtbuJrpSUym3hIdxUTH_ChmPKs70u5HE4mbbHdjk7p8LfOFPQWw9zaoIC7JZZltYZn5lhRXMOkzdd_05lw4fgAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JHxkHxLH_Rzwt_lol2R-rZ6T_CQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
424983be23bc4bcd388da63b3647222bef56e36973ed9386c03377ab15c90261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:05 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1777414
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11410
expires
Sun, 28 Aug 2022 14:14:39 GMT
img
pix.us.criteo.net/img/ Frame D174 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=83857&q=80&r=0&u=https%3A%2F%2Fcdn.leibish.com%2Fmedia%2Fjewelry%2Fthumb_w470%2Fjewelry-27861r-earrings-18k_gold-gold_all_white-3eb88.jpg&v=3&w=400&s=8rEhNQO-m4XNnLg7oAgDDSBO&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ4VEIaA4NAAi-t7jXpAIE7CPcgn5swA&u=%7Cb8DkHa3%2FizXifI8hdqNMwgmYjQB5rdz3lpS6de9iNcw%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MMe-JRpJ5GvdAwtDTxwS89kfagzzOxoKjOWnfOIVcRIJygB4kJ1EmsYgzvaFcJegMEB6gksyHR6RcZTOYg0bs_Ih3fI1m1WBnsEcyywHrn9AjLBpVQzAJbubjuTj_FNeKvon75XJGStnrPvE6srJ_a6y8OfGPQNlkhtuwiepKaDXZNBb7SDgBw3eyTweAli9W3rUaGCDAHPpc50b_0N2S0QNORu6ZuroA2Op8qtcPA3J4jLI3A0qd3hwJWBr1diT6uh_0cq22ZRhKBb_UKLjT26c3P2ZeqtsCD_ptoaPLh6NW7KJMMkSdN18Xuzab18qLcqkLSFsnqRCFAA2ER7WwDxqiD-nvBpIOdvNZjpfN7MQPqYoxmxTQcrOpK3qyTxxk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3xBrR1nwYtHCJ42coPMPt_2i6Aecge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9DEHsZXHYQt5GqZ9FJthGsZLyx7JcvX_xB4Cdsx3YR1ZSsGLVMrCP5ZOpSFdgKJ8cxQVdOf-CT_9IsMHQRp1Es3bT7fLF7NU70BBcVnB61ob8mmN2ZaeJa4pxLpnwqbUriQ5bDlNLju3Xs5tSqJJkIJZEbfPAxEQo-bLde_4l65cN6E86N538BtAtbuJrpSUym3hIdxUTH_ChmPKs70u5HE4mbbHdjk7p8LfOFPQWw9zaoIC7JZZltYZn5lhRXMOkzdd_05lw4fgAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JHxkHxLH_Rzwt_lol2R-rZ6T_CQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
3054b873b5da579c37e1acd0a12010765115894ec03cd028abbcad7edf269605
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:05 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1793969
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6286
expires
Sun, 28 Aug 2022 18:50:34 GMT
img
pix.us.criteo.net/img/ Frame D174 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=83857&q=80&r=0&u=https%3A%2F%2Fcdn.leibish.com%2Fmedia%2Fjewelry%2Fthumb_w470%2Fjewelry-499919-earrings-18k_gold-gold_all_rose-a3456.jpg&v=3&w=400&s=Vs0qmsfynNtaQzj13bFA5dMp&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ4VEIaA4NAAi-t7jXpAIE7CPcgn5swA&u=%7Cb8DkHa3%2FizXifI8hdqNMwgmYjQB5rdz3lpS6de9iNcw%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MMe-JRpJ5GvdAwtDTxwS89kfagzzOxoKjOWnfOIVcRIJygB4kJ1EmsYgzvaFcJegMEB6gksyHR6RcZTOYg0bs_Ih3fI1m1WBnsEcyywHrn9AjLBpVQzAJbubjuTj_FNeKvon75XJGStnrPvE6srJ_a6y8OfGPQNlkhtuwiepKaDXZNBb7SDgBw3eyTweAli9W3rUaGCDAHPpc50b_0N2S0QNORu6ZuroA2Op8qtcPA3J4jLI3A0qd3hwJWBr1diT6uh_0cq22ZRhKBb_UKLjT26c3P2ZeqtsCD_ptoaPLh6NW7KJMMkSdN18Xuzab18qLcqkLSFsnqRCFAA2ER7WwDxqiD-nvBpIOdvNZjpfN7MQPqYoxmxTQcrOpK3qyTxxk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3xBrR1nwYtHCJ42coPMPt_2i6Aecge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9DEHsZXHYQt5GqZ9FJthGsZLyx7JcvX_xB4Cdsx3YR1ZSsGLVMrCP5ZOpSFdgKJ8cxQVdOf-CT_9IsMHQRp1Es3bT7fLF7NU70BBcVnB61ob8mmN2ZaeJa4pxLpnwqbUriQ5bDlNLju3Xs5tSqJJkIJZEbfPAxEQo-bLde_4l65cN6E86N538BtAtbuJrpSUym3hIdxUTH_ChmPKs70u5HE4mbbHdjk7p8LfOFPQWw9zaoIC7JZZltYZn5lhRXMOkzdd_05lw4fgAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JHxkHxLH_Rzwt_lol2R-rZ6T_CQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
fbeb3a30683593d375a08112e1c9c15b3fed17aa6445764a0815a2c2e0b64a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2387550
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
9254
expires
Sun, 04 Sep 2022 15:43:35 GMT
all
csm.us.criteo.net/ Frame D174 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=06TOoHWGJ-uCIdgwsc_Jp6aGIrF8wyfe-u04DlPZsx30mKkWEkMuwkzQTv61PU2L-g4YSK4LIRhEzI2iUtdzEMOkvo4m9jpQOs46zo1kVoj2X_OcjJKY1rsxvl5CUmuX4E1cuzCjC4IkoAZWLg7eUzzhPtRc_vLHMIBSSHA-utq7Q0c80pS6K-ngPyyVzNodDkAOVVk3p_fPMYFPEzB7iNPnObGwvxAC7DbtcSIqMYo41DnP1A6NgMBnKvTeBjBJ1nR9Kg&sds=2&rev=82344&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ4VEIaA4NAAi-t7jXpAIE7CPcgn5swA&u=%7Cb8DkHa3%2FizXifI8hdqNMwgmYjQB5rdz3lpS6de9iNcw%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MMe-JRpJ5GvdAwtDTxwS89kfagzzOxoKjOWnfOIVcRIJygB4kJ1EmsYgzvaFcJegMEB6gksyHR6RcZTOYg0bs_Ih3fI1m1WBnsEcyywHrn9AjLBpVQzAJbubjuTj_FNeKvon75XJGStnrPvE6srJ_a6y8OfGPQNlkhtuwiepKaDXZNBb7SDgBw3eyTweAli9W3rUaGCDAHPpc50b_0N2S0QNORu6ZuroA2Op8qtcPA3J4jLI3A0qd3hwJWBr1diT6uh_0cq22ZRhKBb_UKLjT26c3P2ZeqtsCD_ptoaPLh6NW7KJMMkSdN18Xuzab18qLcqkLSFsnqRCFAA2ER7WwDxqiD-nvBpIOdvNZjpfN7MQPqYoxmxTQcrOpK3qyTxxk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3xBrR1nwYtHCJ42coPMPt_2i6Aecge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9DEHsZXHYQt5GqZ9FJthGsZLyx7JcvX_xB4Cdsx3YR1ZSsGLVMrCP5ZOpSFdgKJ8cxQVdOf-CT_9IsMHQRp1Es3bT7fLF7NU70BBcVnB61ob8mmN2ZaeJa4pxLpnwqbUriQ5bDlNLju3Xs5tSqJJkIJZEbfPAxEQo-bLde_4l65cN6E86N538BtAtbuJrpSUym3hIdxUTH_ChmPKs70u5HE4mbbHdjk7p8LfOFPQWw9zaoIC7JZZltYZn5lhRXMOkzdd_05lw4fgAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JHxkHxLH_Rzwt_lol2R-rZ6T_CQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 08 Aug 2022 00:31:04 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D174 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ4VEIaA4NAAi-t7jXpAIE7CPcgn5swA&u=%7Cb8DkHa3%2FizXifI8hdqNMwgmYjQB5rdz3lpS6de9iNcw%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MMe-JRpJ5GvdAwtDTxwS89kfagzzOxoKjOWnfOIVcRIJygB4kJ1EmsYgzvaFcJegMEB6gksyHR6RcZTOYg0bs_Ih3fI1m1WBnsEcyywHrn9AjLBpVQzAJbubjuTj_FNeKvon75XJGStnrPvE6srJ_a6y8OfGPQNlkhtuwiepKaDXZNBb7SDgBw3eyTweAli9W3rUaGCDAHPpc50b_0N2S0QNORu6ZuroA2Op8qtcPA3J4jLI3A0qd3hwJWBr1diT6uh_0cq22ZRhKBb_UKLjT26c3P2ZeqtsCD_ptoaPLh6NW7KJMMkSdN18Xuzab18qLcqkLSFsnqRCFAA2ER7WwDxqiD-nvBpIOdvNZjpfN7MQPqYoxmxTQcrOpK3qyTxxk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3xBrR1nwYtHCJ42coPMPt_2i6Aecge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9DEHsZXHYQt5GqZ9FJthGsZLyx7JcvX_xB4Cdsx3YR1ZSsGLVMrCP5ZOpSFdgKJ8cxQVdOf-CT_9IsMHQRp1Es3bT7fLF7NU70BBcVnB61ob8mmN2ZaeJa4pxLpnwqbUriQ5bDlNLju3Xs5tSqJJkIJZEbfPAxEQo-bLde_4l65cN6E86N538BtAtbuJrpSUym3hIdxUTH_ChmPKs70u5HE4mbbHdjk7p8LfOFPQWw9zaoIC7JZZltYZn5lhRXMOkzdd_05lw4fgAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JHxkHxLH_Rzwt_lol2R-rZ6T_CQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame D174 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ4VEIaA4NAAi-t7jXpAIE7CPcgn5swA&u=%7Cb8DkHa3%2FizXifI8hdqNMwgmYjQB5rdz3lpS6de9iNcw%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MMe-JRpJ5GvdAwtDTxwS89kfagzzOxoKjOWnfOIVcRIJygB4kJ1EmsYgzvaFcJegMEB6gksyHR6RcZTOYg0bs_Ih3fI1m1WBnsEcyywHrn9AjLBpVQzAJbubjuTj_FNeKvon75XJGStnrPvE6srJ_a6y8OfGPQNlkhtuwiepKaDXZNBb7SDgBw3eyTweAli9W3rUaGCDAHPpc50b_0N2S0QNORu6ZuroA2Op8qtcPA3J4jLI3A0qd3hwJWBr1diT6uh_0cq22ZRhKBb_UKLjT26c3P2ZeqtsCD_ptoaPLh6NW7KJMMkSdN18Xuzab18qLcqkLSFsnqRCFAA2ER7WwDxqiD-nvBpIOdvNZjpfN7MQPqYoxmxTQcrOpK3qyTxxk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3xBrR1nwYtHCJ42coPMPt_2i6Aecge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9DEHsZXHYQt5GqZ9FJthGsZLyx7JcvX_xB4Cdsx3YR1ZSsGLVMrCP5ZOpSFdgKJ8cxQVdOf-CT_9IsMHQRp1Es3bT7fLF7NU70BBcVnB61ob8mmN2ZaeJa4pxLpnwqbUriQ5bDlNLju3Xs5tSqJJkIJZEbfPAxEQo-bLde_4l65cN6E86N538BtAtbuJrpSUym3hIdxUTH_ChmPKs70u5HE4mbbHdjk7p8LfOFPQWw9zaoIC7JZZltYZn5lhRXMOkzdd_05lw4fgAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JHxkHxLH_Rzwt_lol2R-rZ6T_CQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 51DE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxwkhR1nwYun3MrmUoPMP9rO6mA3skq2RYPfa0tOsDMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDegAZX1m98DyAEJ4AIAqAMBqgTpAU_QzpNmkvv2c0zKNZHWpXqvfAjraoCBJeFoNEewjp62vhsNrsjW9LnWM2DR3_jJwpWI_NgkNx5mFl6E0q45g8ToNv110AwdLJ1N8MG-wsJotZ6LJWR8fRvHyCD9N66YautXNQSm90UqS6ysGxOcPhuq8AAOwmxHkXc5U6yjQlukGz9Ka_5cbCpM4iD1ntq_z_LeLCK1OAHhQk54Q_Ztplvo47MwLsue1sMhrY0ZHoPr5lBjaLEg-gQHjwPZYXnhSUnhXBqmg5T9GMehKv3oLOBO4JshBJ_qrD9nJ-HZzJPxz1v663TBHdcS4AQBgAa6n-XMkPXN2DagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01NTEyMzkwNzA1MTM3NTA3GJLvIQ&sigh=VHrASLO6nlg&uach_m=[UACH]&cid=CAQSPACsnQUxocHHri9DKl87aw7saCodRo2bPajwpkGAPeIa8khKIWvqvs5OKH8k0M_VpszveIDM_eQugl5wWBgB
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
log
hblg.media.net/ Frame 51DE 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=US&ctr=-1.0&viewability=96&device_id=4&cbdp=0.435&slotVisibility=1&dn=window-rock-az.asbe.us&acid=cb7b48e10f894c1eb3c9f349f7de81f0&ugd=4&size=728x90&pvid=294&csip=rtb-appnexus-d5c4fdf8d-bt8cn.SC&ogbdp=0.68&prvReqId=821606404963_777479965_11621109112941&itype=ADX&requrl=https%3A%2F%2Fwindow-rock-az.asbe.us&scrid=8032948058501&mang=1&bidrestime=1659918663986&cid=8CUU9JF8H&rme=nurl
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:04 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 08 Aug 2022 00:31:04 GMT
log
qsearch-a.akamaihd.net/ Frame 51DE 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.6800&ss_d2=0&stid=&other_prv=294&jar_err=&current_day=1.0&adtyp=0&req_id=YvBZRwAN964IaA3l_g2Cxw&bd_m3=0.0000&bidfp=0.0200&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=75.3437&exp=&fdbk_id=&second_bidder=*&search_res=36&floor_bucket=0.00&gpid_format=&seat=BID_API&size=728x90&f_seg=&prdp=0.4352&ogcbdp=0.6800&dfpbd=0.4352&server=1&ogerpm_wd_bkt=0-1&model_version=202208071705_generic_adx_1-cid_0&viewability=0.9600&dmm_r=0.0000&cut=36&dmm_l=0.0000&as_cache=0&tcyerpm=&sc=IL&send_erpm=true&dmm_m9=0.0000&sd=1&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.60&ugd_ver=&requrl=window-rock-az.asbe.us%2F&bidrestime=1659918663986&cc=US&strg=harmony&ss=&current_hour=0&time_stamp=2022-08-08+00%3A31%3A03&model_key=generic_adx_1-cid_0&rvshhon=&mul_ratio=0.0000&bdp=0.6800&ct=West+Chicago&akey=&mnckfl=0&bdp_bucket=0.60&algo=&dc=east_sc&splid=&dn=window-rock-az.asbe.us&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.79+Safari%2F537.36&buyer_id=&dmm_m10=1509870&bdp_wider_bucket=1&acid=cb7b48e10f894c1eb3c9f349f7de81f0&infl=&o_ver=NT+10.0&br_ver=104.0.5112.79&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.13.0&totalTimeBucket=3&visibility=1&totalTime=3604179&dmm_m1=2022-08-08+00%3A31%3A03.987518194&e_rpm=0.0000&dmm_m22=0.6800&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CUU9JF8H&bcrid=8032948058501&rawbid=0.6800&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-appnexus-d5c4fdf8d-bt8cn.SC&dfp_bucket=0.4&adblk=2234238321&itype=adx&pvid_seat=294_BID_API&cliIP=2807564032&advurl=search.yahoo.com%2F&level_base=0&crid=116211091&sat=1&br_id=265&cut_bkt=35&gpid=&iwb=1&second_bid=0.000000&sc_pvid=294&capd=0&other_bids=0.68
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.117.182.27 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-27.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Aug 2022 00:31:04 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 08 Aug 2022 00:31:04 GMT
nmedianet.js
contextual.media.net/ Frame 51DE 		159 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV
Requested by
Host: 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
URL: https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.220.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
87eaf75a07d0128dd3ca89b6b11e1c0d8b733c67b230bfc4c8f772d8c1f4f4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-mnt-h
21-t09m
content-encoding
gzip
etag
"b123e75303e31a8220d48ab3c41d1df3"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Mon, 08 Aug 2022 00:31:05 GMT
x-cache-hits
0
strict-transport-security
max-age=31536000
x-mnt-w
8-34
expires
Mon, 08 Aug 2022 00:36:05 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 51DE 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
URL: https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Mon, 08 Aug 2022 00:31:04 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=59486
access-control-allow-credentials
true
content-length
62892
expires
Mon, 08 Aug 2022 17:02:30 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame 51DE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
URL: https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:27:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 00:27:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 51DE 		139 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
URL: https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43822
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659527892023609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Aug 2022 00:31:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame 51DE 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
URL: https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:23:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
466
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7643
x-xss-protection
0
server
cafe
etag
5476907727954993956
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 00:23:18 GMT
l
www.google.com/ads/measurement/ Frame 51DE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSF8A6jm1oQvAkOrgamPgENXRnMOloiZ9nHcqVp3CcPQmD7GqnJDFwMUbExs9lxPg_4PtdpQU49z4o-zACHvk2tY1aHaw
Requested by
Host: 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
URL: https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 51DE 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
URL: https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 06 Aug 2022 07:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148005
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 06 Aug 2023 07:24:19 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 2CB8 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAKFC8IaAvIAAbCEW5rx0LZ3bW24JHG8w&u=%7Cb8DkHa3%2FizWfD3JKbP7eBsHuR5gBBeMjiIPWw%2BRT0e0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZeZTd39aZKOmGn4QLaGA7eGk4Bwc0SWX3jpRJC61-m1wsSexiMol-QOrbsnnJqZmKSEepWm_nVX0ZlA1adJch4_ovCzRqbfYqIhjxTxtO_bfOxGeVTlOYzECZDH4wJtf-Q4DBeMnXNqGhEfOzQ2eFIL0rxzX_wpTtn5PRf6r6hOY86l-b7vzzIF_3IN0n1tve9hwUNsS5ieQYTkMkjw1cXwJv_9Ofm7aLEy_yal3qwkaAUFk7GEjDmdF1Bt73Xq6gicrk_DTcPMXAaDSueaEg8KWPN_WdW3_TXRqXrRKJcRzislPRPXHHDdhRSh_kaw48lJFxf9NnGxZg4pKMgGGxgfJ7Gzz02CJvVz-2uz1quC0I85P_8xWTTri8frTGt23lbiNBpVI9Vc_HuryVgCtTWYs3NKHtLW3w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEylsR1nwYq-oKMiXoPMPkYSb4Aicge-wXJrwqKp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9CgJkHcfXekCauD5sr_PbpCBpkkm4mP1ezFjSsw_0m7B6fiTvcoCx9AIfEyuRuwnMkGy9IPS9jGmiAl9ZXjX9P_CtVT7GJqd_wGsEWpc9Eu0N-tpQo3554pJRhJV6QjvGO321V-za7A7iItUiVwbtH5YHUoo7UO0G3Clv3CarbsZSRPiOFrK4Qz6dupvYFvU6fLXSb0NfQoUtlr7Oic8zZFTFkSsVRSIJRbIA2iV7jvaGR_Ot9Rhcbxr-loXy31ghoIN5g39oFngAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0334XfLKIyp1JUEJh5axXP1_vuIQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
363095
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kubcUA%2FMdcm0f0BOjeAVEJRcAMMgn6BD7rDegsuAOdVwcCxGcCUli2xxL3lPBalseRSyAT0Ab4NvBPnZmM0mGiaXqL0%2FmRdFs0CH6qaYy7T1jC65dgPJADWFfi6urA83GkCEroMqijWeZjUFJZw3iU9u"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
737425a55dbb28ef-ORD
expires
Sat, 29 Jul 2023 00:31:04 GMT
animejs.js
static.criteo.net/animejs/ Frame 2CB8 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAKFC8IaAvIAAbCEW5rx0LZ3bW24JHG8w&u=%7Cb8DkHa3%2FizWfD3JKbP7eBsHuR5gBBeMjiIPWw%2BRT0e0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZeZTd39aZKOmGn4QLaGA7eGk4Bwc0SWX3jpRJC61-m1wsSexiMol-QOrbsnnJqZmKSEepWm_nVX0ZlA1adJch4_ovCzRqbfYqIhjxTxtO_bfOxGeVTlOYzECZDH4wJtf-Q4DBeMnXNqGhEfOzQ2eFIL0rxzX_wpTtn5PRf6r6hOY86l-b7vzzIF_3IN0n1tve9hwUNsS5ieQYTkMkjw1cXwJv_9Ofm7aLEy_yal3qwkaAUFk7GEjDmdF1Bt73Xq6gicrk_DTcPMXAaDSueaEg8KWPN_WdW3_TXRqXrRKJcRzislPRPXHHDdhRSh_kaw48lJFxf9NnGxZg4pKMgGGxgfJ7Gzz02CJvVz-2uz1quC0I85P_8xWTTri8frTGt23lbiNBpVI9Vc_HuryVgCtTWYs3NKHtLW3w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEylsR1nwYq-oKMiXoPMPkYSb4Aicge-wXJrwqKp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9CgJkHcfXekCauD5sr_PbpCBpkkm4mP1ezFjSsw_0m7B6fiTvcoCx9AIfEyuRuwnMkGy9IPS9jGmiAl9ZXjX9P_CtVT7GJqd_wGsEWpc9Eu0N-tpQo3554pJRhJV6QjvGO321V-za7A7iItUiVwbtH5YHUoo7UO0G3Clv3CarbsZSRPiOFrK4Qz6dupvYFvU6fLXSb0NfQoUtlr7Oic8zZFTFkSsVRSIJRbIA2iV7jvaGR_Ot9Rhcbxr-loXy31ghoIN5g39oFngAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0334XfLKIyp1JUEJh5axXP1_vuIQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
img
pix.us.criteo.net/img/ Frame 2CB8 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=556&m=0&partner=83857&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F82240%2F210225%2F2f2477e7e3ee4f8abe645188aa715ff5_leibish_logo.png&v=3&w=196&s=khWHH2eeHZEAZR5UlN0v_pJU
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAKFC8IaAvIAAbCEW5rx0LZ3bW24JHG8w&u=%7Cb8DkHa3%2FizWfD3JKbP7eBsHuR5gBBeMjiIPWw%2BRT0e0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZeZTd39aZKOmGn4QLaGA7eGk4Bwc0SWX3jpRJC61-m1wsSexiMol-QOrbsnnJqZmKSEepWm_nVX0ZlA1adJch4_ovCzRqbfYqIhjxTxtO_bfOxGeVTlOYzECZDH4wJtf-Q4DBeMnXNqGhEfOzQ2eFIL0rxzX_wpTtn5PRf6r6hOY86l-b7vzzIF_3IN0n1tve9hwUNsS5ieQYTkMkjw1cXwJv_9Ofm7aLEy_yal3qwkaAUFk7GEjDmdF1Bt73Xq6gicrk_DTcPMXAaDSueaEg8KWPN_WdW3_TXRqXrRKJcRzislPRPXHHDdhRSh_kaw48lJFxf9NnGxZg4pKMgGGxgfJ7Gzz02CJvVz-2uz1quC0I85P_8xWTTri8frTGt23lbiNBpVI9Vc_HuryVgCtTWYs3NKHtLW3w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEylsR1nwYq-oKMiXoPMPkYSb4Aicge-wXJrwqKp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9CgJkHcfXekCauD5sr_PbpCBpkkm4mP1ezFjSsw_0m7B6fiTvcoCx9AIfEyuRuwnMkGy9IPS9jGmiAl9ZXjX9P_CtVT7GJqd_wGsEWpc9Eu0N-tpQo3554pJRhJV6QjvGO321V-za7A7iItUiVwbtH5YHUoo7UO0G3Clv3CarbsZSRPiOFrK4Qz6dupvYFvU6fLXSb0NfQoUtlr7Oic8zZFTFkSsVRSIJRbIA2iV7jvaGR_Ot9Rhcbxr-loXy31ghoIN5g39oFngAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0334XfLKIyp1JUEJh5axXP1_vuIQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cd84d330298bd06c1bca80c36df9af9ec8a4c0ef85fb76ddc73b472006908954
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:05 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=26626650
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2390
expires
Mon, 12 Jun 2023 04:48:35 GMT
img
pix.us.criteo.net/img/ Frame 2CB8 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=83857&q=80&r=0&u=https%3A%2F%2Fcdn.leibish.com%2Fmedia%2Fjewelry%2Fthumb_w470%2Fjewelry-27861r-earrings-18k_gold-gold_all_white-3eb88.jpg&v=3&w=800&s=-r-2v0VZGnczKwHbr3zPcYpU&b=800
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAKFC8IaAvIAAbCEW5rx0LZ3bW24JHG8w&u=%7Cb8DkHa3%2FizWfD3JKbP7eBsHuR5gBBeMjiIPWw%2BRT0e0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZeZTd39aZKOmGn4QLaGA7eGk4Bwc0SWX3jpRJC61-m1wsSexiMol-QOrbsnnJqZmKSEepWm_nVX0ZlA1adJch4_ovCzRqbfYqIhjxTxtO_bfOxGeVTlOYzECZDH4wJtf-Q4DBeMnXNqGhEfOzQ2eFIL0rxzX_wpTtn5PRf6r6hOY86l-b7vzzIF_3IN0n1tve9hwUNsS5ieQYTkMkjw1cXwJv_9Ofm7aLEy_yal3qwkaAUFk7GEjDmdF1Bt73Xq6gicrk_DTcPMXAaDSueaEg8KWPN_WdW3_TXRqXrRKJcRzislPRPXHHDdhRSh_kaw48lJFxf9NnGxZg4pKMgGGxgfJ7Gzz02CJvVz-2uz1quC0I85P_8xWTTri8frTGt23lbiNBpVI9Vc_HuryVgCtTWYs3NKHtLW3w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEylsR1nwYq-oKMiXoPMPkYSb4Aicge-wXJrwqKp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9CgJkHcfXekCauD5sr_PbpCBpkkm4mP1ezFjSsw_0m7B6fiTvcoCx9AIfEyuRuwnMkGy9IPS9jGmiAl9ZXjX9P_CtVT7GJqd_wGsEWpc9Eu0N-tpQo3554pJRhJV6QjvGO321V-za7A7iItUiVwbtH5YHUoo7UO0G3Clv3CarbsZSRPiOFrK4Qz6dupvYFvU6fLXSb0NfQoUtlr7Oic8zZFTFkSsVRSIJRbIA2iV7jvaGR_Ot9Rhcbxr-loXy31ghoIN5g39oFngAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0334XfLKIyp1JUEJh5axXP1_vuIQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
52f9fa90e00a17ee7d3071442a83eee9e32a7dabf92f145d0a8a57fe41cd99e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:05 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1793969
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7168
expires
Sun, 28 Aug 2022 18:50:34 GMT
img
pix.us.criteo.net/img/ Frame 2CB8 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=83857&q=80&r=0&u=https%3A%2F%2Fcdn.leibish.com%2Fmedia%2Fgemstones%2Fthumb_w470%2Fgemstone-172549-ruby-marquise-red-51326.jpg&v=3&w=800&s=yPz06gnFy8blH3p7jHZM4eIT&b=800
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAKFC8IaAvIAAbCEW5rx0LZ3bW24JHG8w&u=%7Cb8DkHa3%2FizWfD3JKbP7eBsHuR5gBBeMjiIPWw%2BRT0e0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZeZTd39aZKOmGn4QLaGA7eGk4Bwc0SWX3jpRJC61-m1wsSexiMol-QOrbsnnJqZmKSEepWm_nVX0ZlA1adJch4_ovCzRqbfYqIhjxTxtO_bfOxGeVTlOYzECZDH4wJtf-Q4DBeMnXNqGhEfOzQ2eFIL0rxzX_wpTtn5PRf6r6hOY86l-b7vzzIF_3IN0n1tve9hwUNsS5ieQYTkMkjw1cXwJv_9Ofm7aLEy_yal3qwkaAUFk7GEjDmdF1Bt73Xq6gicrk_DTcPMXAaDSueaEg8KWPN_WdW3_TXRqXrRKJcRzislPRPXHHDdhRSh_kaw48lJFxf9NnGxZg4pKMgGGxgfJ7Gzz02CJvVz-2uz1quC0I85P_8xWTTri8frTGt23lbiNBpVI9Vc_HuryVgCtTWYs3NKHtLW3w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEylsR1nwYq-oKMiXoPMPkYSb4Aicge-wXJrwqKp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9CgJkHcfXekCauD5sr_PbpCBpkkm4mP1ezFjSsw_0m7B6fiTvcoCx9AIfEyuRuwnMkGy9IPS9jGmiAl9ZXjX9P_CtVT7GJqd_wGsEWpc9Eu0N-tpQo3554pJRhJV6QjvGO321V-za7A7iItUiVwbtH5YHUoo7UO0G3Clv3CarbsZSRPiOFrK4Qz6dupvYFvU6fLXSb0NfQoUtlr7Oic8zZFTFkSsVRSIJRbIA2iV7jvaGR_Ot9Rhcbxr-loXy31ghoIN5g39oFngAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0334XfLKIyp1JUEJh5axXP1_vuIQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
83cc1b82ea1c20656bc292696ba76ad9ab01ae9078c469b55326585ea129bc7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=425033
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3548
expires
Fri, 12 Aug 2022 22:34:58 GMT
img
pix.us.criteo.net/img/ Frame 2CB8 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=83857&q=80&r=0&u=https%3A%2F%2Fcdn.leibish.com%2Fmedia%2Fgemstones%2Fthumb_w470%2Fgemstone-241719-sapphire-round-blue-32c40.jpg&v=3&w=800&s=0RYNKAuPoEQsP5Rj8MO7OcSl&b=800
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAKFC8IaAvIAAbCEW5rx0LZ3bW24JHG8w&u=%7Cb8DkHa3%2FizWfD3JKbP7eBsHuR5gBBeMjiIPWw%2BRT0e0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZeZTd39aZKOmGn4QLaGA7eGk4Bwc0SWX3jpRJC61-m1wsSexiMol-QOrbsnnJqZmKSEepWm_nVX0ZlA1adJch4_ovCzRqbfYqIhjxTxtO_bfOxGeVTlOYzECZDH4wJtf-Q4DBeMnXNqGhEfOzQ2eFIL0rxzX_wpTtn5PRf6r6hOY86l-b7vzzIF_3IN0n1tve9hwUNsS5ieQYTkMkjw1cXwJv_9Ofm7aLEy_yal3qwkaAUFk7GEjDmdF1Bt73Xq6gicrk_DTcPMXAaDSueaEg8KWPN_WdW3_TXRqXrRKJcRzislPRPXHHDdhRSh_kaw48lJFxf9NnGxZg4pKMgGGxgfJ7Gzz02CJvVz-2uz1quC0I85P_8xWTTri8frTGt23lbiNBpVI9Vc_HuryVgCtTWYs3NKHtLW3w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEylsR1nwYq-oKMiXoPMPkYSb4Aicge-wXJrwqKp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9CgJkHcfXekCauD5sr_PbpCBpkkm4mP1ezFjSsw_0m7B6fiTvcoCx9AIfEyuRuwnMkGy9IPS9jGmiAl9ZXjX9P_CtVT7GJqd_wGsEWpc9Eu0N-tpQo3554pJRhJV6QjvGO321V-za7A7iItUiVwbtH5YHUoo7UO0G3Clv3CarbsZSRPiOFrK4Qz6dupvYFvU6fLXSb0NfQoUtlr7Oic8zZFTFkSsVRSIJRbIA2iV7jvaGR_Ot9Rhcbxr-loXy31ghoIN5g39oFngAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0334XfLKIyp1JUEJh5axXP1_vuIQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5bb9d3b4bc60079178a6f7bd42e09d63b4f326bffd46122308e7be47529b38af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=738621
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6730
expires
Tue, 16 Aug 2022 13:41:26 GMT
all
csm.us.criteo.net/ Frame 2CB8 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=Bw8efXWGJ-uCIdgw2HFCkNKIlBoyBT2GDt34hcF5bg_4n3PjI4jLSqYHdRl8Qytd_dvDsy2lT7wreYkREJW5doWMOxrnR35Zdgk5I0rXpplGZLHqq1fpIVrETix3lZ_c7bJwoThkLmosLbIoSuDR18DYpMd6gARXcJDhRhn2uKJqCp4AP-dlzbx5AKS9ZahEoaKLioCszbPpF6Z-3LlDPGNy1cmJI_tOg_vgJuw8ngT3sXmhBf0XZ5zM9q0ZcqT41AxjVNELrN2t5LzI&sds=2&rev=82344&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAKFC8IaAvIAAbCEW5rx0LZ3bW24JHG8w&u=%7Cb8DkHa3%2FizWfD3JKbP7eBsHuR5gBBeMjiIPWw%2BRT0e0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZeZTd39aZKOmGn4QLaGA7eGk4Bwc0SWX3jpRJC61-m1wsSexiMol-QOrbsnnJqZmKSEepWm_nVX0ZlA1adJch4_ovCzRqbfYqIhjxTxtO_bfOxGeVTlOYzECZDH4wJtf-Q4DBeMnXNqGhEfOzQ2eFIL0rxzX_wpTtn5PRf6r6hOY86l-b7vzzIF_3IN0n1tve9hwUNsS5ieQYTkMkjw1cXwJv_9Ofm7aLEy_yal3qwkaAUFk7GEjDmdF1Bt73Xq6gicrk_DTcPMXAaDSueaEg8KWPN_WdW3_TXRqXrRKJcRzislPRPXHHDdhRSh_kaw48lJFxf9NnGxZg4pKMgGGxgfJ7Gzz02CJvVz-2uz1quC0I85P_8xWTTri8frTGt23lbiNBpVI9Vc_HuryVgCtTWYs3NKHtLW3w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEylsR1nwYq-oKMiXoPMPkYSb4Aicge-wXJrwqKp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9CgJkHcfXekCauD5sr_PbpCBpkkm4mP1ezFjSsw_0m7B6fiTvcoCx9AIfEyuRuwnMkGy9IPS9jGmiAl9ZXjX9P_CtVT7GJqd_wGsEWpc9Eu0N-tpQo3554pJRhJV6QjvGO321V-za7A7iItUiVwbtH5YHUoo7UO0G3Clv3CarbsZSRPiOFrK4Qz6dupvYFvU6fLXSb0NfQoUtlr7Oic8zZFTFkSsVRSIJRbIA2iV7jvaGR_Ot9Rhcbxr-loXy31ghoIN5g39oFngAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0334XfLKIyp1JUEJh5axXP1_vuIQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 08 Aug 2022 00:31:03 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2CB8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAKFC8IaAvIAAbCEW5rx0LZ3bW24JHG8w&u=%7Cb8DkHa3%2FizWfD3JKbP7eBsHuR5gBBeMjiIPWw%2BRT0e0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZeZTd39aZKOmGn4QLaGA7eGk4Bwc0SWX3jpRJC61-m1wsSexiMol-QOrbsnnJqZmKSEepWm_nVX0ZlA1adJch4_ovCzRqbfYqIhjxTxtO_bfOxGeVTlOYzECZDH4wJtf-Q4DBeMnXNqGhEfOzQ2eFIL0rxzX_wpTtn5PRf6r6hOY86l-b7vzzIF_3IN0n1tve9hwUNsS5ieQYTkMkjw1cXwJv_9Ofm7aLEy_yal3qwkaAUFk7GEjDmdF1Bt73Xq6gicrk_DTcPMXAaDSueaEg8KWPN_WdW3_TXRqXrRKJcRzislPRPXHHDdhRSh_kaw48lJFxf9NnGxZg4pKMgGGxgfJ7Gzz02CJvVz-2uz1quC0I85P_8xWTTri8frTGt23lbiNBpVI9Vc_HuryVgCtTWYs3NKHtLW3w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEylsR1nwYq-oKMiXoPMPkYSb4Aicge-wXJrwqKp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9CgJkHcfXekCauD5sr_PbpCBpkkm4mP1ezFjSsw_0m7B6fiTvcoCx9AIfEyuRuwnMkGy9IPS9jGmiAl9ZXjX9P_CtVT7GJqd_wGsEWpc9Eu0N-tpQo3554pJRhJV6QjvGO321V-za7A7iItUiVwbtH5YHUoo7UO0G3Clv3CarbsZSRPiOFrK4Qz6dupvYFvU6fLXSb0NfQoUtlr7Oic8zZFTFkSsVRSIJRbIA2iV7jvaGR_Ot9Rhcbxr-loXy31ghoIN5g39oFngAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0334XfLKIyp1JUEJh5axXP1_vuIQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 2CB8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAKFC8IaAvIAAbCEW5rx0LZ3bW24JHG8w&u=%7Cb8DkHa3%2FizWfD3JKbP7eBsHuR5gBBeMjiIPWw%2BRT0e0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZeZTd39aZKOmGn4QLaGA7eGk4Bwc0SWX3jpRJC61-m1wsSexiMol-QOrbsnnJqZmKSEepWm_nVX0ZlA1adJch4_ovCzRqbfYqIhjxTxtO_bfOxGeVTlOYzECZDH4wJtf-Q4DBeMnXNqGhEfOzQ2eFIL0rxzX_wpTtn5PRf6r6hOY86l-b7vzzIF_3IN0n1tve9hwUNsS5ieQYTkMkjw1cXwJv_9Ofm7aLEy_yal3qwkaAUFk7GEjDmdF1Bt73Xq6gicrk_DTcPMXAaDSueaEg8KWPN_WdW3_TXRqXrRKJcRzislPRPXHHDdhRSh_kaw48lJFxf9NnGxZg4pKMgGGxgfJ7Gzz02CJvVz-2uz1quC0I85P_8xWTTri8frTGt23lbiNBpVI9Vc_HuryVgCtTWYs3NKHtLW3w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEylsR1nwYq-oKMiXoPMPkYSb4Aicge-wXJrwqKp0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9CgJkHcfXekCauD5sr_PbpCBpkkm4mP1ezFjSsw_0m7B6fiTvcoCx9AIfEyuRuwnMkGy9IPS9jGmiAl9ZXjX9P_CtVT7GJqd_wGsEWpc9Eu0N-tpQo3554pJRhJV6QjvGO321V-za7A7iItUiVwbtH5YHUoo7UO0G3Clv3CarbsZSRPiOFrK4Qz6dupvYFvU6fLXSb0NfQoUtlr7Oic8zZFTFkSsVRSIJRbIA2iV7jvaGR_Ot9Rhcbxr-loXy31ghoIN5g39oFngAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0334XfLKIyp1JUEJh5axXP1_vuIQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
1
mc.yandex.com/watch/83817100/
Redirect Chain
  • https://mc.yandex.com/watch/83817100?wmode=7&page-url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2xjocdbdc4o86v7h18qg%3Afp%3A431%3Afu%3A0%3Aen%3Aut...
  • https://mc.yandex.com/watch/83817100/1?wmode=7&page-url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2xjocdbdc4o86v7h18qg%3Afp%3A431%3Afu%3A0%3Aen%3A...
338 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/83817100/1?wmode=7&page-url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2xjocdbdc4o86v7h18qg%3Afp%3A431%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A850%3Acn%3A1%3Adp%3A0%3Als%3A537592827502%3Ahid%3A304790411%3Az%3A0%3Ai%3A20220808003103%3Aet%3A1659918664%3Ac%3A1%3Arn%3A252365715%3Arqn%3A1%3Au%3A1659918664290706329%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1659918662252%3Ads%3A43%2C65%2C181%2C6%2C0%2C0%2C%2C148%2C1%2C%2C%2C%2C444%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1659918665%3At%3AStores%20in%20Window%20Rock%2C%20Arizona&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Requested by
Host: window-rock-az.asbe.us
URL: https://window-rock-az.asbe.us/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
6141b63f64ee2b45c44fddfe0ff61ca74f8f234ad8a2525d32af333386031da1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 08-Aug-2022 00:31:04 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://window-rock-az.asbe.us
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
338
x-xss-protection
1; mode=block
expires
Mon, 08-Aug-2022 00:31:04 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Mon, 08-Aug-2022 00:31:04 GMT
location
/watch/83817100/1?wmode=7&page-url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2xjocdbdc4o86v7h18qg%3Afp%3A431%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A850%3Acn%3A1%3Adp%3A0%3Als%3A537592827502%3Ahid%3A304790411%3Az%3A0%3Ai%3A20220808003103%3Aet%3A1659918664%3Ac%3A1%3Arn%3A252365715%3Arqn%3A1%3Au%3A1659918664290706329%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1659918662252%3Ads%3A43%2C65%2C181%2C6%2C0%2C0%2C%2C148%2C1%2C%2C%2C%2C444%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1659918665%3At%3AStores%20in%20Window%20Rock%2C%20Arizona&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://window-rock-az.asbe.us
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 08-Aug-2022 00:31:04 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 6963 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3zMIaAooAAielbBINCih2UptgV-Few&u=%7Cb8DkHa3%2FizUnE8Uf4LGaeAjGFp%2FWuNxCZZsJYMg3WpM%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MhK7bu9yqYwflV60ZIaNn9jku4TIP6WGSmAzHY7aoRA8pwI_44QcHVzl-j8iNLf7A5RZLU8AUVDrriQ3dLntN6xcLCx3JQrqAg3IIoywVfLdYg9jywvCQxyD4fCWx-6R8_qcEAirfGm_D_9XHmAYhrT3KSLf2EY6nF7cxh0OK7tQzOC559EIfVAggRu_iP_2X3PPOU8VYm38IezKOnImeb8qkJzW173jWjt1kh5I5Uj2fbYbvNCtaIEjsUC6Jhptbuxs8vNXcQAoMficqDkNdckJw3FsfNX8iuTO56sLDk7dJiQyx2r-h1WFspR2gbYf7eY2gn43VOeKslYiAdd_SYbpqoIHMHdnAtyHeSmTepxPvyql5nay-j-O31OvMLntggvXXuBdTznw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBaQsR1nwYrO-J6iUoPMPlb2i8AGcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwHIAwKqBMMBT9Cp5bWjPmUB-h4GBjw4Puj0WdDJh8voa-QQnhYTzMtv-QhcLOBRySQMGBiPB0JNsRDdSUBFAoveTfoWXMvgKHJfYXle5tWaygDgTQzk1L5-F0pMT6oaMBcKkmV4VdAxlTT6rEkW5N1LJ_85kvWRjMeeMcX9Q6NaeL8567hzE9hMyIDB1lijcFW1CN0YLI-Jnk8qgglIEt3brwRmFw-NccXVG0jEQrJbRbFHZ83UcmhkVoQQeM4USOVNn8XCAzPE9-1ogAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16PGkyyfBNl9H--xO6tml5DCdzQQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 6963 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3zMIaAooAAielbBINCih2UptgV-Few&u=%7Cb8DkHa3%2FizUnE8Uf4LGaeAjGFp%2FWuNxCZZsJYMg3WpM%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MhK7bu9yqYwflV60ZIaNn9jku4TIP6WGSmAzHY7aoRA8pwI_44QcHVzl-j8iNLf7A5RZLU8AUVDrriQ3dLntN6xcLCx3JQrqAg3IIoywVfLdYg9jywvCQxyD4fCWx-6R8_qcEAirfGm_D_9XHmAYhrT3KSLf2EY6nF7cxh0OK7tQzOC559EIfVAggRu_iP_2X3PPOU8VYm38IezKOnImeb8qkJzW173jWjt1kh5I5Uj2fbYbvNCtaIEjsUC6Jhptbuxs8vNXcQAoMficqDkNdckJw3FsfNX8iuTO56sLDk7dJiQyx2r-h1WFspR2gbYf7eY2gn43VOeKslYiAdd_SYbpqoIHMHdnAtyHeSmTepxPvyql5nay-j-O31OvMLntggvXXuBdTznw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBaQsR1nwYrO-J6iUoPMPlb2i8AGcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwHIAwKqBMMBT9Cp5bWjPmUB-h4GBjw4Puj0WdDJh8voa-QQnhYTzMtv-QhcLOBRySQMGBiPB0JNsRDdSUBFAoveTfoWXMvgKHJfYXle5tWaygDgTQzk1L5-F0pMT6oaMBcKkmV4VdAxlTT6rEkW5N1LJ_85kvWRjMeeMcX9Q6NaeL8567hzE9hMyIDB1lijcFW1CN0YLI-Jnk8qgglIEt3brwRmFw-NccXVG0jEQrJbRbFHZ83UcmhkVoQQeM4USOVNn8XCAzPE9-1ogAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16PGkyyfBNl9H--xO6tml5DCdzQQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 6963 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3zMIaAooAAielbBINCih2UptgV-Few&u=%7Cb8DkHa3%2FizUnE8Uf4LGaeAjGFp%2FWuNxCZZsJYMg3WpM%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MhK7bu9yqYwflV60ZIaNn9jku4TIP6WGSmAzHY7aoRA8pwI_44QcHVzl-j8iNLf7A5RZLU8AUVDrriQ3dLntN6xcLCx3JQrqAg3IIoywVfLdYg9jywvCQxyD4fCWx-6R8_qcEAirfGm_D_9XHmAYhrT3KSLf2EY6nF7cxh0OK7tQzOC559EIfVAggRu_iP_2X3PPOU8VYm38IezKOnImeb8qkJzW173jWjt1kh5I5Uj2fbYbvNCtaIEjsUC6Jhptbuxs8vNXcQAoMficqDkNdckJw3FsfNX8iuTO56sLDk7dJiQyx2r-h1WFspR2gbYf7eY2gn43VOeKslYiAdd_SYbpqoIHMHdnAtyHeSmTepxPvyql5nay-j-O31OvMLntggvXXuBdTznw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBaQsR1nwYrO-J6iUoPMPlb2i8AGcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwHIAwKqBMMBT9Cp5bWjPmUB-h4GBjw4Puj0WdDJh8voa-QQnhYTzMtv-QhcLOBRySQMGBiPB0JNsRDdSUBFAoveTfoWXMvgKHJfYXle5tWaygDgTQzk1L5-F0pMT6oaMBcKkmV4VdAxlTT6rEkW5N1LJ_85kvWRjMeeMcX9Q6NaeL8567hzE9hMyIDB1lijcFW1CN0YLI-Jnk8qgglIEt3brwRmFw-NccXVG0jEQrJbRbFHZ83UcmhkVoQQeM4USOVNn8XCAzPE9-1ogAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16PGkyyfBNl9H--xO6tml5DCdzQQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 03 Aug 2023 00:31:04 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 6963 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3zMIaAooAAielbBINCih2UptgV-Few&u=%7Cb8DkHa3%2FizUnE8Uf4LGaeAjGFp%2FWuNxCZZsJYMg3WpM%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MhK7bu9yqYwflV60ZIaNn9jku4TIP6WGSmAzHY7aoRA8pwI_44QcHVzl-j8iNLf7A5RZLU8AUVDrriQ3dLntN6xcLCx3JQrqAg3IIoywVfLdYg9jywvCQxyD4fCWx-6R8_qcEAirfGm_D_9XHmAYhrT3KSLf2EY6nF7cxh0OK7tQzOC559EIfVAggRu_iP_2X3PPOU8VYm38IezKOnImeb8qkJzW173jWjt1kh5I5Uj2fbYbvNCtaIEjsUC6Jhptbuxs8vNXcQAoMficqDkNdckJw3FsfNX8iuTO56sLDk7dJiQyx2r-h1WFspR2gbYf7eY2gn43VOeKslYiAdd_SYbpqoIHMHdnAtyHeSmTepxPvyql5nay-j-O31OvMLntggvXXuBdTznw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBaQsR1nwYrO-J6iUoPMPlb2i8AGcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwHIAwKqBMMBT9Cp5bWjPmUB-h4GBjw4Puj0WdDJh8voa-QQnhYTzMtv-QhcLOBRySQMGBiPB0JNsRDdSUBFAoveTfoWXMvgKHJfYXle5tWaygDgTQzk1L5-F0pMT6oaMBcKkmV4VdAxlTT6rEkW5N1LJ_85kvWRjMeeMcX9Q6NaeL8567hzE9hMyIDB1lijcFW1CN0YLI-Jnk8qgglIEt3brwRmFw-NccXVG0jEQrJbRbFHZ83UcmhkVoQQeM4USOVNn8XCAzPE9-1ogAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16PGkyyfBNl9H--xO6tml5DCdzQQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 03 Aug 2023 00:31:04 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 6963 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=tQIncwQq6mUh6NZtE2icu_xDCQUCrbRiwdMMrCT7kMZ9b_u4Dds663l8uQmHoTYkWmvBqjqEJz3ZPMWL6RSNAa1wEJ82kCjuGxp5Kyll5PBNOyx1VzpprDiYLZGKKU9AgYAjtQge3TlzxQtxCIJdmzdvArmHLo6Ns0oaX45w7AnZ4JDaRxtCXeItMs8EoWD30KSZotiSquKuC_GAncvsZeKj_k8YdN43qgggBKKE_td3JRknOZP9ZNd4DLHSykJ9R8HXDwcgeqFZFNQtHPYxEYA3U5H3dMMMm7Ilt-Sc8AiuW7W_t6wAYbI93TkWnGm0gPmVjOj7cmkyjKrLaJdo4dYdoHZrJtuzp0VDOKXlqNmZQrTSxRIPwKHhEcsi2QVVrsQAqWLGkvliFRRXPlZfoRNiihUQl_YEnP2h5F2MzUakHMyz
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3zMIaAooAAielbBINCih2UptgV-Few&u=%7Cb8DkHa3%2FizUnE8Uf4LGaeAjGFp%2FWuNxCZZsJYMg3WpM%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MhK7bu9yqYwflV60ZIaNn9jku4TIP6WGSmAzHY7aoRA8pwI_44QcHVzl-j8iNLf7A5RZLU8AUVDrriQ3dLntN6xcLCx3JQrqAg3IIoywVfLdYg9jywvCQxyD4fCWx-6R8_qcEAirfGm_D_9XHmAYhrT3KSLf2EY6nF7cxh0OK7tQzOC559EIfVAggRu_iP_2X3PPOU8VYm38IezKOnImeb8qkJzW173jWjt1kh5I5Uj2fbYbvNCtaIEjsUC6Jhptbuxs8vNXcQAoMficqDkNdckJw3FsfNX8iuTO56sLDk7dJiQyx2r-h1WFspR2gbYf7eY2gn43VOeKslYiAdd_SYbpqoIHMHdnAtyHeSmTepxPvyql5nay-j-O31OvMLntggvXXuBdTznw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBaQsR1nwYrO-J6iUoPMPlb2i8AGcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwHIAwKqBMMBT9Cp5bWjPmUB-h4GBjw4Puj0WdDJh8voa-QQnhYTzMtv-QhcLOBRySQMGBiPB0JNsRDdSUBFAoveTfoWXMvgKHJfYXle5tWaygDgTQzk1L5-F0pMT6oaMBcKkmV4VdAxlTT6rEkW5N1LJ_85kvWRjMeeMcX9Q6NaeL8567hzE9hMyIDB1lijcFW1CN0YLI-Jnk8qgglIEt3brwRmFw-NccXVG0jEQrJbRbFHZ83UcmhkVoQQeM4USOVNn8XCAzPE9-1ogAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16PGkyyfBNl9H--xO6tml5DCdzQQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:04 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3209849
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame EABE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bdb00f64415dab6c5665dd21ba8b0072dcdd85175ff306fea7bde9b2a35b2b8c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 5B34 		664 B
356 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Aug 2022 23:05:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 08 Aug 2022 00:31:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Aug 2022 00:31:04 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 6963 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3zMIaAooAAielbBINCih2UptgV-Few&u=%7Cb8DkHa3%2FizUnE8Uf4LGaeAjGFp%2FWuNxCZZsJYMg3WpM%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MhK7bu9yqYwflV60ZIaNn9jku4TIP6WGSmAzHY7aoRA8pwI_44QcHVzl-j8iNLf7A5RZLU8AUVDrriQ3dLntN6xcLCx3JQrqAg3IIoywVfLdYg9jywvCQxyD4fCWx-6R8_qcEAirfGm_D_9XHmAYhrT3KSLf2EY6nF7cxh0OK7tQzOC559EIfVAggRu_iP_2X3PPOU8VYm38IezKOnImeb8qkJzW173jWjt1kh5I5Uj2fbYbvNCtaIEjsUC6Jhptbuxs8vNXcQAoMficqDkNdckJw3FsfNX8iuTO56sLDk7dJiQyx2r-h1WFspR2gbYf7eY2gn43VOeKslYiAdd_SYbpqoIHMHdnAtyHeSmTepxPvyql5nay-j-O31OvMLntggvXXuBdTznw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBaQsR1nwYrO-J6iUoPMPlb2i8AGcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwHIAwKqBMMBT9Cp5bWjPmUB-h4GBjw4Puj0WdDJh8voa-QQnhYTzMtv-QhcLOBRySQMGBiPB0JNsRDdSUBFAoveTfoWXMvgKHJfYXle5tWaygDgTQzk1L5-F0pMT6oaMBcKkmV4VdAxlTT6rEkW5N1LJ_85kvWRjMeeMcX9Q6NaeL8567hzE9hMyIDB1lijcFW1CN0YLI-Jnk8qgglIEt3brwRmFw-NccXVG0jEQrJbRbFHZ83UcmhkVoQQeM4USOVNn8XCAzPE9-1ogAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16PGkyyfBNl9H--xO6tml5DCdzQQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
363095
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gqt9785Gtq1zcGf0RisNMSxAU1MJekZCyRUnPdtH1C1YD59Sf122kprdJ3DXjH%2BxLXJK88ZnBrc0EaL7rvNJIMWwr1feA8v0iNlhcbJZ%2BOXSNUS4hJlzgpMhwmosA5nlfE8E60QABdZhKKrbKnizEaiU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
737425a64fb428ef-ORD
expires
Sat, 29 Jul 2023 00:31:04 GMT
animejs.js
static.criteo.net/animejs/ Frame 6963 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3zMIaAooAAielbBINCih2UptgV-Few&u=%7Cb8DkHa3%2FizUnE8Uf4LGaeAjGFp%2FWuNxCZZsJYMg3WpM%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MhK7bu9yqYwflV60ZIaNn9jku4TIP6WGSmAzHY7aoRA8pwI_44QcHVzl-j8iNLf7A5RZLU8AUVDrriQ3dLntN6xcLCx3JQrqAg3IIoywVfLdYg9jywvCQxyD4fCWx-6R8_qcEAirfGm_D_9XHmAYhrT3KSLf2EY6nF7cxh0OK7tQzOC559EIfVAggRu_iP_2X3PPOU8VYm38IezKOnImeb8qkJzW173jWjt1kh5I5Uj2fbYbvNCtaIEjsUC6Jhptbuxs8vNXcQAoMficqDkNdckJw3FsfNX8iuTO56sLDk7dJiQyx2r-h1WFspR2gbYf7eY2gn43VOeKslYiAdd_SYbpqoIHMHdnAtyHeSmTepxPvyql5nay-j-O31OvMLntggvXXuBdTznw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBaQsR1nwYrO-J6iUoPMPlb2i8AGcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwHIAwKqBMMBT9Cp5bWjPmUB-h4GBjw4Puj0WdDJh8voa-QQnhYTzMtv-QhcLOBRySQMGBiPB0JNsRDdSUBFAoveTfoWXMvgKHJfYXle5tWaygDgTQzk1L5-F0pMT6oaMBcKkmV4VdAxlTT6rEkW5N1LJ_85kvWRjMeeMcX9Q6NaeL8567hzE9hMyIDB1lijcFW1CN0YLI-Jnk8qgglIEt3brwRmFw-NccXVG0jEQrJbRbFHZ83UcmhkVoQQeM4USOVNn8XCAzPE9-1ogAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16PGkyyfBNl9H--xO6tml5DCdzQQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
img
pix.us.criteo.net/img/ Frame 6963 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=92&m=0&partner=83857&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F82240%2F210225%2F2f2477e7e3ee4f8abe645188aa715ff5_leibish_logo.png&v=3&w=668&s=V9tHR8lN_8O4GRu2zu0uZqbM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3zMIaAooAAielbBINCih2UptgV-Few&u=%7Cb8DkHa3%2FizUnE8Uf4LGaeAjGFp%2FWuNxCZZsJYMg3WpM%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MhK7bu9yqYwflV60ZIaNn9jku4TIP6WGSmAzHY7aoRA8pwI_44QcHVzl-j8iNLf7A5RZLU8AUVDrriQ3dLntN6xcLCx3JQrqAg3IIoywVfLdYg9jywvCQxyD4fCWx-6R8_qcEAirfGm_D_9XHmAYhrT3KSLf2EY6nF7cxh0OK7tQzOC559EIfVAggRu_iP_2X3PPOU8VYm38IezKOnImeb8qkJzW173jWjt1kh5I5Uj2fbYbvNCtaIEjsUC6Jhptbuxs8vNXcQAoMficqDkNdckJw3FsfNX8iuTO56sLDk7dJiQyx2r-h1WFspR2gbYf7eY2gn43VOeKslYiAdd_SYbpqoIHMHdnAtyHeSmTepxPvyql5nay-j-O31OvMLntggvXXuBdTznw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBaQsR1nwYrO-J6iUoPMPlb2i8AGcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwHIAwKqBMMBT9Cp5bWjPmUB-h4GBjw4Puj0WdDJh8voa-QQnhYTzMtv-QhcLOBRySQMGBiPB0JNsRDdSUBFAoveTfoWXMvgKHJfYXle5tWaygDgTQzk1L5-F0pMT6oaMBcKkmV4VdAxlTT6rEkW5N1LJ_85kvWRjMeeMcX9Q6NaeL8567hzE9hMyIDB1lijcFW1CN0YLI-Jnk8qgglIEt3brwRmFw-NccXVG0jEQrJbRbFHZ83UcmhkVoQQeM4USOVNn8XCAzPE9-1ogAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16PGkyyfBNl9H--xO6tml5DCdzQQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f0ca343071723f2dc279a0c7df9b8c3bb20556501faa6df5c29bc8f8d0008477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=26626650
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2707
expires
Mon, 12 Jun 2023 04:48:35 GMT
img
pix.us.criteo.net/img/ Frame 6963 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=83857&q=80&r=0&u=https%3A%2F%2Fcdn.leibish.com%2Fmedia%2Fjewelry%2Fthumb_w470%2Fjewelry-27377r-ring-18k_gold-gold_all_white-0e6c5.jpg&v=3&w=400&s=x0YOspIa43bZAUc283NuiAVA&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3zMIaAooAAielbBINCih2UptgV-Few&u=%7Cb8DkHa3%2FizUnE8Uf4LGaeAjGFp%2FWuNxCZZsJYMg3WpM%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MhK7bu9yqYwflV60ZIaNn9jku4TIP6WGSmAzHY7aoRA8pwI_44QcHVzl-j8iNLf7A5RZLU8AUVDrriQ3dLntN6xcLCx3JQrqAg3IIoywVfLdYg9jywvCQxyD4fCWx-6R8_qcEAirfGm_D_9XHmAYhrT3KSLf2EY6nF7cxh0OK7tQzOC559EIfVAggRu_iP_2X3PPOU8VYm38IezKOnImeb8qkJzW173jWjt1kh5I5Uj2fbYbvNCtaIEjsUC6Jhptbuxs8vNXcQAoMficqDkNdckJw3FsfNX8iuTO56sLDk7dJiQyx2r-h1WFspR2gbYf7eY2gn43VOeKslYiAdd_SYbpqoIHMHdnAtyHeSmTepxPvyql5nay-j-O31OvMLntggvXXuBdTznw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBaQsR1nwYrO-J6iUoPMPlb2i8AGcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwHIAwKqBMMBT9Cp5bWjPmUB-h4GBjw4Puj0WdDJh8voa-QQnhYTzMtv-QhcLOBRySQMGBiPB0JNsRDdSUBFAoveTfoWXMvgKHJfYXle5tWaygDgTQzk1L5-F0pMT6oaMBcKkmV4VdAxlTT6rEkW5N1LJ_85kvWRjMeeMcX9Q6NaeL8567hzE9hMyIDB1lijcFW1CN0YLI-Jnk8qgglIEt3brwRmFw-NccXVG0jEQrJbRbFHZ83UcmhkVoQQeM4USOVNn8XCAzPE9-1ogAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16PGkyyfBNl9H--xO6tml5DCdzQQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
424983be23bc4bcd388da63b3647222bef56e36973ed9386c03377ab15c90261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1777414
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11410
expires
Sun, 28 Aug 2022 14:14:39 GMT
img
pix.us.criteo.net/img/ Frame 6963 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=83857&q=80&r=0&u=https%3A%2F%2Fcdn.leibish.com%2Fmedia%2Fjewelry%2Fthumb_w470%2Fjewelry-27861r-earrings-18k_gold-gold_all_white-3eb88.jpg&v=3&w=400&s=8rEhNQO-m4XNnLg7oAgDDSBO&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3zMIaAooAAielbBINCih2UptgV-Few&u=%7Cb8DkHa3%2FizUnE8Uf4LGaeAjGFp%2FWuNxCZZsJYMg3WpM%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MhK7bu9yqYwflV60ZIaNn9jku4TIP6WGSmAzHY7aoRA8pwI_44QcHVzl-j8iNLf7A5RZLU8AUVDrriQ3dLntN6xcLCx3JQrqAg3IIoywVfLdYg9jywvCQxyD4fCWx-6R8_qcEAirfGm_D_9XHmAYhrT3KSLf2EY6nF7cxh0OK7tQzOC559EIfVAggRu_iP_2X3PPOU8VYm38IezKOnImeb8qkJzW173jWjt1kh5I5Uj2fbYbvNCtaIEjsUC6Jhptbuxs8vNXcQAoMficqDkNdckJw3FsfNX8iuTO56sLDk7dJiQyx2r-h1WFspR2gbYf7eY2gn43VOeKslYiAdd_SYbpqoIHMHdnAtyHeSmTepxPvyql5nay-j-O31OvMLntggvXXuBdTznw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBaQsR1nwYrO-J6iUoPMPlb2i8AGcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwHIAwKqBMMBT9Cp5bWjPmUB-h4GBjw4Puj0WdDJh8voa-QQnhYTzMtv-QhcLOBRySQMGBiPB0JNsRDdSUBFAoveTfoWXMvgKHJfYXle5tWaygDgTQzk1L5-F0pMT6oaMBcKkmV4VdAxlTT6rEkW5N1LJ_85kvWRjMeeMcX9Q6NaeL8567hzE9hMyIDB1lijcFW1CN0YLI-Jnk8qgglIEt3brwRmFw-NccXVG0jEQrJbRbFHZ83UcmhkVoQQeM4USOVNn8XCAzPE9-1ogAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16PGkyyfBNl9H--xO6tml5DCdzQQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
3054b873b5da579c37e1acd0a12010765115894ec03cd028abbcad7edf269605
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1793969
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6286
expires
Sun, 28 Aug 2022 18:50:34 GMT
img
pix.us.criteo.net/img/ Frame 6963 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=83857&q=80&r=0&u=https%3A%2F%2Fcdn.leibish.com%2Fmedia%2Fjewelry%2Fthumb_w470%2Fjewelry-30843v-ring-18k_gold-gold_all_white-81ab0.jpg&v=3&w=400&s=I4cQa1ujhvW3SGJvIeMiUuoD&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3zMIaAooAAielbBINCih2UptgV-Few&u=%7Cb8DkHa3%2FizUnE8Uf4LGaeAjGFp%2FWuNxCZZsJYMg3WpM%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MhK7bu9yqYwflV60ZIaNn9jku4TIP6WGSmAzHY7aoRA8pwI_44QcHVzl-j8iNLf7A5RZLU8AUVDrriQ3dLntN6xcLCx3JQrqAg3IIoywVfLdYg9jywvCQxyD4fCWx-6R8_qcEAirfGm_D_9XHmAYhrT3KSLf2EY6nF7cxh0OK7tQzOC559EIfVAggRu_iP_2X3PPOU8VYm38IezKOnImeb8qkJzW173jWjt1kh5I5Uj2fbYbvNCtaIEjsUC6Jhptbuxs8vNXcQAoMficqDkNdckJw3FsfNX8iuTO56sLDk7dJiQyx2r-h1WFspR2gbYf7eY2gn43VOeKslYiAdd_SYbpqoIHMHdnAtyHeSmTepxPvyql5nay-j-O31OvMLntggvXXuBdTznw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBaQsR1nwYrO-J6iUoPMPlb2i8AGcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwHIAwKqBMMBT9Cp5bWjPmUB-h4GBjw4Puj0WdDJh8voa-QQnhYTzMtv-QhcLOBRySQMGBiPB0JNsRDdSUBFAoveTfoWXMvgKHJfYXle5tWaygDgTQzk1L5-F0pMT6oaMBcKkmV4VdAxlTT6rEkW5N1LJ_85kvWRjMeeMcX9Q6NaeL8567hzE9hMyIDB1lijcFW1CN0YLI-Jnk8qgglIEt3brwRmFw-NccXVG0jEQrJbRbFHZ83UcmhkVoQQeM4USOVNn8XCAzPE9-1ogAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16PGkyyfBNl9H--xO6tml5DCdzQQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
31977297dac769c2f20283cd42956e32d8462ef8d62d60fcbac1b17a06561291
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2019098
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
15572
expires
Wed, 31 Aug 2022 09:22:44 GMT
all
csm.us.criteo.net/ Frame 6963 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=DCShjXWGJ-uCIdgwj4Mi5pTKdSFUmqDVIgH6RVNdSajjbKXj8XRqe4OlccI91zxGyuL66nDOdPe5TxjAcDQWfPjvHQKAcsCzWmcKzcb5RLiA7CPJ6Zne6ihhy0BotGnMb4AGdRUW0rs0YdVlPi0prDYh3BQFq5hhzTyBAMRRFoCKur4upYJlnHajbx4b_1pwLYSTF_vWxEKTILLnQhijAGIY3MG59S57Q1T7apwe_g6cwto4PbhfennOZO-OgE9fK-q5PxC-MR4Wb19R&sds=2&rev=82344&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3zMIaAooAAielbBINCih2UptgV-Few&u=%7Cb8DkHa3%2FizUnE8Uf4LGaeAjGFp%2FWuNxCZZsJYMg3WpM%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MhK7bu9yqYwflV60ZIaNn9jku4TIP6WGSmAzHY7aoRA8pwI_44QcHVzl-j8iNLf7A5RZLU8AUVDrriQ3dLntN6xcLCx3JQrqAg3IIoywVfLdYg9jywvCQxyD4fCWx-6R8_qcEAirfGm_D_9XHmAYhrT3KSLf2EY6nF7cxh0OK7tQzOC559EIfVAggRu_iP_2X3PPOU8VYm38IezKOnImeb8qkJzW173jWjt1kh5I5Uj2fbYbvNCtaIEjsUC6Jhptbuxs8vNXcQAoMficqDkNdckJw3FsfNX8iuTO56sLDk7dJiQyx2r-h1WFspR2gbYf7eY2gn43VOeKslYiAdd_SYbpqoIHMHdnAtyHeSmTepxPvyql5nay-j-O31OvMLntggvXXuBdTznw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBaQsR1nwYrO-J6iUoPMPlb2i8AGcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwHIAwKqBMMBT9Cp5bWjPmUB-h4GBjw4Puj0WdDJh8voa-QQnhYTzMtv-QhcLOBRySQMGBiPB0JNsRDdSUBFAoveTfoWXMvgKHJfYXle5tWaygDgTQzk1L5-F0pMT6oaMBcKkmV4VdAxlTT6rEkW5N1LJ_85kvWRjMeeMcX9Q6NaeL8567hzE9hMyIDB1lijcFW1CN0YLI-Jnk8qgglIEt3brwRmFw-NccXVG0jEQrJbRbFHZ83UcmhkVoQQeM4USOVNn8XCAzPE9-1ogAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16PGkyyfBNl9H--xO6tml5DCdzQQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 08 Aug 2022 00:31:03 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6963 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3zMIaAooAAielbBINCih2UptgV-Few&u=%7Cb8DkHa3%2FizUnE8Uf4LGaeAjGFp%2FWuNxCZZsJYMg3WpM%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MhK7bu9yqYwflV60ZIaNn9jku4TIP6WGSmAzHY7aoRA8pwI_44QcHVzl-j8iNLf7A5RZLU8AUVDrriQ3dLntN6xcLCx3JQrqAg3IIoywVfLdYg9jywvCQxyD4fCWx-6R8_qcEAirfGm_D_9XHmAYhrT3KSLf2EY6nF7cxh0OK7tQzOC559EIfVAggRu_iP_2X3PPOU8VYm38IezKOnImeb8qkJzW173jWjt1kh5I5Uj2fbYbvNCtaIEjsUC6Jhptbuxs8vNXcQAoMficqDkNdckJw3FsfNX8iuTO56sLDk7dJiQyx2r-h1WFspR2gbYf7eY2gn43VOeKslYiAdd_SYbpqoIHMHdnAtyHeSmTepxPvyql5nay-j-O31OvMLntggvXXuBdTznw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBaQsR1nwYrO-J6iUoPMPlb2i8AGcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwHIAwKqBMMBT9Cp5bWjPmUB-h4GBjw4Puj0WdDJh8voa-QQnhYTzMtv-QhcLOBRySQMGBiPB0JNsRDdSUBFAoveTfoWXMvgKHJfYXle5tWaygDgTQzk1L5-F0pMT6oaMBcKkmV4VdAxlTT6rEkW5N1LJ_85kvWRjMeeMcX9Q6NaeL8567hzE9hMyIDB1lijcFW1CN0YLI-Jnk8qgglIEt3brwRmFw-NccXVG0jEQrJbRbFHZ83UcmhkVoQQeM4USOVNn8XCAzPE9-1ogAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16PGkyyfBNl9H--xO6tml5DCdzQQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 6963 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3zMIaAooAAielbBINCih2UptgV-Few&u=%7Cb8DkHa3%2FizUnE8Uf4LGaeAjGFp%2FWuNxCZZsJYMg3WpM%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MhK7bu9yqYwflV60ZIaNn9jku4TIP6WGSmAzHY7aoRA8pwI_44QcHVzl-j8iNLf7A5RZLU8AUVDrriQ3dLntN6xcLCx3JQrqAg3IIoywVfLdYg9jywvCQxyD4fCWx-6R8_qcEAirfGm_D_9XHmAYhrT3KSLf2EY6nF7cxh0OK7tQzOC559EIfVAggRu_iP_2X3PPOU8VYm38IezKOnImeb8qkJzW173jWjt1kh5I5Uj2fbYbvNCtaIEjsUC6Jhptbuxs8vNXcQAoMficqDkNdckJw3FsfNX8iuTO56sLDk7dJiQyx2r-h1WFspR2gbYf7eY2gn43VOeKslYiAdd_SYbpqoIHMHdnAtyHeSmTepxPvyql5nay-j-O31OvMLntggvXXuBdTznw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBaQsR1nwYrO-J6iUoPMPlb2i8AGcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwHIAwKqBMMBT9Cp5bWjPmUB-h4GBjw4Puj0WdDJh8voa-QQnhYTzMtv-QhcLOBRySQMGBiPB0JNsRDdSUBFAoveTfoWXMvgKHJfYXle5tWaygDgTQzk1L5-F0pMT6oaMBcKkmV4VdAxlTT6rEkW5N1LJ_85kvWRjMeeMcX9Q6NaeL8567hzE9hMyIDB1lijcFW1CN0YLI-Jnk8qgglIEt3brwRmFw-NccXVG0jEQrJbRbFHZ83UcmhkVoQQeM4USOVNn8XCAzPE9-1ogAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16PGkyyfBNl9H--xO6tml5DCdzQQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 00:31:04 GMT
css
fonts.googleapis.com/ Frame D174 		664 B
356 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 00:27:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 08 Aug 2022 00:31:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Aug 2022 00:31:04 GMT
css
fonts.googleapis.com/ Frame 2CB8 		664 B
356 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Aug 2022 23:16:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 08 Aug 2022 00:31:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Aug 2022 00:31:04 GMT
css
fonts.googleapis.com/ Frame 6963 		664 B
356 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Aug 2022 22:47:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 08 Aug 2022 00:31:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Aug 2022 00:31:04 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame D174 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 23:16:08 GMT
x-content-type-options
nosniff
age
522896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Aug 2023 23:16:08 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame 5B34 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 23:16:08 GMT
x-content-type-options
nosniff
age
522896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Aug 2023 23:16:08 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame 2CB8 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 23:16:08 GMT
x-content-type-options
nosniff
age
522896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Aug 2023 23:16:08 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame 6963 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 23:16:08 GMT
x-content-type-options
nosniff
age
522896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Aug 2023 23:16:08 GMT
img
pix.us.criteo.net/img/ Frame 5B34 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=92&m=0&partner=83857&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F82240%2F210225%2F2f2477e7e3ee4f8abe645188aa715ff5_leibish_logo.png&v=3&w=668&s=V9tHR8lN_8O4GRu2zu0uZqbM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3L8IaA6iAAcFn5rnXZcyQPm3T0iyZA&u=%7Cb8DkHa3%2FizVfKJHKu7B0Isv97JajqkjYaa7%2Bht5yc%2BA%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MyPEuabJ8EFsiEL6iHTKDBTV-GCkFAih2bg6OirWurEdEIusSTv92zPXupyRXMUR0xT67Z5jRDGKSK4igCbqu4tqsYSiFkseivGk0pG42_SAPT8ik44Mud-JH8Na7gptv3W7V5gnmPh_R4daIggRjG9Za1MPFBOAdBZTCnEUa1AwHtV1Kp7AYyx3yEIvQgAy-c_urtUDWf12BwXXmVa8A7zNTo1_HTaalYFqS3IRHMIdy9Lh66Oj2vCr-k_1iBeXNmcf5YmWwMHU500SIvJyF_eF6ny1qgDhHtjRbICQzwYU9_FiO5yI1biu8KvgW83my9nifW9YS-6t_kFokM7xPTKjGG3Ma_M58WMTmgbwwKrqQfPPj7McHvhcxLad4riWwebAWb9ORFLs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9aMOR1nwYr-5J6KdoPMPn4scnIHvsFyiyqeqdMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTU5MTM5ODk0MTQ4MzYzMDWgAazd_ugDyAEJqAMBqgTJAU_QAN1qZBicXb80vZInWpF3P_DjtfgpjbNSfNNgf_jtLVQ1AqF4TVBJNbbHayXxplUjblJ5cOXgiORmHZxMAlYd6eAEQ5tlSEsIOUiPdRXLGQSxUDIWbmYfCrToxOcNIp1SySet3c2KvFPE1a--h0OulFhQdEnVnhQlOTaRU9rIMY4HK6JHy5pKZOrRXPtujQ_GGkm_YTO9krzJeOShwQq-fU8xfVwdMjzrIXrx2mpJZ_etG4p_nQBn1aG34iNwiKOY8xFSWfBFeoAG-srwwcjd5LxIoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Nq0UQ2yUE9SYOuGO6Jkx2ezlcww%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f0ca343071723f2dc279a0c7df9b8c3bb20556501faa6df5c29bc8f8d0008477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=26626650
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2707
expires
Mon, 12 Jun 2023 04:48:35 GMT
smtr
contextual.media.net/ Frame 785E 		62 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=764724967&size=728x90&cc=US&sc=IL&chnm=HARMONY&pid=8POJ4N28G&tpid=TL388V6&https=1&vif=2&requrl=https%3A%2F%2Fwindow-rock-az.asbe.us&nse=5&vi=1659918664989404393&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&bae=B4zaaBag4/&bcpf=B8fOnRrolnfOur84zaaBag4%2F&bdrId=294&ntv=0&matchstring=hr%3D0%7C&kttle=SafeFrame%20Container&katpre=1&katbid=-102&pgid=p0727862344t202208080031&goent=1&htmlsrc=1&allsc=IL
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.220.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f8781c87c5b3a2576e97ebb86a634deb9f2283511fea22d21e6a615a04979d56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
25787
content-type
text/html
date
Mon, 08 Aug 2022 00:31:05 GMT
expires
Mon, 08 Aug 2022 00:31:05 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-sc-h
22-t44p
x-sc-w
22-sxm3
bping.php
lg3.media.net/ Frame 51DE 		35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=529&&vgd_cdv=772&gdpr=0&prid=8PRN625DH&cid=8CU5RJ1PV&crid=764724967&vi=1659918664989404393&ugd=4&lf=6&cc=US&sc=IL&lper=100&wsip=2886994965&r=1659918665173&requrl=https%3A%2F%2Fwindow-rock-az.asbe.us&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=20278&vgd_rakh=1659918664157532126&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_pgid=p0727862344t202208080031&vgd_pgids=1&vgd_uspa=0&hvsid=00001659918665170028075641952750&gdpr=0&vgd_end=1
Requested by
Host: 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
URL: https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Mon, 08 Aug 2022 00:31:05 GMT
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 08 Aug 2022 00:31:05 GMT
checksync.php
contextual.media.net/ Frame DE91 		26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
URL: https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.220.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
19911b349c35c9812b24c719b46daf7cedc857dc0577d499f7f3375f7880523a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9327
content-type
text/html; charset=UTF-8
date
Mon, 08 Aug 2022 00:31:05 GMT
expires
Wed, 10 Aug 2022 00:31:05 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 51DE 		35 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4311&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&ifst=0&vid=YvBZRwAN964IaA3l_g2Cxw&s_city=morganton&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D3%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=3&device_id=4&ae=false&mx_UCC=5&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.680&size=728x90&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=acbe1012&scrid=8032948058501&itypeid=17&mx_SPRIG=2&viewability=96&renderer=0&be=0&rtime=39.0&adj0=0.0&tmax=300&s_ip=74.125.19.6&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=YvBZRwAN964IaA3l_g2Cxw&sc=IL&sd=1&mowxReqId=cb7b48e10f894c1eb3c9f349f7de81f0_1&ifdp=0&requrl=https%3A%2F%2Fwindow-rock-az.asbe.us&bidrestime=1659918663986&pv_adtype=0&cc=US&strg=HARMONY&pcrid=8CU5RJ1PV-764724967-33-17&coppa_enf=true&bdp=0.680&ct=West+Chicago&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CHARMONY%7Cbrr%3D0&mx_epbc=8CU5RJ1PV&dnt_enf=false&mx_ssBucket=0&vls=0&asn=20278&mang=1&fleet=appnexus&mx_isLossNtf=false&advUrl=https%3A%2F%2Fsearch.yahoo.com&dn=window-rock-az.asbe.us&dt=O&acid=cb7b48e10f894c1eb3c9f349f7de81f0&actltime=45&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C16%7C48%7C17%7C114%7C18%7C19%7C20%7C22%7C25%7C26%7C27&dfpBd=0.435&sckfl=1&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-unknown&bfs=103&rfc=-1&prvApiId=8CU5RJ1PV&epcexp=false&pubid=pub-ADX-116310109131&mx_bsProfile=0&cid=8CUU9JF8H&bcrid=8032948058501&omul=1.0&res_mtype=0&apPrfs%3C%3E=60%23%2315%23%2313%23%2310&suid=CAESECEhtKdNXz8tcdntsz4Ow5Y&chnl=HARMONY&pst=0&reqsize=728x90&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-ADX-116310109131&__expireat=1659919264240&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=764724967&ckfl=0&lper=1&mx_tgs=728x90&cbdp=0.435&pvdTmax=247&ltime=45.0&epc=764724967&prvReqId=821606404963_777479965_11621109112941&zip=60185&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-5512390705137507&ybnca_erpm=0.68&brsrclk=0&sbdrid=196&rtttime=58&apTags%3C%3E=75&mx_PC=1&wsip=mowx-lite-7496fdf8bf-b5ksn&currsrc_date=2022-08-05+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-08-08+00%3A31%3A03&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.020&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=2&usp_enf=1&bidflr=0.020&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=294&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AHfbET4E3RdV-hxoIWZx4-NtYS8zskvzO_jms9bi22bJ3DIUAFP4sGUsILVo19xSf7vbB6WK&dmm_ogerpm=false&csip=rtb-appnexus-d5c4fdf8d-bt8cn.SC&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=east_sc&mx_aqcpl_crid=4&ogbdp=0.68&tpbTkn=false&adblk=2234238321&fpuReq=1&vcmplrt=-1.0&crid=116211091&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.020&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.68~vis_sd%3D181~url_rps_b%3D14.65~dc2%3D1~scd%3Dil~v_asn%3D20278~vl2r_sd%3D2022080711~iurl_b%3D685.72~url_tkc%3D0~url_r2a_b%3D0~std%3D~last%3D~vis_url_b%3D0.55~ip%3D340fEQ~fbb%3D0~vis_url_l%3D0~riipua%3D2%2C2~et%3D37~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022080716~vis_b%3D940.8~url_b%3D1.15~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D10~gcat%3D-1~bb%3D196~vv%3D0~cvl2r_sd%3D182~l2r_b%3D1000~erpm%3D0.68~vl2r_url_kc%3D0E0~bm%3D1~sid%3D764724967~sd%3D1~uid%3Dh8gqMicASkScYR4qX~url_rps_kc%3D0~cvl2r_b%3D1.11~btd%3D928377424425254323542091433674065103827970165565053492497661669541167117111296~cvl2%3D1.11~3pcf%3D999.98~uim%3D0~dmm_strg%3Dharmony~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D139.11~url_srps_b%3D14.65~CI%3D2715~nts%3D1~tb%3D-1~ct%3Dwest%20chicago~basis2%3D196~basis1%3D196~isRef%3D0~isif%3D0~lc%3D0~url_rpc_b%3D0~bid%3D0.68~dc%3D8~url_rps_rv%3D0~vl2r_b%3D5.15~supply_tag_id%3D%7Eviewability%3D0.96%7Eamp%3D1%7Ecbdp%3D0.680%7Edmm%3Dharmony%7Esuid%3DCAESECEhtKdNXz8tcdntsz4Ow5Y%7Esd%3D1%7Edtc%3Deast_sc%7Exid%3DADX-pub-5512390705137507%7Edalg%3D%7Ehtml%3D1%7Eadblk%3D2234238321%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.020%7Eogbid%3D0.680%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D35%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D728x90~bsb%3D0~bsp%3D0~tmx%3D247&utime=1197&sf=0&cpr=0.32894076630103286
Requested by
Host: 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
URL: https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
max-age=3600
date
Mon, 08 Aug 2022 00:31:05 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Mon, 08 Aug 2022 06:31:05 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E1F9 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
URL: https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3292
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 Aug 2022 23:36:13 GMT
etag
48472445140208031
expires
Mon, 08 Aug 2022 23:36:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7558 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst7ANGPKJpM-umAAR1D1PD-GjPO0eFQkVNlsRv9cmzqEX7TswwyYKWyigT85GKShulDwIt85uzy7DCBI303hg2T9Z6e&sig=Cg0ArKJSzJzTQGFw2a6bEAE&id=lidar2&mcvt=1050&p=0,0,280,728&mtos=1050,1050,1050,1050,1050&tos=1050,0,0,0,0&v=20220803&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1324227149&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1659918663530&rpt=633&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 51DE 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a93b0fed3fec46c5e43f0145479059e99bd4ffe9c9d039b6ad5e214473ce100

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
img
pix.us.criteo.net/img/ Frame 6963 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=92&m=0&partner=83857&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F82240%2F210225%2F2f2477e7e3ee4f8abe645188aa715ff5_leibish_logo.png&v=3&w=668&s=V9tHR8lN_8O4GRu2zu0uZqbM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3zMIaAooAAielbBINCih2UptgV-Few&u=%7Cb8DkHa3%2FizUnE8Uf4LGaeAjGFp%2FWuNxCZZsJYMg3WpM%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MhK7bu9yqYwflV60ZIaNn9jku4TIP6WGSmAzHY7aoRA8pwI_44QcHVzl-j8iNLf7A5RZLU8AUVDrriQ3dLntN6xcLCx3JQrqAg3IIoywVfLdYg9jywvCQxyD4fCWx-6R8_qcEAirfGm_D_9XHmAYhrT3KSLf2EY6nF7cxh0OK7tQzOC559EIfVAggRu_iP_2X3PPOU8VYm38IezKOnImeb8qkJzW173jWjt1kh5I5Uj2fbYbvNCtaIEjsUC6Jhptbuxs8vNXcQAoMficqDkNdckJw3FsfNX8iuTO56sLDk7dJiQyx2r-h1WFspR2gbYf7eY2gn43VOeKslYiAdd_SYbpqoIHMHdnAtyHeSmTepxPvyql5nay-j-O31OvMLntggvXXuBdTznw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBaQsR1nwYrO-J6iUoPMPlb2i8AGcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwHIAwKqBMMBT9Cp5bWjPmUB-h4GBjw4Puj0WdDJh8voa-QQnhYTzMtv-QhcLOBRySQMGBiPB0JNsRDdSUBFAoveTfoWXMvgKHJfYXle5tWaygDgTQzk1L5-F0pMT6oaMBcKkmV4VdAxlTT6rEkW5N1LJ_85kvWRjMeeMcX9Q6NaeL8567hzE9hMyIDB1lijcFW1CN0YLI-Jnk8qgglIEt3brwRmFw-NccXVG0jEQrJbRbFHZ83UcmhkVoQQeM4USOVNn8XCAzPE9-1ogAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16PGkyyfBNl9H--xO6tml5DCdzQQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f0ca343071723f2dc279a0c7df9b8c3bb20556501faa6df5c29bc8f8d0008477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=26626650
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2707
expires
Mon, 12 Jun 2023 04:48:35 GMT
img
pix.us.criteo.net/img/ Frame D174 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=83857&q=80&r=0&u=https%3A%2F%2Fcdn.leibish.com%2Fmedia%2Fjewelry%2Fthumb_w470%2Fjewelry-27377r-ring-18k_gold-gold_all_white-0e6c5.jpg&v=3&w=400&s=x0YOspIa43bZAUc283NuiAVA&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ4VEIaA4NAAi-t7jXpAIE7CPcgn5swA&u=%7Cb8DkHa3%2FizXifI8hdqNMwgmYjQB5rdz3lpS6de9iNcw%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MMe-JRpJ5GvdAwtDTxwS89kfagzzOxoKjOWnfOIVcRIJygB4kJ1EmsYgzvaFcJegMEB6gksyHR6RcZTOYg0bs_Ih3fI1m1WBnsEcyywHrn9AjLBpVQzAJbubjuTj_FNeKvon75XJGStnrPvE6srJ_a6y8OfGPQNlkhtuwiepKaDXZNBb7SDgBw3eyTweAli9W3rUaGCDAHPpc50b_0N2S0QNORu6ZuroA2Op8qtcPA3J4jLI3A0qd3hwJWBr1diT6uh_0cq22ZRhKBb_UKLjT26c3P2ZeqtsCD_ptoaPLh6NW7KJMMkSdN18Xuzab18qLcqkLSFsnqRCFAA2ER7WwDxqiD-nvBpIOdvNZjpfN7MQPqYoxmxTQcrOpK3qyTxxk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3xBrR1nwYtHCJ42coPMPt_2i6Aecge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9DEHsZXHYQt5GqZ9FJthGsZLyx7JcvX_xB4Cdsx3YR1ZSsGLVMrCP5ZOpSFdgKJ8cxQVdOf-CT_9IsMHQRp1Es3bT7fLF7NU70BBcVnB61ob8mmN2ZaeJa4pxLpnwqbUriQ5bDlNLju3Xs5tSqJJkIJZEbfPAxEQo-bLde_4l65cN6E86N538BtAtbuJrpSUym3hIdxUTH_ChmPKs70u5HE4mbbHdjk7p8LfOFPQWw9zaoIC7JZZltYZn5lhRXMOkzdd_05lw4fgAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JHxkHxLH_Rzwt_lol2R-rZ6T_CQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
424983be23bc4bcd388da63b3647222bef56e36973ed9386c03377ab15c90261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1777414
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11410
expires
Sun, 28 Aug 2022 14:14:39 GMT
img
pix.us.criteo.net/img/ Frame 5B34 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=83857&q=80&r=0&u=https%3A%2F%2Fcdn.leibish.com%2Fmedia%2Fjewelry%2Fthumb_w470%2Fjewelry-27861r-earrings-18k_gold-gold_all_white-3eb88.jpg&v=3&w=400&s=8rEhNQO-m4XNnLg7oAgDDSBO&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3L8IaA6iAAcFn5rnXZcyQPm3T0iyZA&u=%7Cb8DkHa3%2FizVfKJHKu7B0Isv97JajqkjYaa7%2Bht5yc%2BA%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MyPEuabJ8EFsiEL6iHTKDBTV-GCkFAih2bg6OirWurEdEIusSTv92zPXupyRXMUR0xT67Z5jRDGKSK4igCbqu4tqsYSiFkseivGk0pG42_SAPT8ik44Mud-JH8Na7gptv3W7V5gnmPh_R4daIggRjG9Za1MPFBOAdBZTCnEUa1AwHtV1Kp7AYyx3yEIvQgAy-c_urtUDWf12BwXXmVa8A7zNTo1_HTaalYFqS3IRHMIdy9Lh66Oj2vCr-k_1iBeXNmcf5YmWwMHU500SIvJyF_eF6ny1qgDhHtjRbICQzwYU9_FiO5yI1biu8KvgW83my9nifW9YS-6t_kFokM7xPTKjGG3Ma_M58WMTmgbwwKrqQfPPj7McHvhcxLad4riWwebAWb9ORFLs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9aMOR1nwYr-5J6KdoPMPn4scnIHvsFyiyqeqdMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTU5MTM5ODk0MTQ4MzYzMDWgAazd_ugDyAEJqAMBqgTJAU_QAN1qZBicXb80vZInWpF3P_DjtfgpjbNSfNNgf_jtLVQ1AqF4TVBJNbbHayXxplUjblJ5cOXgiORmHZxMAlYd6eAEQ5tlSEsIOUiPdRXLGQSxUDIWbmYfCrToxOcNIp1SySet3c2KvFPE1a--h0OulFhQdEnVnhQlOTaRU9rIMY4HK6JHy5pKZOrRXPtujQ_GGkm_YTO9krzJeOShwQq-fU8xfVwdMjzrIXrx2mpJZ_etG4p_nQBn1aG34iNwiKOY8xFSWfBFeoAG-srwwcjd5LxIoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Nq0UQ2yUE9SYOuGO6Jkx2ezlcww%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
3054b873b5da579c37e1acd0a12010765115894ec03cd028abbcad7edf269605
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1793969
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6286
expires
Sun, 28 Aug 2022 18:50:34 GMT
img
pix.us.criteo.net/img/ Frame 5B34 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=83857&q=80&r=0&u=https%3A%2F%2Fcdn.leibish.com%2Fmedia%2Fjewelry%2Fthumb_w470%2Fjewelry-27377r-ring-18k_gold-gold_all_white-0e6c5.jpg&v=3&w=400&s=x0YOspIa43bZAUc283NuiAVA&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3L8IaA6iAAcFn5rnXZcyQPm3T0iyZA&u=%7Cb8DkHa3%2FizVfKJHKu7B0Isv97JajqkjYaa7%2Bht5yc%2BA%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MyPEuabJ8EFsiEL6iHTKDBTV-GCkFAih2bg6OirWurEdEIusSTv92zPXupyRXMUR0xT67Z5jRDGKSK4igCbqu4tqsYSiFkseivGk0pG42_SAPT8ik44Mud-JH8Na7gptv3W7V5gnmPh_R4daIggRjG9Za1MPFBOAdBZTCnEUa1AwHtV1Kp7AYyx3yEIvQgAy-c_urtUDWf12BwXXmVa8A7zNTo1_HTaalYFqS3IRHMIdy9Lh66Oj2vCr-k_1iBeXNmcf5YmWwMHU500SIvJyF_eF6ny1qgDhHtjRbICQzwYU9_FiO5yI1biu8KvgW83my9nifW9YS-6t_kFokM7xPTKjGG3Ma_M58WMTmgbwwKrqQfPPj7McHvhcxLad4riWwebAWb9ORFLs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9aMOR1nwYr-5J6KdoPMPn4scnIHvsFyiyqeqdMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTU5MTM5ODk0MTQ4MzYzMDWgAazd_ugDyAEJqAMBqgTJAU_QAN1qZBicXb80vZInWpF3P_DjtfgpjbNSfNNgf_jtLVQ1AqF4TVBJNbbHayXxplUjblJ5cOXgiORmHZxMAlYd6eAEQ5tlSEsIOUiPdRXLGQSxUDIWbmYfCrToxOcNIp1SySet3c2KvFPE1a--h0OulFhQdEnVnhQlOTaRU9rIMY4HK6JHy5pKZOrRXPtujQ_GGkm_YTO9krzJeOShwQq-fU8xfVwdMjzrIXrx2mpJZ_etG4p_nQBn1aG34iNwiKOY8xFSWfBFeoAG-srwwcjd5LxIoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Nq0UQ2yUE9SYOuGO6Jkx2ezlcww%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
424983be23bc4bcd388da63b3647222bef56e36973ed9386c03377ab15c90261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:05 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1777414
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11410
expires
Sun, 28 Aug 2022 14:14:39 GMT
pixel
cm.g.doubleclick.net/ Frame E1F9
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEEQ0oZDVaV_YsU5Y4dla2MU&google_cver=1&google_push=AehlK4BigguuKOTwDoIVDiJoQTS2X5m8vtpIa3cwyRV_F_QnhyQfFN3n8wl07m8n1rfN2IcE9pV8X8YHlQ5ERPeQZNEXql-qQTAAPp...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BA719D7C095F4E64B572FA4911F2F29D&google_push=AehlK4BigguuKOTwDoIVDiJoQTS2X5m8vtpIa3cwyRV_F_QnhyQfFN3n8wl07m8n1rfN2IcE9pV8X8YHlQ5ERPe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BA719D7C095F4E64B572FA4911F2F29D&google_push=AehlK4BigguuKOTwDoIVDiJoQTS2X5m8vtpIa3cwyRV_F_QnhyQfFN3n8wl07m8n1rfN2IcE9pV8X8YHlQ5ERPeQZNEXql-qQTAAPpUa-Qvw-ocZU5YnlCwlMTpfXDVGuArYg0tnqsf6HpY
Requested by
Host: 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
URL: https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 08 Aug 2022 00:31:05 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BA719D7C095F4E64B572FA4911F2F29D&google_push=AehlK4BigguuKOTwDoIVDiJoQTS2X5m8vtpIa3cwyRV_F_QnhyQfFN3n8wl07m8n1rfN2IcE9pV8X8YHlQ5ERPeQZNEXql-qQTAAPpUa-Qvw-ocZU5YnlCwlMTpfXDVGuArYg0tnqsf6HpY
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 07 Aug 2022 00:31:05 GMT
pixel
cm.g.doubleclick.net/ Frame E1F9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPI93T7Rnlr7s7iMss4telQ&google_cver=1&google_push=AehlK4Bcz-pyzA89peuPDkJstLzRHSZyJM6WXfhu1lBng3pe_pyQJJWzficLhZEyNbsQfmdBUMJyKsmOpTFfyZpNhL...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEPI93T7Rnlr7s7iMss4telQ&google_cver=1&google_push=AehlK4Bcz-pyzA89peuPDkJstLzRHSZyJM6WXfhu1lBng3pe_pyQJJWzficLhZEyNbsQfmdBUMJyKsmOpTFfyZpNhL...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NjdjYmVkMjktZTQ2OS00N2RjLWFlMzQtYjNlZTZmNjI5MmIy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=67cbed29-e469-47dc-ae34-b3ee6f6292b2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NjdjYmVkMjktZTQ2OS00N2RjLWFlMzQtYjNlZTZmNjI5MmIy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=67cbed29-e469-47dc-ae34-b3ee6f6292b2
Requested by
Host: 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
URL: https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NjdjYmVkMjktZTQ2OS00N2RjLWFlMzQtYjNlZTZmNjI5MmIy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=67cbed29-e469-47dc-ae34-b3ee6f6292b2
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
pixel
cm.g.doubleclick.net/ Frame E1F9
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEN2n5Kn7dFImEqxpOOvHl3Y&google_cver=1&google_push=AehlK4CvUDtX9mjjp0hMZ9lsSpkbNzIAOWYmbIhLY9fUh3cS8oWoJ9rxy5A-B0O3uEUVDBdVBQVQk8Fp2AoK...
  • https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AehlK4CvUDtX9mjjp0hMZ9lsSpkbNzIAOWYmbIhLY9fUh3cS8oWoJ9rxy5A-B0O3uEUVDBdVBQVQk8Fp2AoK09pHvXgbcDXwSpfmrosGmxkmWdFEdJTGUgbot60Mp4Xaxo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AehlK4CvUDtX9mjjp0hMZ9lsSpkbNzIAOWYmbIhLY9fUh3cS8oWoJ9rxy5A-B0O3uEUVDBdVBQVQk8Fp2AoK09pHvXgbcDXwSpfmrosGmxkmWdFEdJTGUgbot60Mp4XaxoFp0U_gWw5SvSE
Requested by
Host: 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
URL: https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Aug 2022 00:31:05 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AehlK4CvUDtX9mjjp0hMZ9lsSpkbNzIAOWYmbIhLY9fUh3cS8oWoJ9rxy5A-B0O3uEUVDBdVBQVQk8Fp2AoK09pHvXgbcDXwSpfmrosGmxkmWdFEdJTGUgbot60Mp4XaxoFp0U_gWw5SvSE
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
237
Expires
Tue, 29 May 1984 15:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E1F9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPI6cyx4edlN0X_v-MZVDGM&google_cver=1&google_push=AehlK4DJiaj0Str0d2MyudG6C1vTR3GkRgN_rbexO_9fcrUeQ-DRrsEahRJ-EivCVNIz-2Z9Plzhs3B6...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPI6cyx4edlN0X_v-MZVDGM&google_cver=1&google_push=AehlK4DJiaj0Str0d2MyudG6C1vTR3GkRgN_rbexO_9fcrUeQ-DRrsEahRJ-EivCVNIz-2Z9Plz...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDcxNDA2MzEzNTY3NDA0NDYwNw&google_push=AehlK4DJiaj0Str0d2MyudG6C1vTR3GkRgN_rbexO_9fcrUeQ-DRrsEahRJ-EivCVNIz-2Z9Plzhs3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDcxNDA2MzEzNTY3NDA0NDYwNw&google_push=AehlK4DJiaj0Str0d2MyudG6C1vTR3GkRgN_rbexO_9fcrUeQ-DRrsEahRJ-EivCVNIz-2Z9Plzhs3B68zBz3ym0VFRIVEEPovleD1vf6b8Dvb3uh-uKWORhf9nzisKS_lRYL35D-7W1AjQ
Requested by
Host: 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
URL: https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:05 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDcxNDA2MzEzNTY3NDA0NDYwNw&google_push=AehlK4DJiaj0Str0d2MyudG6C1vTR3GkRgN_rbexO_9fcrUeQ-DRrsEahRJ-EivCVNIz-2Z9Plzhs3B68zBz3ym0VFRIVEEPovleD1vf6b8Dvb3uh-uKWORhf9nzisKS_lRYL35D-7W1AjQ
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame E1F9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI9f8WqU6NCZdBcfxJf883U&google_cver=1&google_push=AehlK4B-FRRsq0sd_6_SXZ52P96HuxqAH3rOh-zu0ffKO6uRmhlIVWOW2NwB3pIp7gqewqclQ4S...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZLMFBSREktMTEtM1lHSw==&google_push=AehlK4B-FRRsq0sd_6_SXZ52P96HuxqAH3rOh-zu0ffKO6uRmhlIVWOW2NwB3pIp7gqewqclQ4S5-jcqkEFE0Sy7WlQ-EflNeFdu6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZLMFBSREktMTEtM1lHSw==&google_push=AehlK4B-FRRsq0sd_6_SXZ52P96HuxqAH3rOh-zu0ffKO6uRmhlIVWOW2NwB3pIp7gqewqclQ4S5-jcqkEFE0Sy7WlQ-EflNeFdu6GqenYaoUeavqhX0fw4oZIMdqEaYvVqGzNbdfooSoZI
Requested by
Host: 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
URL: https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZLMFBSREktMTEtM1lHSw==&google_push=AehlK4B-FRRsq0sd_6_SXZ52P96HuxqAH3rOh-zu0ffKO6uRmhlIVWOW2NwB3pIp7gqewqclQ4S5-jcqkEFE0Sy7WlQ-EflNeFdu6GqenYaoUeavqhX0fw4oZIMdqEaYvVqGzNbdfooSoZI
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Expires
0
pixel
cm.g.doubleclick.net/ Frame E1F9
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEL3_ho7Qg3fb7B1Gl_FdCA4&google_cver=1&google_push=AehlK4BIGUU9JSD_QdvzQ8ef8EyP2-JQYfMSLk3SnLeYdW7LmimjAR4dZH1mvkP1tOwTupc_jgLP_LmIgOPKTszBNldNkmAWV81WO...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4BIGUU9JSD_QdvzQ8ef8EyP2-JQYfMSLk3SnLeYdW7LmimjAR4dZH1mvkP1tOwTupc_jgLP_LmIgOPKTszBNldNkmAWV81WOondBmY2XemYrZ2-Pe_7yT9aMzP60g...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4BIGUU9JSD_QdvzQ8ef8EyP2-JQYfMSLk3SnLeYdW7LmimjAR4dZH1mvkP1tOwTupc_jgLP_LmIgOPKTszBNldNkmAWV81WOondBmY2XemYrZ2-Pe_7yT9aMzP60gnVmXvvZ1J-Kw&google_hm=bce3aa7b5d7e0978a30414c5784aca1c
Requested by
Host: 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
URL: https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4BIGUU9JSD_QdvzQ8ef8EyP2-JQYfMSLk3SnLeYdW7LmimjAR4dZH1mvkP1tOwTupc_jgLP_LmIgOPKTszBNldNkmAWV81WOondBmY2XemYrZ2-Pe_7yT9aMzP60gnVmXvvZ1J-Kw&google_hm=bce3aa7b5d7e0978a30414c5784aca1c
date
Mon, 08 Aug 2022 00:31:05 GMT
server
nginx
content-type
text/html; charset=UTF-8
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pixel
cm.g.doubleclick.net/ Frame E1F9
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESECNOzC10GIzJFVJrd1eosKM&google_cver=1&google_push=AehlK4CNU9xkbppVP0PKrlwzgwjWG-QADP6kTdtyBqLI6TyCUTzXeqMKAc603IJpKdUDH-GcrJXu...
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESECNOzC10GIzJFVJrd1eosKM&google_cver=1&google_push=AehlK4CNU9xkbppVP0PKrlwzgwjWG-QADP6kTdtyBqLI6TyCUTzXeqMKAc603IJpKdUDH-...
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=zE5_3erYRU25Gcq0Q_i8cQ==&no_redirect=1&google_push=AehlK4CNU9xkbppVP0PKrlwzgwjWG-QADP6kTdtyBqLI6TyCUTzXeq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=zE5_3erYRU25Gcq0Q_i8cQ==&no_redirect=1&google_push=AehlK4CNU9xkbppVP0PKrlwzgwjWG-QADP6kTdtyBqLI6TyCUTzXeqMKAc603IJpKdUDH-GcrJXuFl3IvRDBHpAxd4U_wwnzpJn9XdyfhUDfm0L2StlX0UptF5Lq64D5pm_L-SD-VwZWFgw
Requested by
Host: 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
URL: https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=zE5_3erYRU25Gcq0Q_i8cQ==&no_redirect=1&google_push=AehlK4CNU9xkbppVP0PKrlwzgwjWG-QADP6kTdtyBqLI6TyCUTzXeqMKAc603IJpKdUDH-GcrJXuFl3IvRDBHpAxd4U_wwnzpJn9XdyfhUDfm0L2StlX0UptF5Lq64D5pm_L-SD-VwZWFgw
date
Mon, 08 Aug 2022 00:31:05 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
attr
cm.g.doubleclick.net/pixel/ Frame E1F9 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LHXPHalji-BfkQ5pI_jMfepjiPs2JmwluQbub7Y0Sj0X0MtSnbI7dF3rkv8fpXAMFYX2AWvg
Requested by
Host: 7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
URL: https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
img
pix.us.criteo.net/img/ Frame D174 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=92&m=0&partner=83857&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F82240%2F210225%2F2f2477e7e3ee4f8abe645188aa715ff5_leibish_logo.png&v=3&w=668&s=V9tHR8lN_8O4GRu2zu0uZqbM
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ4VEIaA4NAAi-t7jXpAIE7CPcgn5swA&u=%7Cb8DkHa3%2FizXifI8hdqNMwgmYjQB5rdz3lpS6de9iNcw%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MMe-JRpJ5GvdAwtDTxwS89kfagzzOxoKjOWnfOIVcRIJygB4kJ1EmsYgzvaFcJegMEB6gksyHR6RcZTOYg0bs_Ih3fI1m1WBnsEcyywHrn9AjLBpVQzAJbubjuTj_FNeKvon75XJGStnrPvE6srJ_a6y8OfGPQNlkhtuwiepKaDXZNBb7SDgBw3eyTweAli9W3rUaGCDAHPpc50b_0N2S0QNORu6ZuroA2Op8qtcPA3J4jLI3A0qd3hwJWBr1diT6uh_0cq22ZRhKBb_UKLjT26c3P2ZeqtsCD_ptoaPLh6NW7KJMMkSdN18Xuzab18qLcqkLSFsnqRCFAA2ER7WwDxqiD-nvBpIOdvNZjpfN7MQPqYoxmxTQcrOpK3qyTxxk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3xBrR1nwYtHCJ42coPMPt_2i6Aecge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9DEHsZXHYQt5GqZ9FJthGsZLyx7JcvX_xB4Cdsx3YR1ZSsGLVMrCP5ZOpSFdgKJ8cxQVdOf-CT_9IsMHQRp1Es3bT7fLF7NU70BBcVnB61ob8mmN2ZaeJa4pxLpnwqbUriQ5bDlNLju3Xs5tSqJJkIJZEbfPAxEQo-bLde_4l65cN6E86N538BtAtbuJrpSUym3hIdxUTH_ChmPKs70u5HE4mbbHdjk7p8LfOFPQWw9zaoIC7JZZltYZn5lhRXMOkzdd_05lw4fgAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JHxkHxLH_Rzwt_lol2R-rZ6T_CQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f0ca343071723f2dc279a0c7df9b8c3bb20556501faa6df5c29bc8f8d0008477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=26626650
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2707
expires
Mon, 12 Jun 2023 04:48:35 GMT
img
pix.us.criteo.net/img/ Frame 6963 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=83857&q=80&r=0&u=https%3A%2F%2Fcdn.leibish.com%2Fmedia%2Fjewelry%2Fthumb_w470%2Fjewelry-27377r-ring-18k_gold-gold_all_white-0e6c5.jpg&v=3&w=400&s=x0YOspIa43bZAUc283NuiAVA&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3zMIaAooAAielbBINCih2UptgV-Few&u=%7Cb8DkHa3%2FizUnE8Uf4LGaeAjGFp%2FWuNxCZZsJYMg3WpM%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MhK7bu9yqYwflV60ZIaNn9jku4TIP6WGSmAzHY7aoRA8pwI_44QcHVzl-j8iNLf7A5RZLU8AUVDrriQ3dLntN6xcLCx3JQrqAg3IIoywVfLdYg9jywvCQxyD4fCWx-6R8_qcEAirfGm_D_9XHmAYhrT3KSLf2EY6nF7cxh0OK7tQzOC559EIfVAggRu_iP_2X3PPOU8VYm38IezKOnImeb8qkJzW173jWjt1kh5I5Uj2fbYbvNCtaIEjsUC6Jhptbuxs8vNXcQAoMficqDkNdckJw3FsfNX8iuTO56sLDk7dJiQyx2r-h1WFspR2gbYf7eY2gn43VOeKslYiAdd_SYbpqoIHMHdnAtyHeSmTepxPvyql5nay-j-O31OvMLntggvXXuBdTznw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBaQsR1nwYrO-J6iUoPMPlb2i8AGcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwHIAwKqBMMBT9Cp5bWjPmUB-h4GBjw4Puj0WdDJh8voa-QQnhYTzMtv-QhcLOBRySQMGBiPB0JNsRDdSUBFAoveTfoWXMvgKHJfYXle5tWaygDgTQzk1L5-F0pMT6oaMBcKkmV4VdAxlTT6rEkW5N1LJ_85kvWRjMeeMcX9Q6NaeL8567hzE9hMyIDB1lijcFW1CN0YLI-Jnk8qgglIEt3brwRmFw-NccXVG0jEQrJbRbFHZ83UcmhkVoQQeM4USOVNn8XCAzPE9-1ogAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16PGkyyfBNl9H--xO6tml5DCdzQQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
424983be23bc4bcd388da63b3647222bef56e36973ed9386c03377ab15c90261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1777414
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11410
expires
Sun, 28 Aug 2022 14:14:39 GMT
img
pix.us.criteo.net/img/ Frame D174 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=83857&q=80&r=0&u=https%3A%2F%2Fcdn.leibish.com%2Fmedia%2Fjewelry%2Fthumb_w470%2Fjewelry-27861r-earrings-18k_gold-gold_all_white-3eb88.jpg&v=3&w=400&s=8rEhNQO-m4XNnLg7oAgDDSBO&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ4VEIaA4NAAi-t7jXpAIE7CPcgn5swA&u=%7Cb8DkHa3%2FizXifI8hdqNMwgmYjQB5rdz3lpS6de9iNcw%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MMe-JRpJ5GvdAwtDTxwS89kfagzzOxoKjOWnfOIVcRIJygB4kJ1EmsYgzvaFcJegMEB6gksyHR6RcZTOYg0bs_Ih3fI1m1WBnsEcyywHrn9AjLBpVQzAJbubjuTj_FNeKvon75XJGStnrPvE6srJ_a6y8OfGPQNlkhtuwiepKaDXZNBb7SDgBw3eyTweAli9W3rUaGCDAHPpc50b_0N2S0QNORu6ZuroA2Op8qtcPA3J4jLI3A0qd3hwJWBr1diT6uh_0cq22ZRhKBb_UKLjT26c3P2ZeqtsCD_ptoaPLh6NW7KJMMkSdN18Xuzab18qLcqkLSFsnqRCFAA2ER7WwDxqiD-nvBpIOdvNZjpfN7MQPqYoxmxTQcrOpK3qyTxxk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3xBrR1nwYtHCJ42coPMPt_2i6Aecge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMkBT9DEHsZXHYQt5GqZ9FJthGsZLyx7JcvX_xB4Cdsx3YR1ZSsGLVMrCP5ZOpSFdgKJ8cxQVdOf-CT_9IsMHQRp1Es3bT7fLF7NU70BBcVnB61ob8mmN2ZaeJa4pxLpnwqbUriQ5bDlNLju3Xs5tSqJJkIJZEbfPAxEQo-bLde_4l65cN6E86N538BtAtbuJrpSUym3hIdxUTH_ChmPKs70u5HE4mbbHdjk7p8LfOFPQWw9zaoIC7JZZltYZn5lhRXMOkzdd_05lw4fgAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JHxkHxLH_Rzwt_lol2R-rZ6T_CQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
3054b873b5da579c37e1acd0a12010765115894ec03cd028abbcad7edf269605
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1793969
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6286
expires
Sun, 28 Aug 2022 18:50:34 GMT
img
pix.us.criteo.net/img/ Frame 6963 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=83857&q=80&r=0&u=https%3A%2F%2Fcdn.leibish.com%2Fmedia%2Fjewelry%2Fthumb_w470%2Fjewelry-27861r-earrings-18k_gold-gold_all_white-3eb88.jpg&v=3&w=400&s=8rEhNQO-m4XNnLg7oAgDDSBO&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3zMIaAooAAielbBINCih2UptgV-Few&u=%7Cb8DkHa3%2FizUnE8Uf4LGaeAjGFp%2FWuNxCZZsJYMg3WpM%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MhK7bu9yqYwflV60ZIaNn9jku4TIP6WGSmAzHY7aoRA8pwI_44QcHVzl-j8iNLf7A5RZLU8AUVDrriQ3dLntN6xcLCx3JQrqAg3IIoywVfLdYg9jywvCQxyD4fCWx-6R8_qcEAirfGm_D_9XHmAYhrT3KSLf2EY6nF7cxh0OK7tQzOC559EIfVAggRu_iP_2X3PPOU8VYm38IezKOnImeb8qkJzW173jWjt1kh5I5Uj2fbYbvNCtaIEjsUC6Jhptbuxs8vNXcQAoMficqDkNdckJw3FsfNX8iuTO56sLDk7dJiQyx2r-h1WFspR2gbYf7eY2gn43VOeKslYiAdd_SYbpqoIHMHdnAtyHeSmTepxPvyql5nay-j-O31OvMLntggvXXuBdTznw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBaQsR1nwYrO-J6iUoPMPlb2i8AGcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwHIAwKqBMMBT9Cp5bWjPmUB-h4GBjw4Puj0WdDJh8voa-QQnhYTzMtv-QhcLOBRySQMGBiPB0JNsRDdSUBFAoveTfoWXMvgKHJfYXle5tWaygDgTQzk1L5-F0pMT6oaMBcKkmV4VdAxlTT6rEkW5N1LJ_85kvWRjMeeMcX9Q6NaeL8567hzE9hMyIDB1lijcFW1CN0YLI-Jnk8qgglIEt3brwRmFw-NccXVG0jEQrJbRbFHZ83UcmhkVoQQeM4USOVNn8XCAzPE9-1ogAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16PGkyyfBNl9H--xO6tml5DCdzQQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
3054b873b5da579c37e1acd0a12010765115894ec03cd028abbcad7edf269605
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1793969
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6286
expires
Sun, 28 Aug 2022 18:50:34 GMT
cksync
cs.media.net/ Frame DE91
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzAyOTIwMjY1NjQxOTU1MDAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIQ0LziIHD6DGxHd_Lry2qA&google_cver=1
45 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIQ0LziIHD6DGxHd_Lry2qA&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 08 Aug 2022 00:31:05 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIQ0LziIHD6DGxHd_Lry2qA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 785E 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 785E 		231 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6c1f8a31c1ffac719a6930db183e077fce4b40877d67aeabef1f2532bc04bb6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 785E 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
OpenSans_Bold.woff
res-a.akamaihd.net/__media__/fonts/OpenSans_Bold/ Frame 785E 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/OpenSans_Bold/OpenSans_Bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=764724967&size=728x90&cc=US&sc=IL&chnm=HARMONY&pid=8POJ4N28G&tpid=TL388V6&https=1&vif=2&requrl=https%3A%2F%2Fwindow-rock-az.asbe.us&nse=5&vi=1659918664989404393&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&bae=B4zaaBag4/&bcpf=B8fOnRrolnfOur84zaaBag4%2F&bdrId=294&ntv=0&matchstring=hr%3D0%7C&kttle=SafeFrame%20Container&katpre=1&katbid=-102&pgid=p0727862344t202208080031&goent=1&htmlsrc=1&allsc=IL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.117.182.24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07

Request headers

Referer
https://contextual.media.net/
Origin
https://contextual.media.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Unused62
8096267
Date
Mon, 08 Aug 2022 00:31:05 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-6478"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25720
OpenSans_Semibold.woff
res-a.akamaihd.net/__media__/fonts/OpenSans_Semibold/ Frame 785E 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/OpenSans_Semibold/OpenSans_Semibold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=764724967&size=728x90&cc=US&sc=IL&chnm=HARMONY&pid=8POJ4N28G&tpid=TL388V6&https=1&vif=2&requrl=https%3A%2F%2Fwindow-rock-az.asbe.us&nse=5&vi=1659918664989404393&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&bae=B4zaaBag4/&bcpf=B8fOnRrolnfOur84zaaBag4%2F&bdrId=294&ntv=0&matchstring=hr%3D0%7C&kttle=SafeFrame%20Container&katpre=1&katbid=-102&pgid=p0727862344t202208080031&goent=1&htmlsrc=1&allsc=IL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.117.182.24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135

Request headers

Referer
https://contextual.media.net/
Origin
https://contextual.media.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Unused62
8096267
Date
Mon, 08 Aug 2022 00:31:05 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-54c8"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21704
OpenSans-Regular.woff
res-a.akamaihd.net/__media__/fonts/OpenSans-Regular/ Frame 785E 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/OpenSans-Regular/OpenSans-Regular.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=764724967&size=728x90&cc=US&sc=IL&chnm=HARMONY&pid=8POJ4N28G&tpid=TL388V6&https=1&vif=2&requrl=https%3A%2F%2Fwindow-rock-az.asbe.us&nse=5&vi=1659918664989404393&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&bae=B4zaaBag4/&bcpf=B8fOnRrolnfOur84zaaBag4%2F&bdrId=294&ntv=0&matchstring=hr%3D0%7C&kttle=SafeFrame%20Container&katpre=1&katbid=-102&pgid=p0727862344t202208080031&goent=1&htmlsrc=1&allsc=IL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.117.182.24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5256d55a499ecb71f04dd716cfdf75bf9fe5f863620ec6634e3b43b4e6b11fd8

Request headers

Referer
https://contextual.media.net/
Origin
https://contextual.media.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Unused62
8096267
Date
Mon, 08 Aug 2022 00:31:05 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-107c8"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
67528
all
csm.us.criteo.net/ Frame 2D0D 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=MxAZnHWGJ-uCIdgwk-rDyxhuN6AfMmtUgR-mjs6Oc6cr4VXAWAMLCW27NXlwW3OenO4BBGMoDtD5t6yaY7x-2imJSjKPhXRv42QqaZv-i0z2_CYeJdxwcks8yxZmUkco9M0xCAhLdXkc5VNt3UP6kzz_JBRJvtMj-7efO66odm9PUblCTN68RgLCONjPEy2LlbxowCUSXMG5nOp11igb2bem7rpM8XU4n0e2paUTpnnkwOE08pzhcVdfAEPkLd2m9Axw6A1ko7-V8iYm&sds=2&rev=82344&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3CcIaArqAA8Qk1m3lBBgaroolJl5ZQ&u=%7Cb8DkHa3%2FizVAnMxfGXL6stWUxHVT2%2BY03r4dbVW5d8Q%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdiOaeXUa_BrlZgdlqjxaCfARhT6TV4FTHDOks4gc_D2GZNhhU5y6huCU0jSZZaEdPnyMMQD5E-8h8hJyHaGpbAOuauuQjcyrJDfLsWduNYs2VyZ81wQcF2LdEnj-W3UyxDfjHOwJjSQznMhvZYyu3DN6V82HgUocPNFzo_ikY9EXQyUOv9SAqW3sUG1dqzocDxJWt6B9r5d6N-FUf1Tx33Hm8WOuWu_ZZdWhdLJXJx6pBvhqeSqZDQ1ZeQZbIjk8xGSvItnoN_D18eH3urYW5m0k2hpV7sPgaYJdoEW4AOOCHjehRcsrlXQk6ofXLj-Tjau9ephfGnUBNWAb9RiZ_P5ksV-LbPmdZkwp88YSmJtQWCw6CS1CCweC0WrunQkGma3O8VonYpbfDzVeBLVjxn4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeuVFR1nwYqe4J-qVoPMPk6G8GJyB77Bckpq3jKcBwI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwGqBMMBT9DinJxm4raScagD1_OAB1vMlNbJJhxSo7VhTgWJheSs2y9p-3vBzd47WlOb3-3_NNem_ZGBrJLEB4LfMPvFnYe46jmHt9aQk8iu8euK7uHqFlG6CTDQJk2H682LJ1N8psmZSUttbTO6sv62e5YxmEZbU8XItDwsGVjsGU_ACp3nL88vPvvj1Sq0GiXDpP23aiKcXoySeZwA7dLeizHDJTExMKFTSlpxU8PC3eW-ydLLXhfv3RPgrRWQ2yCP1Odo2riqgAbqvbC0n6z-ikagBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3EY3K6u4ObUFvBXL0tIX_YWeKzEw%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 08 Aug 2022 00:31:05 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
activeview
pagead2.googlesyndication.com/pcs/ Frame EABE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_-LkizdfSCDIOA3Rb715LkdTIwefUtEIex6G_tqX9uwxVOJ8BU7zvINUVuKs8Yj1XbaSnA1CfgRja33PdQCeftp0&sig=Cg0ArKJSzBlCwn8wdfcNEAE&id=lidar2&mcvt=1001&p=0,0,280,336&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220803&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=295730922&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1659918663557&rpt=893&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.us.criteo.net/ Frame 6963 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=DCShjXWGJ-uCIdgwj4Mi5pTKdSFUmqDVIgH6RVNdSajjbKXj8XRqe4OlccI91zxGyuL66nDOdPe5TxjAcDQWfPjvHQKAcsCzWmcKzcb5RLiA7CPJ6Zne6ihhy0BotGnMb4AGdRUW0rs0YdVlPi0prDYh3BQFq5hhzTyBAMRRFoCKur4upYJlnHajbx4b_1pwLYSTF_vWxEKTILLnQhijAGIY3MG59S57Q1T7apwe_g6cwto4PbhfennOZO-OgE9fK-q5PxC-MR4Wb19R&sds=2&rev=82344&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvBZRwAJ3zMIaAooAAielbBINCih2UptgV-Few&u=%7Cb8DkHa3%2FizUnE8Uf4LGaeAjGFp%2FWuNxCZZsJYMg3WpM%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEZgLJPRa32Bn2soG5_TJM7MhK7bu9yqYwflV60ZIaNn9jku4TIP6WGSmAzHY7aoRA8pwI_44QcHVzl-j8iNLf7A5RZLU8AUVDrriQ3dLntN6xcLCx3JQrqAg3IIoywVfLdYg9jywvCQxyD4fCWx-6R8_qcEAirfGm_D_9XHmAYhrT3KSLf2EY6nF7cxh0OK7tQzOC559EIfVAggRu_iP_2X3PPOU8VYm38IezKOnImeb8qkJzW173jWjt1kh5I5Uj2fbYbvNCtaIEjsUC6Jhptbuxs8vNXcQAoMficqDkNdckJw3FsfNX8iuTO56sLDk7dJiQyx2r-h1WFspR2gbYf7eY2gn43VOeKslYiAdd_SYbpqoIHMHdnAtyHeSmTepxPvyql5nay-j-O31OvMLntggvXXuBdTznw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBaQsR1nwYrO-J6iUoPMPlb2i8AGcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNTkxMzk4OTQxNDgzNjMwNaABrN3-6APIAQmoAwHIAwKqBMMBT9Cp5bWjPmUB-h4GBjw4Puj0WdDJh8voa-QQnhYTzMtv-QhcLOBRySQMGBiPB0JNsRDdSUBFAoveTfoWXMvgKHJfYXle5tWaygDgTQzk1L5-F0pMT6oaMBcKkmV4VdAxlTT6rEkW5N1LJ_85kvWRjMeeMcX9Q6NaeL8567hzE9hMyIDB1lijcFW1CN0YLI-Jnk8qgglIEt3brwRmFw-NccXVG0jEQrJbRbFHZ83UcmhkVoQQeM4USOVNn8XCAzPE9-1ogAb6yvDByN3kvEigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16PGkyyfBNl9H--xO6tml5DCdzQQ%26client%3Dca-pub-5913989414836305%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 08 Aug 2022 00:31:04 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
bql.php
lg3.media.net/ Frame 785E 		15 B
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=4049&&&vgd_l2type=sca&fp=miajCemmP5yYo6hZ8cjT7ie5S8eX7qR5-FWVN1mG6kcwAYPGcZ8U7BdeLgH9OTIUd76H6OyO6cY4e4_H6lMnoYsRJBXjjl6MaEf8TadBRNdEN5F-AqKaT-esegEvJoAWPEPCLzG7DjJBr7RSYfUPOg%3D%3D&cme=9R7BWOllIF3jeceN7OrAy88IvL95DflngcRVsiE7GrJxKOkXV6w-43nc3tfcv5wn37bD6zJhKUyGY71bAnXqAKIwyCkJ-_3zABYBw3SzsEvzR_wiFoyIeMVJChL6ZCJUNihbH3YGxQRdn-UoI8NV0aFkhieBGCBXCQtLqiMcqOgDfvfOzu2xk3ha0JAlo9RQGs75h0z0fIjf2_5_Q_57dsT2RquUHznf%7C%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CJwgYdc1KQkFA0AkMtcoUY9olDV92JfOo%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD4yq_uokZuk9Fj-cNGVBsV2g7LW5KtepWJUNVQ1v8_k8Q%3D%3D%7C_DVMNIlVSXKYXdsqTH_N4AA2EE8fBvdq4W66JH97HFg9xrO9MBgHJ78LSQnH3ElnigosvPMwwEYC69_or-7svSG1j7vOjGC_Un_vvP3SesHyWWn9F74kNGDngLuV-7n-sSP-mviwJvWyHyJA_wmfZ4pwyL4XQBu3emIv5D_h680KJsSaOe8RPsOs3agaEB_C72KqCoSAOoq9YIO3Lo3gtOgJORYro3myq2hQ5tA0VzQ%3D%7C&v=1&geo=41.89%7C-88.2&lper=100&lpid=&tsid=4&q=&prv=&type=&ps=&hint=&td=&cc=US&wsip=170785127&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_fm_lang=EN&vgd_dnquo=00_XX&ksu=224&fdkt=110&vgde_kbbh=ffoyxQJuO&kwd[]=Mobile+Phone+with+No+Contract+Plans&kwt[]=110&kbc[]=null&kwp[]=1&kid[]=330278564&kbc2[]=&ktd[]=&kwd[]=HVAC+Programs+Cost+Online&kwt[]=110&kbc[]=null&kwp[]=2&kid[]=350407008&kbc2[]=&ktd[]=&kwd[]=Moving+costs+Cross+Country&kwt[]=110&kbc[]=null&kwp[]=3&kid[]=330279389&kbc2[]=&ktd[]=&kwd[]=Prepaid+Cellphones+Plan+For+Seniors+Online&kwt[]=110&kbc[]=null&kwp[]=4&kid[]=350407032&kbc2[]=&ktd[]=&cid=8CU5RJ1PV&vwid=1659918664989404393&vi=1659918664989404393&tdAdd[]=ib%3D0&vsid=3029202656419515&tdAdd[]=asnum%3D20278&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=772&vgd_l3_sc=IL&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_katbid=-102&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785127&vgd_nrrv=57785&vgd_nrrmf=4808&vgd_nrrsf=scrr&vgd_cty=west+chicago&vgd_go_pid=8POJ4N28G&&vgd_ifrmode=14&vgd_l1rakh=1659918664157532126&sttm=1659918665170&upk=1659918665.21475&hvsid=00001659918665170028075641952750&verid=3111299&vgd_matchstr=hr%3D0%7C&sbdrId=196&vgd_ecrid=8032948058501&vgd_isiolc=1&vgd_fcm_enc_mis=1&&kbbq=%26asn%3D20278&&vgd_vstrid=3029202656419515&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.FW~e8QMQOvuWu~xLjMLEQMGvuH.FX~ONfvu~QNOv8j~eM1Qzvf9fhW~ejfLMQOvf9ff9W9huu~8xLjMGvFWX.hf~xLjM7UNv9~xLjMLf1MGv9~Q7Ov~j1Q7v~e8QMxLjMGv9.XX~8EvAH9k4g~kGGv9~e8QMxLjMjv9~L88Ex1vf%2Cf~J7vAh~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9ff9W9huF~e8QMGviH9.W~xLjMGvu.uX~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvu9~yN17vou~GGvuiF~eev9~NejfLMQOvuWf~jfLMGvu999~JLEYv9.FW~ejfLMxLjMUNv949~GYvu~Q8OvhFHhfHiFh~QOvu~x8OvwWy%20c8NKbUbN3DH%20t~xLjMLEQMUNv9~NejfLMGvu.uu~G7OvifWAhhHfHHfXfXHAfAXHf9iuHAAFhH9FXu9AWfhih9uFXXFX9XAHifHihFFuFFiXHuuFhuuhuuufiF~Nejfvu.uu~AENkviii.iW~x8Yv9~OYYMQ7Lyvw1LYmz5~QQvIK~x8Bvou~NJv9~LEQMGvuAi.uu~xLjMQLEQMGvuH.FX~%3DVvfhuX~z7Qvu~7Gvou~N7vBJQ7nNw8N1ym~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8Q8kv9~jNv9~xLjMLENMGv9~G8Ov9.FW~ONvW~xLjMLEQMLev9~ejfLMGvX.uX~QxEEj5M71yM8Ov~e8JB1G8j875v9.iF~1YEvu~NGOEv9.FW9~OYYvw1LYmz5~Qx8Ov%3DK4b4%3D4w7COItlW7NOz7QlHaBX3~QOvu~O7NvJ1Q7MQN~-8OvKrtoExGoXXufAi9h9XuAhX9h~O1jyv~w7Yjvu~1OGjUvffAHfAWAfu~QmGEv~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9f9~myG8Ov9.FW9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vAX~OmyGv9ou~8GNvu~OO7vou~zQlvu~7yQvhfW-i9~GQGv9~GQEv9~7Y-vfHh&vgd_optout=0&vgd_cfud=220317&vgd_scsver=281&vgd_go_ent=1&vgd_rensize=728_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=602&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A728%3Brend_h%3A90&&vgd_uspa=0&vgd_sc=IL&vgd_l1rhst=contextual.media.net&hvsid=00001659918665170028075641952750&subBdr=196&bdrid=294&rc=0&rand=1659918665399&acid=cb7b48e10f894c1eb3c9f349f7de81f0&matm=1659918665399&vgd_ltimesrc=1&vgd_ltime=1347&vgd_rtime=899&vgd_etm=12&vgd_l1hcsd=Ot09m%7C5127&vgd_l1ch=1&vgd_lhl=2610&vgd_pgid=p0727862344t202208080031&vgd_adprefflag=10&vgd_adpref_diff=100&vgd_csip=rtb-appnexus-d5c4fdf8d-bt8cn.SC&vgd_sbSup=1&vgd_nrrs=57785&vgd_cntrdt=SF%7C7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=764724967&size=728x90&cc=US&sc=IL&chnm=HARMONY&pid=8POJ4N28G&tpid=TL388V6&https=1&vif=2&requrl=https%3A%2F%2Fwindow-rock-az.asbe.us&nse=5&vi=1659918664989404393&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&bae=B4zaaBag4/&bcpf=B8fOnRrolnfOur84zaaBag4%2F&bdrId=294&ntv=0&matchstring=hr%3D0%7C&kttle=SafeFrame%20Container&katpre=1&katbid=-102&pgid=p0727862344t202208080031&goent=1&htmlsrc=1&allsc=IL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Mon, 08 Aug 2022 00:31:05 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Mon, 08 Aug 2022 00:31:05 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220803&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_fy2021.js?bust=31068809
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9e36cbff9a11720ffb0f67cc04f72fc865b35f36849d72e746590a84eb38e8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Aug 2022 00:31:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10581
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_fy2021.js?bust=31068809
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Aug 2022 00:31:05 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B8DE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://window-rock-az.asbe.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
3265
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 Aug 2022 23:36:41 GMT
expires
Mon, 07 Aug 2023 23:36:41 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5232 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
054add149ad5573acae129aa3e6b9331a99bc67fd8f8e816f8b4ee5a1ad5ff6b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5CRVUM78rYS4xjQrkVpC5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://window-rock-az.asbe.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-5CRVUM78rYS4xjQrkVpC5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 00:31:06 GMT
expires
Mon, 08 Aug 2022 00:31:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
pagead2.googlesyndication.com/bg/ Frame B8DE 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 23:06:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
5094
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14146
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 07 Aug 2023 23:06:12 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5232 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220803&jk=3310107042177197&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame B8DE 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?QV8v3A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:31:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 51DE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOnISXoVLxnXkwN9P5tEgxb0KImiN6K7pt2PW6WKEd1v2CFuxZrTMdrQUuw_m9YJu8ym-Lhwr7znXsNkFPaCJ_0o15&sig=Cg0ArKJSzHYsxlml-5t6EAE&cid=CAASFeRoRkhJm1i7zh4uWPcj5FWKULVeZg&id=lidar2&mcvt=1000&p=1110,436,1204,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220803&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=2234238321&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1659918664223&rpt=985&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
hblg.media.net/ Frame 51DE 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&ifst=0&vid=YvBZRwAN964IaA3l_g2Cxw&s_city=morganton&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D3%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=3&device_id=4&ae=false&mx_UCC=5&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.680&size=728x90&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=acbe1012&scrid=8032948058501&itypeid=17&mx_SPRIG=2&viewability=96&renderer=0&be=0&rtime=39.0&adj0=0.0&tmax=300&s_ip=74.125.19.6&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=YvBZRwAN964IaA3l_g2Cxw&sc=IL&sd=1&mowxReqId=cb7b48e10f894c1eb3c9f349f7de81f0_1&ifdp=0&requrl=https%3A%2F%2Fwindow-rock-az.asbe.us&bidrestime=1659918663986&pv_adtype=0&cc=US&strg=HARMONY&pcrid=8CU5RJ1PV-764724967-33-17&coppa_enf=true&bdp=0.680&ct=West+Chicago&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CHARMONY%7Cbrr%3D0&mx_epbc=8CU5RJ1PV&dnt_enf=false&mx_ssBucket=0&vls=0&asn=20278&mang=1&fleet=appnexus&mx_isLossNtf=false&advUrl=https%3A%2F%2Fsearch.yahoo.com&dn=window-rock-az.asbe.us&dt=O&acid=cb7b48e10f894c1eb3c9f349f7de81f0&actltime=45&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C16%7C48%7C17%7C114%7C18%7C19%7C20%7C22%7C25%7C26%7C27&dfpBd=0.435&sckfl=1&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-unknown&bfs=103&rfc=-1&prvApiId=8CU5RJ1PV&epcexp=false&pubid=pub-ADX-116310109131&mx_bsProfile=0&cid=8CUU9JF8H&bcrid=8032948058501&omul=1.0&res_mtype=0&apPrfs%3C%3E=60%23%2315%23%2313%23%2310&suid=CAESECEhtKdNXz8tcdntsz4Ow5Y&chnl=HARMONY&pst=0&reqsize=728x90&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-ADX-116310109131&__expireat=1659919264240&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=764724967&ckfl=0&lper=1&mx_tgs=728x90&cbdp=0.435&pvdTmax=247&ltime=45.0&epc=764724967&prvReqId=821606404963_777479965_11621109112941&zip=60185&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-5512390705137507&ybnca_erpm=0.68&brsrclk=0&sbdrid=196&rtttime=58&apTags%3C%3E=75&mx_PC=1&wsip=mowx-lite-7496fdf8bf-b5ksn&currsrc_date=2022-08-05+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-08-08+00%3A31%3A03&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.020&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=2&usp_enf=1&bidflr=0.020&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=294&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AHfbET4E3RdV-hxoIWZx4-NtYS8zskvzO_jms9bi22bJ3DIUAFP4sGUsILVo19xSf7vbB6WK&dmm_ogerpm=false&csip=rtb-appnexus-d5c4fdf8d-bt8cn.SC&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=east_sc&mx_aqcpl_crid=4&ogbdp=0.68&tpbTkn=false&adblk=2234238321&fpuReq=1&vcmplrt=-1.0&crid=116211091&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.020&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.68~vis_sd%3D181~url_rps_b%3D14.65~dc2%3D1~scd%3Dil~v_asn%3D20278~vl2r_sd%3D2022080711~iurl_b%3D685.72~url_tkc%3D0~url_r2a_b%3D0~std%3D~last%3D~vis_url_b%3D0.55~ip%3D340fEQ~fbb%3D0~vis_url_l%3D0~riipua%3D2%2C2~et%3D37~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022080716~vis_b%3D940.8~url_b%3D1.15~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D10~gcat%3D-1~bb%3D196~vv%3D0~cvl2r_sd%3D182~l2r_b%3D1000~erpm%3D0.68~vl2r_url_kc%3D0E0~bm%3D1~sid%3D764724967~sd%3D1~uid%3Dh8gqMicASkScYR4qX~url_rps_kc%3D0~cvl2r_b%3D1.11~btd%3D928377424425254323542091433674065103827970165565053492497661669541167117111296~cvl2%3D1.11~3pcf%3D999.98~uim%3D0~dmm_strg%3Dharmony~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D139.11~url_srps_b%3D14.65~CI%3D2715~nts%3D1~tb%3D-1~ct%3Dwest%20chicago~basis2%3D196~basis1%3D196~isRef%3D0~isif%3D0~lc%3D0~url_rpc_b%3D0~bid%3D0.68~dc%3D8~url_rps_rv%3D0~vl2r_b%3D5.15~supply_tag_id%3D%7Eviewability%3D0.96%7Eamp%3D1%7Ecbdp%3D0.680%7Edmm%3Dharmony%7Esuid%3DCAESECEhtKdNXz8tcdntsz4Ow5Y%7Esd%3D1%7Edtc%3Deast_sc%7Exid%3DADX-pub-5512390705137507%7Edalg%3D%7Ehtml%3D1%7Eadblk%3D2234238321%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.020%7Eogbid%3D0.680%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D35%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D728x90~bsb%3D0~bsp%3D0~tmx%3D247&utime=1197&sf=0&cpr=0.32894076630103286&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:31:06 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 08 Aug 2022 00:31:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220803&jk=3310107042177197&bg=!0tGl0ZXNAAZGjrx1Zo47ACkAdvg8WqLu3pZPNpBwunmEFgPpi474j8xyaLZ0UDmvCTjkxSSLW02wKAIAAABWUgAAAAJoAQeZAtmJYBd29ccmpENyeMUg026Uca3n76CYk0dryTeRg8ln81mtlyzDyunYgJ4VPB99fgGwbxccQFApLYdLVBSSA0P1CaNAF3fbJI1NmOaRj-vN98QTh7whpJIu7n3LNecRlBlFDvMkYAU2tEkwoPSSQZJWGiRnjr6yCAVVTXR96MkDV9rIIVuH1adRlopcsJwVnVEaZ9znAOtgvcGeAG3pqlpayJwZtReEVPUSCpPJpxUNiwgZpt76CUNTsbm32f271iDBrFWjnOTEOsjO4aPp1JttG-QJjBd04Z46qyZQ_ULXhllDsHeEXEBPl7qsmjd5GNkAYVAlZAJnzgYdWkdohBQMrigRTiZm_dm_z9F2-ZVEQQVwnWusndY-VpthKGJNx7wd6zbzp3LeuTI8mo2uSeUvZpbX_9gRgxdfy84YY8Ouno005alJ3nb4F7xteW8YIZZskqYXDT6k2sAFSw4GIMbFP9ZmU8hb_jNmQoGyatGWYdo-LzE6CsQ_h1RaEd1xeHobPHbGrIaciccT6K2jdbomyKE11f4NfU18t-U48g1Q3bu2f6vLg7DebdAzv_md3eizBCZddEiGRmXV0cO6ZjvnHvlOf3pOa23WRUUeL3LczrK88x-gMaevL6shGLR55nDUUW2pXyC--YvHFPvxlAfH0yqwop8CzD3YE1d6D6twkY1ob2bzRUTC8OtF5vIFzwyex64Y2eBDR4ojaIMkQ3ewJvWJy1GzK_rkTfvlRpFI6GcKbZezXKJld41iZfjxLJH13AhwfUv06Ph9J9dvt_OrAnDmQjkFKl6dPbhtu6_NjwRqQiyQgb2ZWh4PmrmjMrUCTwgP5oVu_L3vCCgnBA6bLf_OppIUzZWfXaQg7sut25KB_QiW3YDJC10mtODE1FMWWqSChijDzbQSVvcd94jaHIq75-CTGRPXIOfPAV2ysKvEjK8I_Snx7Mo8rsio31TgTpA-0h9TPD4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://window-rock-az.asbe.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
bqi.php
lg3.media.net/ Frame 51DE 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2191&lf=3&&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_l2type=sca&gdpr=0&prid=8PRN625DH&cid=8CU5RJ1PV&crid=764724967&requrl=https%3A%2F%2Fwindow-rock-az.asbe.us&vi=1659918664989404393&ugd=4&cc=US&sc=IL&bdrid=294&subBdr=196&startTime=1659918665162&l2type=sca&vgd_l1rakh=1659918664157532126&l1ch=1&sttm=1659918665170&upk=1659918665.21475&hvsid=00001659918665170028075641952750&acid=cb7b48e10f894c1eb3c9f349f7de81f0&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.68~vis_sd%3D181~url_rps_b%3D14.65~dc2%3D1~scd%3Dil~v_asn%3D20278~vl2r_sd%3D2022080711~iurl_b%3D685.72~url_tkc%3D0~url_r2a_b%3D0~std%3D~last%3D~vis_url_b%3D0.55~ip%3D340fEQ~fbb%3D0~vis_url_l%3D0~riipua%3D2%2C2~et%3D37~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022080716~vis_b%3D940.8~url_b%3D1.15~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D10~gcat%3D-1~bb%3D196~vv%3D0~cvl2r_sd%3D182~l2r_b%3D1000~erpm%3D0.68~vl2r_url_kc%3D0E0~bm%3D1~sid%3D764724967~sd%3D1~uid%3Dh8gqMicASkScYR4qX~url_rps_kc%3D0~cvl2r_b%3D1.11~btd%3D928377424425254323542091433674065103827970165565053492497661669541167117111296~cvl2%3D1.11~3pcf%3D999.98~uim%3D0~dmm_strg%3Dharmony~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D139.11~url_srps_b%3D14.65~CI%3D2715~nts%3D1~tb%3D-1~ct%3Dwest%20chicago~basis2%3D196~basis1%3D196~isRef%3D0~isif%3D0~lc%3D0~url_rpc_b%3D0~bid%3D0.68~dc%3D8~url_rps_rv%3D0~vl2r_b%3D5.15~supply_tag_id%3D%7Eviewability%3D0.96%7Eamp%3D1%7Ecbdp%3D0.680%7Edmm%3Dharmony%7Esuid%3DCAESECEhtKdNXz8tcdntsz4Ow5Y%7Esd%3D1%7Edtc%3Deast_sc%7Exid%3DADX-pub-5512390705137507%7Edalg%3D%7Ehtml%3D1%7Eadblk%3D2234238321%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.020%7Eogbid%3D0.680%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D35%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D728x90~bsb%3D0~bsp%3D0~tmx%3D247&matchstring=hr%3D0%7C&vgd_matchstr=hr%3D0%7C&vgd_sc=IL&infr=1&twna=1&dma=602&stime=1659918664514&vgd_ecrid=8032948058501&l1hcsd=l1!Ot09m|5127&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22east_sc%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&vgd_pgid=p0727862344t202208080031&vgd_pgids=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Mon, 08 Aug 2022 00:31:06 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Mon, 08 Aug 2022 00:31:06 GMT

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| WebFontConfig function| gtag object| dataLayer object| adsbygoogle object| points object| markers undefined| map object| myLatLng function| initMap object| WebFont object| optad360 object| adMapper1 object| googletag object| elementParams number| checkTop number| checkHeight object| elemn number| currTop number| currHeight number| dist object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint object| Sk object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| Ya object| yaCounter83817100 number| dist3a number| dist3b object| google_image_requests object| GoogleGcLKhOms

31 Cookies

Domain/Path Name / Value
window-rock-az.asbe.us/ Name: PHPSESSID
Value: 00mv2aftdbq42jhji4kstmshl2
.us03.biz/ Name: uuid
Value: 3b377467-7e27-4de4-bc31-55dac2dcfab3
.asbe.us/ Name: _ga
Value: GA1.2.444617771.1659918663
.asbe.us/ Name: _gid
Value: GA1.2.1636005991.1659918663
.asbe.us/ Name: _gat_gtag_UA_115920637_1
Value: 1
.asbe.us/ Name: _ym_uid
Value: 1659918664290706329
.asbe.us/ Name: _ym_d
Value: 1659918664
.asbe.us/ Name: __gpi
Value: UID=0000056ffe12ae21:T=1659918663:RT=1659918663:S=ALNI_MZ1v5kZqtjiBbUWKzNvdmS6Ei97nA
.asbe.us/ Name: _ym_isad
Value: 2
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3768890540fake
.doubleclick.net/ Name: IDE
Value: AHWqTUmKmqX9g1wTlb9o8ohJt-Oy4IVmDj6_C-C1UP1Jqkt2NW5sHW5DCdUsFttG1R0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1516763764fake
.asbe.us/ Name: __gads
Value: ID=c42f8319b7d2502e:T=1659918663:S=ALNI_MZmCHujoyNe_336THuIcBeexb_RYA
.yandex.com/ Name: yandexuid
Value: 1128190831659918664
.yandex.com/ Name: yuidss
Value: 1128190831659918664
mc.yandex.com/ Name: yabs-sid
Value: 1494236191659918664
.yandex.com/ Name: i
Value: P4kESB2c4fNxoBSBVvHFVDSPANxDFvI9r3R+1OuYXpXcQu6nUKxIb02Gstk6YupJPW1+QAPnyr9EyLD8jpV6t8Tu4U4=
.yandex.com/ Name: ymex
Value: 1691454664.yrts.1659918664#1691454664.yrtsi.1659918664
.media.net/ Name: visitor-id
Value: 3029202656419515000V10
.adingo.jp/ Name: ID
Value: bce3aa7b5d7e0978a30414c5784aca1c
.adsrvr.org/ Name: TDID
Value: 67cbed29-e469-47dc-ae34-b3ee6f6292b2
.simpli.fi/ Name: suid
Value: BA719D7C095F4E64B572FA4911F2F29D
.adform.net/ Name: C
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIwKrBgeq3_DoQBRgFIAEoAjILCIKm-K2AuPw6EAU4AQ..
.mfadsrvr.com/ Name: tuuid
Value: cc4e7fdd-ead8-454d-b919-cab443f8bc71
.mfadsrvr.com/ Name: c
Value: 1659918665
.mfadsrvr.com/ Name: tuuid_lu
Value: 1659918665
.adform.net/ Name: uid
Value: 4714063135674044607
.media.net/ Name: data-g
Value: CAESEIQ0LziIHD6DGxHd_Lry2qA~~6
.mfadsrvr.com/ Name: ssh
Value: !google,1659918665

3 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7637664810868603&output=html&adk=1812271804&adf=3025194257&lmt=1659918663&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663211&bpp=4&bdt=661&idt=281&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=593208793467&frm=20&pv=2&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=304
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5913989414836305&output=html&h=280&slotname=7445429383&adk=295730922&adf=1377853048&pi=t.ma~as.7445429383&w=336&fwrn=4&fwrnh=100&lmt=1659918663&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwindow-rock-az.asbe.us%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1659918663223&bpp=1&bdt=674&idt=338&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C336x280&nras=1&correlator=593208793467&frm=20&pv=1&ga_vid=444617771.1659918663&ga_sid=1659918664&ga_hid=1050128011&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31068809%2C42531606%2C31064019&oid=2&pvsid=3310107042177197&tmod=1440499420&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=lG5tCK5rNX&p=https%3A//window-rock-az.asbe.us&dtd=341
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9723.uoNicIAuMYmoBacqist88VfzfseBYWecSk2oP9Eqc4gPBsu7PSp-szitgsT7XgarenqVLLLszMgJgWWbp1rXbg%2C%2C.6-UazYaj2adXG77gD8e3fxl6TaY%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7c012a956e330d71ace41839445d33f8.safeframe.googlesyndication.com
ads.us.criteo.com
adservice.google.com
c1.adform.net
cat.va.us.criteo.com
cc.adingo.jp
cdnjs.cloudflare.com
cm.g.doubleclick.net
contextual.media.net
cs.media.net
csm.us.criteo.net
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
googleads.g.doubleclick.net
hblg.media.net
lg3.media.net
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pix.us.criteo.net
pixel.rubiconproject.com
qsearch-a.akamaihd.net
res-a.akamaihd.net
rtb.da.us.criteo.com
rtb.mfadsrvr.com
rtb.va.us.criteo.com
securepubads.g.doubleclick.net
static.criteo.net
sync.extend.tv
tpc.googlesyndication.com
um.simpli.fi
us03.biz
warp.media.net
window-rock-az.asbe.us
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.117.182.24
104.117.182.27
104.77.220.25
142.250.72.98
142.250.80.98
15.197.193.217
169.55.104.49
185.167.164.37
185.177.92.147
2600:9000:21dd:0:11:a4de:2580:93a1
2606:4700:3032::6815:51d1
2606:4700::6811:190e
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80e::2003
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2004
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81f::2001
2607:f8b0:4006:821::2002
2607:f8b0:4006:822::2001
2607:f8b0:4006:822::2002
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a005::14
2a02:6b8::1:119
3.211.146.183
35.207.24.140
52.207.57.53
69.173.151.100
74.119.119.137
74.119.119.147
74.119.119.149
96.17.64.29
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
054add149ad5573acae129aa3e6b9331a99bc67fd8f8e816f8b4ee5a1ad5ff6b
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a704e21bafda74efa92be5505df0a25d0e6b52d593007d02982a07405a6592c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
115a9c6c19fea907f4f875b7536631a560ed4b1a6a8dbb2d2db8783c0b8abb3c
138583c9a28a85b0f72252a4de85b21c4209a644136128d451571c7a9e63ae6c
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07
19911b349c35c9812b24c719b46daf7cedc857dc0577d499f7f3375f7880523a
21557c06eb81c4b4e8fde1cd3d85a91acd7ae95d9f8672a6193d5f38905ee3f5
26bc9c6dfdbf3b68e6dc1831aebbc853bc394ca60afea9b1da8a88fce19f2062
27cf69bbef852dfb0c523ac2d0d8d1081e393d9833a288b7d413405461be278e
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
3054b873b5da579c37e1acd0a12010765115894ec03cd028abbcad7edf269605
31977297dac769c2f20283cd42956e32d8462ef8d62d60fcbac1b17a06561291
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
356b0063e7ee5278dbc13936bfb4e712d1be9f40e4a1eab2c1ddbc818c4ed117
37b29411c4a911a348f82a34b96bc711f3fae2cfbeb93450d2b1257c9d4bae3a
3dd3a5f0772cd6b5a236986cfa2ab828064292671fe664f91f092e11b857e64d
424983be23bc4bcd388da63b3647222bef56e36973ed9386c03377ab15c90261
466bd520117f22b1b2aa74d417a270cc14af2627975ff26178187b2982c780db
467b4a07fb7c3f3974a7910329c33bd52854a6e573f7a5a97b6af470a0c5633a
4a78752ef60de6805154dc3af5dc7992478434c5203b3e956b93abeb0d5e5081
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
5256d55a499ecb71f04dd716cfdf75bf9fe5f863620ec6634e3b43b4e6b11fd8
52f9fa90e00a17ee7d3071442a83eee9e32a7dabf92f145d0a8a57fe41cd99e0
53d5e6422d7b346515a824df755ca4bfb92a83acd6543e96fc7ab4d21b817a15
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
553bded3ff0bf474130a082d75a0c4d066c853914433557d593dc992d9d51fe2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86
5bb9d3b4bc60079178a6f7bd42e09d63b4f326bffd46122308e7be47529b38af
5cc0b9bfc26d18e28fbeae39fd1b51caee7c16a60c215549b05478f4bf3f7517
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
6141b63f64ee2b45c44fddfe0ff61ca74f8f234ad8a2525d32af333386031da1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69c02f544b87a917384825923fc6a04d560452dc5ed97d2b05b4db60fbcef171
6a93b0fed3fec46c5e43f0145479059e99bd4ffe9c9d039b6ad5e214473ce100
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
75d896125ab6b6c251b2980066ea18870432a7919dc56bb08d69ccd3cd63e3ae
77ae4aa7154e53d2d468b52b60f02f856a235e4964c79ac1e60f884412bae210
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7c3633bcf53dcffdf7277f6b3a97c77b6ed2a8971339eb9a08520047a08c5c46
7f2d2b90831a5a0f4cc97928606590bb3988bb0946d888d0bfeffc26b935c54b
8109781b045200453fbb3c638e604b7106f3ddccd8ac4e2ed2e39db0408de703
830d03307e405ab33e1813dad360894ba40e5163a31ddf4c29a23cbb9687af7e
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
83cc1b82ea1c20656bc292696ba76ad9ab01ae9078c469b55326585ea129bc7d
8545f789d157443e285020e59d3ede5a7725a9ab6d03ebaa996ef57914d1685c
8587c95e31d09f99f40dcc88520ca82c33ae738945361375fd1d7ae5bea28b45
87eaf75a07d0128dd3ca89b6b11e1c0d8b733c67b230bfc4c8f772d8c1f4f4a0
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cd4ba897e5650ea9c127fb29855d43a052ddc116b47a4e536cd2f27741cb4f6
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9569a63b80bc003071927f8e6b50f6cc5112d85c47d1e50893ff063a7f661c52
95d5ebf15a43edf88784473bd7599787effc57678afee99a2984db0d624d6122
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a337ff59f403b9b4c1aaf30b8dfe1a8bf163a02a9aef6c61d8788a90e0678963
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a6c1f8a31c1ffac719a6930db183e077fce4b40877d67aeabef1f2532bc04bb6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b7e551912222a9afd4ea4ae1d443cb209a4e15cf7526328905f5fb86f185e8e7
bdb00f64415dab6c5665dd21ba8b0072dcdd85175ff306fea7bde9b2a35b2b8c
bf061395c97f95cf43e469f93063d5acc8920e91539f32032dd7b793a7405dfd
c3602e923fce33a80e595e9008eb45f7d158f06f2b1bb14f29a599e751f9ce29
c5104b74f2623ed1ca8110e56be6646e8ca50f504ad1fa92a2f0c998e79952ca
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c9e36cbff9a11720ffb0f67cc04f72fc865b35f36849d72e746590a84eb38e8e
cd84d330298bd06c1bca80c36df9af9ec8a4c0ef85fb76ddc73b472006908954
d4855b8e6428ef8b76f623e096c1385af042ef85063d8832b3dcbc7c960b6c4b
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e00b9150c12c0f4c1942cd14c1afc324dc0679e473ce137db1246cf10b5c06fb
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e998c052a3d814d2983353e5c03daf0620ba9caa61d5677a9ae6de76b34f7721
ebe431d1b992ff6f19284860f162cc07071917e1d443930efa984b2d039ff46f
eecb367bb48813253613e806accefef9692fc6486febc963dc0c424bd0553105
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ca343071723f2dc279a0c7df9b8c3bb20556501faa6df5c29bc8f8d0008477
f4ee745ddb73cf079c293a6aea2eac0fa10b70a47ccebc704d8aacaacc9bf8b0
f7a89d8edb260b58ede989d3b499765be906f60509dfce9ed08e9f9f4408036a
f8781c87c5b3a2576e97ebb86a634deb9f2283511fea22d21e6a615a04979d56
f89a0ac1364a8011f8d4a672a39ee3cfa2cc04fecabc392133889de6925ebc65
fbeb3a30683593d375a08112e1c9c15b3fed17aa6445764a0815a2c2e0b64a38