www.34st.com Open in urlscan Pro
18.211.38.197 Public Scan

URL:
https://www.34st.com/
Submission: On March 07 via api (March 7th 2021, 4:53:31 pm UTC) from US

Summary HTTP 128 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 32 IPs in 3 countries across 25 domains to perform 128 HTTP transactions. The main IP is 18.211.38.197, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.34st.com.
TLS certificate: Issued by R3 on December 29th 2020. Valid for: 3 months.

This is the only time www.34st.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	18.211.38.197 18.211.38.197	14618 (AMAZON-AES) (AMAZON-AES)
5	65.9.23.2 65.9.23.2	16509 (AMAZON-02) (AMAZON-02)
9	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:1b:... 2a04:4e42:1b::622	54113 (FASTLY) (FASTLY)
11	2a04:4e42:3::720 2a04:4e42:3::720	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
11	34.206.127.213 34.206.127.213	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
1	67.225.220.126 67.225.220.126	32244 (LIQUIDWEB) (LIQUIDWEB)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
14	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:295::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2 4	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	23.111.9.57 23.111.9.57	33438 (HIGHWINDS2) (HIGHWINDS2)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
8	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f20... 2a03:2880:f203:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
4	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
128	32

3 18.211.38.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-38-197.compute-1.amazonaws.com

www.34st.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.23.2 (Orlando, United States)

ASN16509 (AMAZON-02, US)

d8es5520nmizf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::622 (United States)

ASN54113 (FASTLY, US)

image.issuu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)

snworksceo.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f045:10:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.206.127.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-127-213.compute-1.amazonaws.com

thedp.friends2follow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.friends2follow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
antifraudjs.friends2follow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-web-services-dp.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.225.220.126 (United States)

ASN32244 (LIQUIDWEB, US)

www.rtb123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:295::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.38 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9fe50e4502c7e0d80768bc726183f5a9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.57 (United States)

ASN33438 (HIGHWINDS2, US)

twemoji.maxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f145:82:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f203:c4:face:b00c:0:43fe (Ashburn, United States)

ASN32934 (FACEBOOK, US)

scontent-iad3-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

scontent-iad3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com 9fe50e4502c7e0d80768bc726183f5a9.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	450 KB
15	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	123 KB
11	friends2follow.com thedp.friends2follow.com tracking.friends2follow.com antifraudjs.friends2follow.com	147 KB
11	imgix.net snworksceo.imgix.net	641 KB
10	typekit.net use.typekit.net p.typekit.net	361 KB
8	facebook.com www.facebook.com	274 KB
8	googletagservices.com www.googletagservices.com	248 KB
5	cloudfront.net d8es5520nmizf.cloudfront.net	25 KB
4	fbcdn.net scontent-iad3-1.xx.fbcdn.net	205 KB
4	google.com adservice.google.com www.google.com apis.google.com	22 KB
4	adnxs.com 2 redirects secure.adnxs.com	4 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
3	34st.com www.34st.com	13 KB
2	cdninstagram.com scontent-iad3-1.cdninstagram.com	515 KB
2	gstatic.com fonts.gstatic.com	29 KB
2	facebook.net connect.facebook.net	63 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	maxcdn.com twemoji.maxcdn.com	782 B
1	google.de adservice.google.de	799 B
1	googleapis.com fonts.googleapis.com	1 KB
1	rtb123.com www.rtb123.com	910 B
1	cloudfunctions.net us-central1-web-services-dp.cloudfunctions.net	2 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
1	issuu.com image.issuu.com	11 KB
1	cloudflare.com cdnjs.cloudflare.com	2 KB
128	25

	Domain	Requested by
21	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
14	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.34st.com
11	snworksceo.imgix.net	www.34st.com
9	use.typekit.net	www.34st.com
8	www.facebook.com	thedp.friends2follow.com www.facebook.com
8	www.googletagservices.com	www.34st.com securepubads.g.doubleclick.net
8	thedp.friends2follow.com	www.34st.com thedp.friends2follow.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	d8es5520nmizf.cloudfront.net	www.34st.com
4	scontent-iad3-1.xx.fbcdn.net	thedp.friends2follow.com
4	secure.adnxs.com	2 redirects www.34st.com
3	www.34st.com	www.34st.com
2	scontent-iad3-1.cdninstagram.com
2	platform.twitter.com	www.34st.com platform.twitter.com
2	www.google.com	securepubads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	tracking.friends2follow.com	thedp.friends2follow.com
2	connect.facebook.net	www.34st.com connect.facebook.net
2	www.google-analytics.com	www.34st.com www.google-analytics.com
1	syndication.twitter.com	platform.twitter.com
1	apis.google.com	thedp.friends2follow.com
1	twemoji.maxcdn.com	thedp.friends2follow.com
1	9fe50e4502c7e0d80768bc726183f5a9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	antifraudjs.friends2follow.com	thedp.friends2follow.com
1	fonts.googleapis.com	thedp.friends2follow.com
1	p.typekit.net	www.34st.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.rtb123.com	www.34st.com
1	us-central1-web-services-dp.cloudfunctions.net	d8es5520nmizf.cloudfront.net
1	www.googletagmanager.com	www.34st.com
1	image.issuu.com	www.34st.com
1	cdnjs.cloudflare.com	www.34st.com
128	34

This site contains links to these domains. Also see Links.

Domain
thedp.us2.list-manage.com
issuu.com
www.thedp.com
getsnworks.com

Subject Issuer	Validity	Valid
www.34st.com R3	`2020-12-29` - `2021-03-29`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-04` - `2021-05-07`	2 months	crt.sh
imgix.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-08-06` - `2021-08-07`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
friends2follow.com Amazon	`2020-12-11` - `2022-01-09`	a year	crt.sh
misc.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
www.rtb123.com GlobalSign GCC R3 DV TLS CA 2020	`2021-01-09` - `2022-02-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-03` - `2022-02-19`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
twemoji.maxcdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-10-09` - `2021-11-09`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.apis.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-01-31` - `2021-04-30`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://www.34st.com/
Frame ID: 930259A9A73552AAEF2BD0103F0E2A5B
Requests: 52 HTTP requests in this frame

Frame: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5
Frame ID: 41370DABD4CA70B2AEB57C8DDA9D95E7
Requests: 29 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmMsuceDv26wfkaIBqYS23WVi23GUybjuM_kMJicIeGC5bgjBUJ2MUofuPqJhlKFTXoH-RyiNR50sDYISmBMEX-tzqkY6TM02sZmcv7VN5KK-ktOL98kUwo1IYqo_4rlEqrNIMEmoBwEsSt5akJ3f7NYM0AtAugwAfzGvKpKH_ux1KjRRxrdnfq25_QYqdfsjl0_xkK0NsB1JHwd5g6ZR3SP8fxMlr8tgBzGh3bDhynKDWZGZiqrA77WgBGLbMiKLbv1iq7ocqofwj4NLqznHSmoQhEWOB9DPBaLphW4WnW74&sai=AMfl-YSkMTP0KWRxKrBpQusgzHrRl-7F4Fy-UDIK5zFT2yKk5Uxe1vYUSqWiEV-Z_dir0ktBLP9yGGURsZkQPB4M_IXtl7XBJGG-1X27hdN60-QYF_t5ycnVmcDqfpPVQRI&sig=Cg0ArKJSzNuZTmHLM0DmEAE&adurl=
Frame ID: D634B676212EC9354CBD89040AF389D6
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFCoPVi6GktY1__D0Uzg8jPskm8H9UdyKluV9Bm-lF4iuy0sOHqjlyn9hX7l_jA-tSQfDJ7KOIGqLMM0Zp8aemtFY-Dyzzqi4ilPHIexECPaI6gEcVu-X9b4r6Qu9lT08lVpJsbkrlA-GLuXM1AdqG8M1W_249yQcyshxsNRegb6juP0E_UFRhaGDAyJDP0GqUOMRLfWjKWc68ohJSEviAaroPUg5TO7CWnG_q6xGrF0_Up5ziwK94qM4_FYeLNs-70QXIaBswcInlfVFv0NQi-n9ojKYo-j72kL4feV4dtNHRPRCDJlU&sai=AMfl-YTJ2We1O3simRNGUBYrrI95D7wUM9iff0vFWjbzYvMYyLUpCY7aYIm3uPzgxyQPpZewwsjMAIlc8-Mf91UMBbkAjpiiq4kkIZAQuwYVh-dIZLKFCrb4p9ldONjUYco&sig=Cg0ArKJSzD1cnAgC3hlsEAE&adurl=
Frame ID: A0EF92B0D226EE129AC0D80921C16C0C
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3nTScQJ50BBRYpNtA3Erk2pt7nWNrRVMZ8wyoDCDrFiSLKNH_XUPPl_w4LxjkTdsw4CyKg_ihnWZICngZkZRJvtzXRcJ9Qh9MzWt2FYmLyvV3LZmSM_gQ1sr4jfSdz6v58gkDTQI371SJC4z0F9BpM9hJAZmSo9ZSHsvNEmkGGTMfZLpIDrBnCWn1J-Gz-gqRiSc57q0DjpwwVf0Zq5ghkbaXdogh2AY5A8NkfULz3D_quyEg8xG55I-BP6WO0mxhCw4uW-aDlKU-PiilalRMKh3jApGSw0wM-wsrukSvzUp-EVsBjit8Q-E&sai=AMfl-YTaXTv7_Y5KUA2fUwshmMb6FgVdFdyMvw5gL6LyTDxXKpTEO3xdxR-53tjuVWbl5wxp630PQbQaM58jAPvmq8ezctC9BzU7gi4PgIwDYSxKmPC4_q0oF0_fFhNcbXo&sig=Cg0ArKJSzAOjZ7oDFEx-EAE&adurl=
Frame ID: FDE0B6EE77E19DC8E5C2D2BE1D1D2865
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPu2H5IG_Bf0q2g1xJITJ8h_q2x_EfsXKcLCUxPuO9bhb_jByOOTGE1lCdclXbwaYFOF0XNNPYhjYZWLP60GwkyI0GGC2fQa7WB8rONRmlZS5UIuL90FQ3vXRtugiJLwRsF3rPkxrpT0-QSDmfww95U2M4NbJByYE-qIkBtsVvYukwjM_IC63XaV_qcp0IIY2-vAWDLAnsc8hV9gVRNhuQPQfAVvQQCRs2PIl0XFKuwy5k0MAOBbnIq81_J9095fJ2hsujkXL8z1pXFkfcw3zyRSOhsa4uxajzf-ZAAJaJZI1Ls2oa4jhX&sai=AMfl-YQCYfhspC8FjXrZ3mM9pZBYskDCl4ZIhE3Kw2r9Q2pW1ATtDBVQnP80wFvzEDCU6btwUFovHoHh7SuNBcw622AAQhskBqmpH0N6Red6RMmU24ai5KMHT1HUJg4oVlc&sig=Cg0ArKJSzNqzu_-kINB1EAE&adurl=
Frame ID: 3042EDF133D7DE70DC8EC1D9A41E02C2
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBijo9NHIpsvGcfGlRXXq3bVM0k7MMNwn47V3avE60_ndGnwqEpXx8Dk27kV78esK2tW_Aj0vzCIsTM9XRPXzG9JM39zwZLSHkl3he0vtMxLYRAMwIxf9LJs45KJurGUcSdmUL0K0OPAT-lEex5fdrR27R8og4EMnfCJ59_jZ4UbZkLb2dh6JvzaWXjUjl1bGhTlEUgx0et8uT4BPf_hxECvsemCRLxPjpWZ7fA6lBLanrYyt9hES_KDrdneNF7fvWg0-tBsiogl85brEAKRed3TrMlfBwAdJgR-nZq8Q8mKhNR83-V-U&sai=AMfl-YTaBmouOcAKZDQppImMVF6S8gRTx0ONAKYMtSHnW9LzQY9aPp9DQPj8F437_NDlsSaa_7p1CC1_242gEFQQqBkYYXC3OR-nsso0GqqGbT5UDfLJb59FAF_1wEXoYro&sig=Cg0ArKJSzI_OFWoayoBjEAE&adurl=
Frame ID: 4D1083C562A09F58BFF14B924066FDBD
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5CYWL0Fqx2RofwAhkCJ6izMUkPj3z4x-BvLpWADTZ8VZ2ykCqchcKYdigfZboirtBteZPPo8RC8sAUTmduUl2aTR8HOMIq3IUTgZLYWUoNcCG539zsJ4d9meOzVFsM52iptqZLybZiIKKcAbedxnCmv8MQL_bDg4BHnXDvTVkLGt7hO0Nml8JcdRUWbcJ22JXKrq3OLg1gQzJJ1O5v5rKXMcXE9PfpQrw1zZiZNwBYIC9AWlIcesoez2NYYN4_Dji3nRbZfbrCUHl0CSeT0RhmgN5Bsk9ctf2jNRNAivK4SgktHd_f9n6SIE&sai=AMfl-YTWak4cVIfFs9iCL2VchE4uali6DYTVxt-FkjLqnmhjg1AZe7Du6aoNtKOM25uGsDFriuQFptWHFyEyr21Q8xYaenQzXu-jggF_R1DTLq7JnKnUh29dOq1NAdN8dlk&sig=Cg0ArKJSzBXr4bvMYAHZEAE&adurl=
Frame ID: 312F5330D32BABE4FBDEF7BCB06F5576
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 9508F4BB8B6B3BECDD52687465955A38
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fthedp.friends2follow.com
Frame ID: 7A4BD0A0296D785EB9BF30636E05EF22
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F925905214228884&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
Frame ID: 704602C733F12D973842F383D4E1D3C8
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F925905214228884&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
Frame ID: 14FF8504F79C2240A1286F7C9DC5E634
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

128
Requests

100 %
HTTPS

74 %
IPv6

25
Domains

34
Subdomains

32
IPs

3
Countries

3322 kB
Transfer

6035 kB
Size

6
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://thedp.us2.list-manage.com/subscribe?u=a96885e3aa3f8131c872ee329&id=370b4800ba
Title: SUBSCRIBE

Search URL Search Domain Scan URL

URL: https://issuu.com/34st/docs/937_dpdt_20210304_11_c-merged
Title:

Search URL Search Domain Scan URL

URL: https://www.thedp.com/advertise
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.thedp.com/page/terms
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.thedp.com/page/donate
Title: Donate

Search URL Search Domain Scan URL

URL: https://www.thedp.com/page/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://getsnworks.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://secure.adnxs.com/seg?add=9359095&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9359095%26t%3D2

Request Chain 53

https://secure.adnxs.com/seg?add=9396080&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9396080%26t%3D2

128 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.34st.com/ 43 KB
10 KB 803ms
239ms Document
text/html 18.211.38.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.34st.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.211.38.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-211-38-197.compute-1.amazonaws.com

Software

nginx /

Resource Hash

267195b4e1f948b19566c644a8c5d0208ba18eb691988b1ea4d4456392eea7a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.34st.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Sun, 07 Mar 2021 16:53:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-CEO-Verification: b5dfd5e4105a503f8e47e4771799dee8fd4d40de6ceed23cfd8e72013e94e39e
X-SNW-Registration: dpn-34s
X-CEO-Enable-Compatibility: true
X-CEO-Cache-Control: 6666cd76f96956469e7be39d750cc7d9
X-CEO-Cached: true
X-Server: ceofrontend14
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip

GET
H/1.1 200
OK ceo-base.css
www.34st.com/s/ 2 KB
1 KB 189ms
188ms Stylesheet
text/css 18.211.38.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.34st.com/s/ceo-base.css

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.211.38.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-211-38-197.compute-1.amazonaws.com

Software

nginx /

Resource Hash

84f9c105c3b16ac4a510dae6e1f6271f201c3b17e19968e8a73c9c7cd630b32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-SNW-Registration: dpn-34s
X-CEO-Cache-Control: 420db319621dc3bc3fd2ae8d658989d6
Date: Sun, 07 Mar 2021 16:53:08 GMT
Content-Encoding: gzip
X-CEO-Enable-Compatibility: true
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
X-CEO-Cached: true
X-XSS-Protection: 1; mode=block
X-CEO-Verification: b5dfd5e4105a503f8e47e4771799dee8fd4d40de6ceed23cfd8e72013e94e39e
Connection: keep-alive
X-Server: ceofrontend14
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK master.min.css
d8es5520nmizf.cloudfront.net/4bc7b652335d4ccbe0590a87b8ba54ca/dist/css/ 74 KB
14 KB 396ms
144ms Stylesheet
text/css 65.9.23.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d8es5520nmizf.cloudfront.net/4bc7b652335d4ccbe0590a87b8ba54ca/dist/css/master.min.css
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.23.2 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ff8c0d0e0bd1c1b1c15235e3629e1eb665f985e90a96bc614f9170575913b98d

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 10 Feb 2021 07:11:25 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 19 Jun 2020 23:48:29 GMT
Server: AmazonS3
Age: 2194904
ETag: W/"dcffbe1a5a7f319898e6fde22ef1f897"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 3180232852f42d0e8ed2a6999ef03c93.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZAG50-C1
X-Amz-Cf-Id: QYaW1ljG6oDVRjSGztTOcP4jpcX4sZQJK0-0S13ncFuIiX931gGLpQ==

GET
H2 200 ziq1fqf.js Show response
use.typekit.net/ 19 KB
7 KB 43ms
10ms Script
text/javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ziq1fqf.js

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

92f119f596ed65591ddd0791c045a1c4b2efbde9e2ec7b856e8d4f3981b7996c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Sun, 07 Mar 2021 16:53:08 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 7015

GET
H2 200 sharer.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sharer.js/0.3.1/ 5 KB
2 KB 34ms
16ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sharer.js/0.3.1/sharer.min.js

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ec0c64f115b1597b9058cb7774e56a240de29ad3cf40e75c2fb2c49fc5338a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6170911
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1375
cf-request-id: 08af3472ee0000d6e9f119c000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fce-140c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kbl2VhRTxn6bW1ekigQAJNj93Xgz6Jo5Z1JwByD%2BGBJQnF2ZyP5CkcyobeHUq%2BRQ7WOs6BzyMGq2u6ksIyqukXUmAbm%2BBIJC%2B6Ht88squQiaWr988b4%2F4fX%2BHe4pTYsqXg%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62c55697ee50d6e9-FRA
expires: Fri, 25 Feb 2022 16:53:08 GMT

GET
H/1.1 200
OK master-min.js Show response
d8es5520nmizf.cloudfront.net/4bc7b652335d4ccbe0590a87b8ba54ca/dist/js/ 561 B
1 KB 390ms
134ms Script
application/javascript 65.9.23.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d8es5520nmizf.cloudfront.net/4bc7b652335d4ccbe0590a87b8ba54ca/dist/js/master-min.js
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.23.2 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4592216ca0c1354735c9d85ebc2a90666fc547087f11e1cec9df4f206c5c62e4

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 10 Feb 2021 05:04:16 GMT
Via: 1.1 996a6dcadb486dbb9da5040a9ab13af3.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 19 Jun 2020 23:48:30 GMT
Server: AmazonS3
Age: 2202533
ETag: "58fdf4f82a62dc40ea580a3b0a3e57f6"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=2592000
X-Amz-Cf-Pop: ZAG50-C1
Accept-Ranges: bytes
Content-Length: 561
X-Amz-Cf-Id: Z-k6WhlMIF90KgOiOWH0auYV-L7oeNkisJQIOx1WRgIr4h_VLCIEdw==

GET
H/1.1 200
OK 34st-logotype.svg
d8es5520nmizf.cloudfront.net/4bc7b652335d4ccbe0590a87b8ba54ca/dist/img/ 4 KB
2 KB 135ms
133ms Image
image/svg+xml 65.9.23.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d8es5520nmizf.cloudfront.net/4bc7b652335d4ccbe0590a87b8ba54ca/dist/img/34st-logotype.svg
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.23.2 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7cfe91cf9e016980de76d9aae9787b53d95062fb9e5ea9dc5cd1b3e2d471ff20

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 10 Feb 2021 01:22:53 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 09 Feb 2021 20:40:13 GMT
Server: AmazonS3
Age: 2215816
ETag: W/"ab8d82c3027cf2edf0995e939d4f417d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: image/svg+xml
Via: 1.1 3180232852f42d0e8ed2a6999ef03c93.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZAG50-C1
X-Amz-Cf-Id: 6WbMCjYHu8KNExOPwB4kY8qOVl0cSzxlUfsCz8qaIiN9Q3mn34l86A==

GET
H2 200 page_1_thumb_large.jpg
image.issuu.com/210304201809-6db61bb9092fdac4c2cdb189ec879d8b/jpg/ 10 KB
11 KB 24ms
6ms Image
image/jpeg 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.issuu.com/210304201809-6db61bb9092fdac4c2cdb189ec879d8b/jpg/page_1_thumb_large.jpg
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 756f7b7a6673fae6482c0f112672855dad18f1f475533fb445f0752077640370

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 246894
x-cache: HIT, HIT
content-length: 10398
x-amz-id-2: MP71Hu5tYis7diM9saMOAwUQvHOJwDygXMwQCvR5rKmt6/aoSTyuf1tdTD/veAT9K97XUQXNAN0=
x-served-by: cache-bwi5127-BWI, cache-hhn4037-HHN
last-modified: Thu, 04 Mar 2021 20:18:13 GMT
server: AmazonS3
x-timer: S1615135989.866984,VS0,VE1
etag: "73add4891ddfbcac7649f1989cf06554"
x-amz-request-id: CPZV2MEJ7VT12696
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 1, 1

GET
H2 200 b21b89d5-bf9f-42c5-ba42-7ed1ab782f36.sized-1000x1000.jpg
snworksceo.imgix.net/dpn-34s/ 22 KB
22 KB 42ms
12ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snworksceo.imgix.net/dpn-34s/b21b89d5-bf9f-42c5-ba42-7ed1ab782f36.sized-1000x1000.jpg?w=800

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

b8c33f9f6ee597b155bbe34ccab3a2d0e55329919e98fad8b0fce81169e65006

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 05:03:13 GMT
server: imgix
age: 301795
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 3b1dfd25c0a4498edf1ec00bddb808a2d6b8dc15
accept-ranges: bytes
content-length: 22332
x-served-by: cache-sjc10055-SJC, cache-fra19177-FRA

GET
H2 200 edd5fc0f-1ca0-4d0c-ba34-252002e298f2.sized-1000x1000.png
snworksceo.imgix.net/dpn-34s/ 21 KB
21 KB 189ms
160ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snworksceo.imgix.net/dpn-34s/edd5fc0f-1ca0-4d0c-ba34-252002e298f2.sized-1000x1000.png?w=800

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

3ede266c5f4dc2bdb36c3e9d4f7b5c1f71bd32d9c42cae330fe5105c559cc80c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 05:03:13 GMT
server: imgix
age: 301795
x-cache: HIT, MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 54d435092d07df803522a369abdf4bdda8f06e5c
accept-ranges: bytes
content-length: 21412
x-served-by: cache-sjc10071-SJC, cache-fra19177-FRA

GET
H2 200 d4cd591d-7c40-4bd8-b6b1-ba354918d9ea.sized-1000x1000.jpg
snworksceo.imgix.net/dpn-34s/ 46 KB
46 KB 194ms
164ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snworksceo.imgix.net/dpn-34s/d4cd591d-7c40-4bd8-b6b1-ba354918d9ea.sized-1000x1000.jpg?w=800

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

e0c1fa7b0a60e874c8d1e5a10d29383725f088f1cd4fdc4eef66bf18f21aae7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:06:38 GMT
server: imgix
age: 279990
x-cache: HIT, MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: ecc5f8f143aae1c37c8a0b61b406b11d9be2119c
accept-ranges: bytes
content-length: 46673
x-served-by: cache-sjc10058-SJC, cache-fra19177-FRA

GET
H/1.1 200
OK SNWorks.svg
d8es5520nmizf.cloudfront.net/4bc7b652335d4ccbe0590a87b8ba54ca/dist/img/ 15 KB
7 KB 254ms
128ms Image
image/svg+xml 65.9.23.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d8es5520nmizf.cloudfront.net/4bc7b652335d4ccbe0590a87b8ba54ca/dist/img/SNWorks.svg
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.23.2 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7727d977fa39f40c2d319f2aaa6d290f6fda454be7929c3f5370e04ab718292c

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 10 Feb 2021 03:47:23 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 19 Jun 2020 23:48:29 GMT
Server: AmazonS3
Age: 2207147
ETag: W/"edcfd473018d598c56385c11047a6ac0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: image/svg+xml
Via: 1.1 996a6dcadb486dbb9da5040a9ab13af3.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZAG50-C1
X-Amz-Cf-Id: Y4qnIWMXgAAHIGloMLphQ_moJQ28J3l8WNQO2DNiXkj3SwVDxldupQ==

GET
H/1.1 200
OK ads.js Show response
d8es5520nmizf.cloudfront.net/4bc7b652335d4ccbe0590a87b8ba54ca/dist/js/ 114 B
623 B 137ms
136ms Script
application/javascript 65.9.23.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d8es5520nmizf.cloudfront.net/4bc7b652335d4ccbe0590a87b8ba54ca/dist/js/ads.js
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.23.2 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d987eed73fafe2f6d7390243623f3547ddf7489c70f45c7949008bea05fe1b36

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 10 Feb 2021 02:32:56 GMT
Via: 1.1 996a6dcadb486dbb9da5040a9ab13af3.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 09 Feb 2021 20:40:15 GMT
Server: AmazonS3
Age: 2211612
ETag: "bfd1eee7159e05620e41738fa66dd2b9"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=2592000
X-Amz-Cf-Pop: ZAG50-C1
Accept-Ranges: bytes
Content-Length: 114
X-Amz-Cf-Id: 2RYyMYJZodDgAB4_CAaT0TUlGhAFXpYcXenwnVKPk5VwHW68GUKyRw==

GET
H/1.1 200
OK e.js Show response
www.34st.com/b/ 1004 B
1 KB 383ms
383ms Script
text/javascript 18.211.38.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.34st.com/b/e.js

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.211.38.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-211-38-197.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8c11f38b1438802b90b6ffa6092a21782684654c3b967297eaf0c26574ff95f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Mar 2021 16:53:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 82 KB
33 KB 40ms
18ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TP7BVQ2

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d75983aed79b205bf45ca8b5af192a7cb3f0e91d872e8cd9cf19693f18912bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33353
x-xss-protection: 0
last-modified: Sun, 07 Mar 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 07 Mar 2021 16:53:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 27ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3032
date: Sun, 07 Mar 2021 16:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sun, 07 Mar 2021 18:02:36 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 42ms
16ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

76608ec15e1dea101d8a39f181db44181947fd060f773761eb01b49f27109ad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: CXBDKx+Z9gggFogMRjbjgQ==
cross-origin-resource-policy: cross-origin
expires: Sun, 07 Mar 2021 16:57:59 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: +Xhf5SYYHgoxNPwVtb5EjPRdFFrtqcsbymaqSDLZy+UmkDxGtC/OH1cRaVYDZ2aYjf+lbNJVQ9kA4D6dUfaiKA==
x-fb-trip-id: 664085054
x-fb-content-md5: 6a611ad4d85a6718086a34d898f8e74c
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 07 Mar 2021 16:53:08 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
etag: "eb00d488ecd35a276c75cfd3447e7e50"
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK 5 Show response
thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/ Frame 4137 47 KB
8 KB 723ms
173ms Document
text/html 34.206.127.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.127.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-127-213.compute-1.amazonaws.com

Software

Apache /

Resource Hash

357532c7ab4e7263ca751ac10eeb4c3dc0a901da2c5de01709128f61966e22f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff

Request headers

Host: thedp.friends2follow.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.34st.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.34st.com/

Response headers

Accept-Ranges: bytes
Age: 116
Cache-Control: no-cache, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 07 Mar 2021 16:53:09 GMT
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Server: Apache
Vary: Accept-Encoding
Via: 1.1 varnish
X-Content-Type-Options: nosniff nosniff
X-Varnish: 3236714072 3236707238
X-Varnish-Cache: HIT
Content-Length: 8097
Connection: keep-alive

GET
H2 200 092a1f76-5f6d-46cd-ae02-a40b5ac38db2.sized-1000x1000.jpeg
snworksceo.imgix.net/dpn-34s/ 66 KB
66 KB 175ms
174ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snworksceo.imgix.net/dpn-34s/092a1f76-5f6d-46cd-ae02-a40b5ac38db2.sized-1000x1000.jpeg?w=800

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

23e7d4b8ec4c855b7a9b9ab3ffec672623bafec5a7f5c5b4effd8e72d47e278c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:09 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Mar 2021 18:08:34 GMT
server: imgix
age: 168275
x-cache: HIT, MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 6110060df7ee76082bd96f605834dcf00eab129a
accept-ranges: bytes
content-length: 67560
x-served-by: cache-sjc10067-SJC, cache-fra19177-FRA

GET
H2 200 7b9e4078-7669-471e-b801-3a84f0efcc20.sized-1000x1000.PNG
snworksceo.imgix.net/dpn-34s/ 43 KB
44 KB 165ms
164ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snworksceo.imgix.net/dpn-34s/7b9e4078-7669-471e-b801-3a84f0efcc20.sized-1000x1000.PNG?w=800

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

ff9cebade2da3e0a2d879691d0540a47f8a77129ac734d4193a329fa87a6a95c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:09 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Mar 2021 17:02:06 GMT
server: imgix
age: 172262
x-cache: HIT, MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: af6a63b86ecadc89c5d6938656e48a00d3fb877b
accept-ranges: bytes
content-length: 44414
x-served-by: cache-sjc10055-SJC, cache-fra19177-FRA

GET
H2 200 14e03ff5-5ee7-4454-95f3-47da109627e8.sized-1000x1000.png
snworksceo.imgix.net/dpn-34s/ 71 KB
71 KB 13ms
12ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snworksceo.imgix.net/dpn-34s/14e03ff5-5ee7-4454-95f3-47da109627e8.sized-1000x1000.png?w=800

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

41c6da77d77cffa41861bdd90ae709a70ad4f23c6d2ec051a59103dd0f566e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:08 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Mar 2021 08:04:18 GMT
server: imgix
age: 204530
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 66b41871fe0c06e6c6e916e4bd426b0ad42479c5
accept-ranges: bytes
content-length: 72666
x-served-by: cache-sjc10036-SJC, cache-fra19177-FRA

GET
H2 200 984572b9-308c-4f62-93a6-61472eb44c87.sized-1000x1000.jpg
snworksceo.imgix.net/dpn-34s/ 41 KB
41 KB 13ms
11ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snworksceo.imgix.net/dpn-34s/984572b9-308c-4f62-93a6-61472eb44c87.sized-1000x1000.jpg?w=800

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

eb5b5bfea09af0d58057cb8a1159ed0ad9d9f58c1a053d1baafc5e7c0eb1af1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 23:04:35 GMT
server: imgix
age: 236913
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: c6cc67ce515093609e6802f73064fceb01d0b9e8
accept-ranges: bytes
content-length: 42207
x-served-by: cache-sjc10068-SJC, cache-fra19177-FRA

GET
H2 200 6b5586e7-e1d9-42f5-9020-65b083044207.sized-1000x1000.png
snworksceo.imgix.net/dpn-34s/ 85 KB
86 KB 296ms
295ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snworksceo.imgix.net/dpn-34s/6b5586e7-e1d9-42f5-9020-65b083044207.sized-1000x1000.png?w=800

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

9bd289fe9457f6fca4b7fa73dd8f7a6c31d9818693481b2fa1e3e778383b6bc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 17:03:16 GMT
server: imgix
age: 258593
x-cache: HIT, MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 82751a6fe46f0f1a4f751dc95fd2edeec7a79aac
accept-ranges: bytes
content-length: 87394
x-served-by: cache-sjc10064-SJC, cache-fra19177-FRA

GET
H2 200 4a749781-6f71-46d2-ba9d-88031411b35c.sized-1000x1000.jpeg
snworksceo.imgix.net/dpn-34s/ 101 KB
101 KB 197ms
196ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snworksceo.imgix.net/dpn-34s/4a749781-6f71-46d2-ba9d-88031411b35c.sized-1000x1000.jpeg?w=800

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

9acc0508e702ffc94446e64d52286fb014defe050b4cb4a24109f922dfa6d6a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 13:05:24 GMT
server: imgix
age: 272864
x-cache: HIT, MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 16de948fd4735b2a89e826b6a62bcc1bfe33cc62
accept-ranges: bytes
content-length: 103051
x-served-by: cache-sjc10029-SJC, cache-fra19177-FRA

GET
H2 200 211eda6e-56d7-4ab6-b02e-f6fa26875e4b.sized-1000x1000.jpeg
snworksceo.imgix.net/dpn-34s/ 70 KB
70 KB 13ms
12ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snworksceo.imgix.net/dpn-34s/211eda6e-56d7-4ab6-b02e-f6fa26875e4b.sized-1000x1000.jpeg?w=800

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

eae0a7a4a49aab7a0917d81a455debd0b245183287b2ef78a94eb7206a66f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 01:21:39 GMT
server: imgix
age: 315089
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: e441cf188270f30911706f6b0d61b688f787b098
accept-ranges: bytes
content-length: 71561
x-served-by: cache-sjc10042-SJC, cache-fra19177-FRA

GET
H2 200 5e28f5e9-cdf8-4764-813c-d0c79ccd20e3.sized-1000x1000.png
snworksceo.imgix.net/dpn-34s/ 73 KB
74 KB 13ms
12ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snworksceo.imgix.net/dpn-34s/5e28f5e9-cdf8-4764-813c-d0c79ccd20e3.sized-1000x1000.png?w=800

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

33420032025be92c6989f6824252d8db1c3bb6209891f8e1b8d4764cf38705bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Mar 2021 22:02:52 GMT
server: imgix
age: 327016
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 1477036016797f52cda76578b1554e0a377af880
accept-ranges: bytes
content-length: 75100
x-served-by: cache-sjc10049-SJC, cache-fra19177-FRA

GET
H2 200 34ST Show response
us-central1-web-services-dp.cloudfunctions.net/dropcap/ 4 KB
2 KB 147ms
113ms XHR
application/json 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-web-services-dp.cloudfunctions.net/dropcap/34ST
Requested by: Host: d8es5520nmizf.cloudfront.net
URL: https://d8es5520nmizf.cloudfront.net/4bc7b652335d4ccbe0590a87b8ba54ca/dist/js/master-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: c956c60a313b79f354d38ca57b691af87e2011b01119eab507ad72515c879ddd

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:28:29 GMT
content-encoding: gzip
server: Google Frontend
age: 1480
x-powered-by: Express
etag: W/"fe6-QR52knYCnWa2ThB7SzOqfCsP63g"
user-agent: DP-Dropcap
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 995c51b80811977632ec29b9eb93f0bb
cache-control: public, max-age=600, s-maxage=1800
function-execution-id: bqmwcwru1y6c
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1585

GET
H2 200 btp.js Show response
www.rtb123.com/tags/773F3C17-7C67-20A7-40A0-F1BBB5264072/ 4 KB
910 B 605ms
192ms Script
application/javascript 67.225.220.126
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rtb123.com/tags/773F3C17-7C67-20A7-40A0-F1BBB5264072/btp.js
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.220.126 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: aa27f6140ef05882ffafa3a531f56d0222553e38477e037310a43c80b6e2391b

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Sun, 07 Mar 2021 16:53:09 GMT
content-encoding: gzip
last-modified: Fri, 17 May 2019 16:49:53 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "804eaa8cd0cd51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 708

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
207 B 14ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1128836784&t=pageview&_s=1&dl=https%3A%2F%2Fwww.34st.com%2F&ul=en-us&de=UTF-8&dt=34th%20Street%20Magazine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2117216456&gjid=1474458069&cid=1321348729.1615135989&tid=UA-707447-2&_gid=1441764975.1615135989&_r=1&_slc=1&z=331571489

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Mar 2021 16:53:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.34st.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 197 KB
60 KB 42ms
14ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=343e9c46fe15bc30773042c1d1c01e89&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b787dab85c8eef1f68c7d93568de391a264ed065f5fc66718468351ac9326fc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.34st.com
Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 2moios+q88QZF53ky2IQDg==
cross-origin-resource-policy: cross-origin
expires: Mon, 07 Mar 2022 13:00:36 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60547
x-fb-rlafr: 0
x-fb-debug: 58UDmwAALEPOHvEIUHKOi1zlXfkxef3If543vAFe9AtWJxS8TFk0PwBfZx3kPVlWQN5YO5FJCy6akKeHAabZsQ==
x-fb-trip-id: 664085054
x-fb-content-md5: 0fb3387cfef3abc88af27ae82ea78f46
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 07 Mar 2021 16:53:09 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
etag: "52d15a51406acf0237cc4a5e115a9c29"
timing-allow-origin: *
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 41ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-707447-2&cid=1321348729.1615135989&jid=2117216456&gjid=1474458069&_gid=1441764975.1615135989&_u=IEBAAEAAAAAAAC~&z=78279515

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 07 Mar 2021 16:53:09 GMT
content-type: text/plain
access-control-allow-origin: https://www.34st.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 l
use.typekit.net/af/740b38/000000000000000000012500/27/ 37 KB
37 KB 112ms
82ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/740b38/000000000000000000012500/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 849eb578891d83f8262c8eb06fe113ef6b0c2db18e8d48540aeb6d4b97f43bee

Request headers

Origin: https://www.34st.com
Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:09 GMT
server: nginx
etag: "41389daa972c9297d8dd47bffd350f8825826929"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 37872

GET
H2 200 l
use.typekit.net/af/e61d82/0000000000000000000124fe/27/ 39 KB
39 KB 56ms
26ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e61d82/0000000000000000000124fe/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 412640f6199d6b01cf7a8b621d0edcccb49775de74e4dd430a210f9fbe2d9ad3

Request headers

Origin: https://www.34st.com
Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:09 GMT
server: nginx
etag: "3451a1f3b439e3e9e091f68beee925ae9470b002"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 39764

GET
H2 200 l
use.typekit.net/af/63cd12/0000000000000000000124ff/27/ 33 KB
33 KB 63ms
33ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/63cd12/0000000000000000000124ff/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7ccb245308f9b91dc424715958420a2ced0d1d9dccb3335b1cda35167d9814fc

Request headers

Origin: https://www.34st.com
Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:09 GMT
server: nginx
etag: "3ca04309952e1b7be1b5a0aadf86add19a6e852c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 33632

GET
H2 200 l
use.typekit.net/af/e614cb/0000000000000000000124fd/27/ 32 KB
32 KB 65ms
35ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e614cb/0000000000000000000124fd/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 84d4a2dc02914908eb5d9449575cac928c8264f72e754c56ef3579f9b197a854

Request headers

Origin: https://www.34st.com
Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:09 GMT
server: nginx
etag: "384e16773296f22d09373a3274f7ea85ad33dcd4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 32316

GET
H2 200 l
use.typekit.net/af/2cd6bf/00000000000000000001008f/27/ 46 KB
46 KB 38ms
9ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2cd6bf/00000000000000000001008f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a870f8c0efeb6e2f998fdf7dc1c4f9c074f7de696ea4043602e1677d1d34c062

Request headers

Origin: https://www.34st.com
Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:09 GMT
server: nginx
etag: "dd5b169fb4bedb60e8626027fdc93f0b1be2f4fb"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 47172

GET
H2 200 l
use.typekit.net/af/309dfe/000000000000000000010091/27/ 42 KB
42 KB 36ms
7ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/309dfe/000000000000000000010091/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6d4a0784c2c235c723466def715d53fd223024601c3c54bbc3944e27697b8b7d

Request headers

Origin: https://www.34st.com
Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:09 GMT
server: nginx
etag: "e7811049bfa1845589c42f0b31c9740a16cee93a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 43068

GET
H2 200 l
use.typekit.net/af/9b05f3/000000000000000000013365/27/ 50 KB
51 KB 42ms
13ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/9b05f3/000000000000000000013365/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 81dc8f18ee8963fb2044f24d94196da40185e1387ccf9cfc46c3183594109868

Request headers

Origin: https://www.34st.com
Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:09 GMT
server: nginx
etag: "22520917f01d8d34c0dcc1417c749962b8a47011"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 51500

GET
H2 200 l
use.typekit.net/af/ae4f6c/000000000000000000010096/27/ 73 KB
73 KB 48ms
20ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ae4f6c/000000000000000000010096/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4ffcd198554ff7c94d76cb678ae1a4cd8544e64a4b61d5c5eb563ef360ad061d

Request headers

Origin: https://www.34st.com
Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:09 GMT
server: nginx
etag: "a6094d3b0b9610bca7d041a6bb6011aa335d9368"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 74476

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 57 KB
20 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e94f4426e2a0165d50a9b25f375357ef06922ad522ca096a5ed3f83efd5b4e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "804 / 133 of 1000 / last-modified: 1614985848"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19735
x-xss-protection: 0
expires: Sun, 07 Mar 2021 16:53:09 GMT

GET
H2 200 pubads_impl_2021030201.js Show response
securepubads.g.doubleclick.net/gpt/ 282 KB
100 KB 299ms
102ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

cd482357c0415690fe23972a4b6c62f0cdeebaa29f66bf2851bbeaed4450b982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 09:37:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101677
x-xss-protection: 0
expires: Sun, 07 Mar 2021 16:53:09 GMT

GET
H2 200 p.gif
p.typekit.net/ 35 B
182 B 23ms
6ms Image
image/gif 2a02:26f0:7100:295::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=ziq1fqf&ht=tk&h=www.34st.com&f=9674.9675.9676.9677.10879.10881.10884.10886&a=230034&js=1.20.0&app=typekit&e=js&_=1615135989350
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:295::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:09 GMT
last-modified: Wed, 02 Sep 2020 04:04:42 GMT
server: nginx
etag: "5f4f19da-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 35

GET
H/1.1 200
OK friends2follow_socialstack.min.css
thedp.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 4137 70 KB
10 KB 188ms
187ms Stylesheet
text/css 34.206.127.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.css?v=20210224

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.127.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-127-213.compute-1.amazonaws.com

Software

Apache /

Resource Hash

41cb85c8ba888ce669493d3f362a368882fdce9ab0e0b676dee0ad46e2e8ef17

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: HIT
Date: Sun, 07 Mar 2021 16:53:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 448
Connection: keep-alive
Content-Length: 10159
Last-Modified: Thu, 25 Feb 2021 15:11:30 GMT
Server: Apache
Vary: Accept-Encoding
X-Varnish: 3236714080 3236686694
Via: 1.1 varnish
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Type: text/css
Expires: Sun, 21 Mar 2021 16:45:41 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4137 4 KB
1 KB 35ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

016b91219c6ed7712bdfed0dfa714b53c5df005847771cddf79e2a3a5d5679ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thedp.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 07 Mar 2021 15:20:04 GMT
server: ESF
date: Sun, 07 Mar 2021 16:53:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 07 Mar 2021 16:53:09 GMT

GET
H/1.1 200
OK jquery.min.js Show response
thedp.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 4137 91 KB
33 KB 388ms
200ms Script
application/javascript 34.206.127.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210224

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.127.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-127-213.compute-1.amazonaws.com

Software

Apache /

Resource Hash

de71fa7acfd31b2b19a4ee556a3772b9c6fe285606ba65830037a3e0670c3bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: HIT
Date: Sun, 07 Mar 2021 16:53:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 100
Connection: keep-alive
Content-Length: 33080
Last-Modified: Sat, 26 May 2018 17:40:47 GMT
Server: Apache
Vary: Accept-Encoding
X-Varnish: 3236714093 3236707769
Via: 1.1 varnish
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Sun, 21 Mar 2021 16:51:29 GMT

GET
H/1.1 200
OK friends2follow_tracking.min.js Show response
tracking.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 4137 6 KB
2 KB 710ms
167ms Script
application/javascript 34.206.127.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_tracking.min.js?v=20210224

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.127.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-127-213.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e157827ae082f67c8429ef20dd2a914e8391e72db67ddcf32baa2cfe5d44a447

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedp.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: HIT
Date: Sun, 07 Mar 2021 16:53:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 119
Connection: keep-alive
Content-Length: 1599
Last-Modified: Wed, 29 Jan 2020 16:49:38 GMT
Server: Apache
Vary: Accept-Encoding
X-Varnish: 3236714124 3236707117
Via: 1.1 varnish
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Sun, 21 Mar 2021 16:51:10 GMT

GET
H/1.1 200
OK friends2follow_antifraud.min.js Show response
antifraudjs.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 4137 35 KB
11 KB 717ms
176ms Script
application/javascript 34.206.127.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://antifraudjs.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_antifraud.min.js?v=20210224

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.127.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-127-213.compute-1.amazonaws.com

Software

Apache /

Resource Hash

35344c8fadf8cc7e65b9adc5e6f8a6ebaa48548dc006d8066052775b3e209310

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedp.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: HIT
Date: Sun, 07 Mar 2021 16:53:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 79
Connection: keep-alive
Content-Length: 10755
Last-Modified: Thu, 26 Dec 2019 16:40:28 GMT
Server: Apache
Vary: Accept-Encoding
X-Varnish: 3236714123 3236708843
Via: 1.1 varnish
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Sun, 21 Mar 2021 16:51:51 GMT

GET
H/1.1 200
OK friends2follow_socialstack.min.js Show response
thedp.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 4137 96 KB
31 KB 665ms
303ms Script
application/javascript 34.206.127.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.js?v=20210224

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.127.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-127-213.compute-1.amazonaws.com

Software

Apache /

Resource Hash

cf4db0634fb2cbde501a7ef7b0c2768d8ca09a390238e422f4d3f1074f2ee467

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: HIT
Date: Sun, 07 Mar 2021 16:53:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 29
Connection: keep-alive
Content-Length: 31348
Last-Modified: Thu, 14 Jan 2021 17:23:47 GMT
Server: Apache
Vary: Accept-Encoding
X-Varnish: 3236714110 3236712094
Via: 1.1 varnish
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Sun, 21 Mar 2021 16:52:40 GMT

GET
DATA 200
OK truncated
/ Frame 4137 109 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec75f5f81f8d9976ae985ba86f53f9a069e44f1ee66bc3595f97801abf582b3f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4137 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5665f8390a5ed541cbfd66da58c3212dd18a200dc62a0bd6096e9d9cfd3da9c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4137 106 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea0d1ca33f56cc14b2c84dc147ca8af543f22f580e09e537f4f08bf154ad4900

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4137 106 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdb837c261b2b8d8df4b4ec5555bf11d94db7208b96d249037326c5bd87e4c1f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4137 992 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cb85a5c483b78f51de07c46c385e1961790cbfe0059abb8105ee3c6a16f1f6e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=9359095&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9359095%26t%3D2

43 B
1 KB

119ms
118ms

Image
image/gif

37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9359095%26t%3D2

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Mar 2021 16:53:09 GMT
X-Proxy-Origin: 82.102.20.219; 82.102.20.219; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.26:80
AN-X-Request-Uuid: 508d1dc7-b1e5-4b9e-ad93-a76fdedda49b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 07 Mar 2021 16:53:09 GMT
X-Proxy-Origin: 82.102.20.219; 82.102.20.219; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.101:80
AN-X-Request-Uuid: 1c2edf44-0810-49e9-88d2-b6110e7fa2a5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9359095%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=9396080&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9396080%26t%3D2

43 B
1 KB

142ms
142ms

Image
image/gif

37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9396080%26t%3D2

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Mar 2021 16:53:10 GMT
X-Proxy-Origin: 82.102.20.219; 82.102.20.219; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.153:80
AN-X-Request-Uuid: 35cf5963-0aa4-4157-8cc8-dedf32b40008
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 07 Mar 2021 16:53:09 GMT
X-Proxy-Origin: 82.102.20.219; 82.102.20.219; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.103:80
AN-X-Request-Uuid: 778c9858-8f85-435c-bc15-b68b52f43915
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9396080%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 4137 15 KB
15 KB 26ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thedp.friends2follow.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:15:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 513457
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Tue, 01 Mar 2022 18:15:32 GMT

GET
H/1.1 200
OK social.woff2
thedp.friends2follow.com/sites/all/modules/friends2follow/font/ Frame 4137 5 KB
6 KB 332ms
178ms Font
text/plain 34.206.127.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thedp.friends2follow.com/sites/all/modules/friends2follow/font/social.woff2?49894406

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.css?v=20210224

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.127.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-127-213.compute-1.amazonaws.com

Software

Apache /

Resource Hash

3ebd026647714647aaa1e9ce958a12670dee2ff940ac4b334d2d718f780400bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://thedp.friends2follow.com
Referer: https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.css?v=20210224
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: MISS
Date: Sun, 07 Mar 2021 16:53:10 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Fri, 14 Feb 2020 20:14:31 GMT
Server: Apache
Age: 0
X-Varnish: 3236714108
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 5316
Expires: Sun, 21 Mar 2021 16:53:10 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 4137 14 KB
14 KB 31ms
11ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thedp.friends2follow.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 12:56:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 273398
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Fri, 04 Mar 2022 12:56:31 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 36ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.34st.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Mar 2021 16:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 35ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.34st.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Mar 2021 16:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 181 KB
23 KB 411ms
321ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1912356834494735&correlator=1552589801364026&output=ldjh&impl=fifs&vrg=2021030201&ptt=17&sc=1&sfv=1-0-37&ecs=20210307&iu_parts=12234093%2C34st-Leaderboard%2C34st-Top-Rectangle%2C34st-Middle-Rectangle%2C34st-Mobile-Leaderboard&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=728x90%2C300x250%2C300x250%2C320x50%2C300x250%2C300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1615135990&dt=1615135990269&dlt=1615135988439&idt=1322&frm=20&biw=1600&bih=1200&oid=3&adxs=286%2C1285%2C1285%2C-12245933%2C-12245933%2C-12245933&adys=70%2C50%2C315%2C-12245933%2C-12245933%2C-12245933&adks=1431065736%2C1792969111%2C463008574%2C2312306103%2C3386826502%2C899346005&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.34st.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x105%7C300x265%7C300x250%7C0x0%7C0x0%7C0x0&msz=728x-1%7C300x-1%7C300x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1321348729.1615135989&ga_sid=1615135990&ga_hid=1128836784&ga_fc=false&fws=0%2C0%2C0%2C128%2C128%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

be5d0abbc3f855f270c575fab2f765920ef25930531c6d150cc0dee5775afcd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22660
x-xss-protection: 0
google-lineitem-id: 5635154768,5632108496,5631673624,5635154768,5623555884,5630435900
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138342202117,138341748199,138341362158,138342202135,138340695220,138341526994
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.34st.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
9fe50e4502c7e0d80768bc726183f5a9.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 48ms
14ms Other
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://9fe50e4502c7e0d80768bc726183f5a9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 29ms
8ms Other
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK friends2follow_socialstack_on_init.min.js Show response
thedp.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 4137 87 KB
25 KB 185ms
184ms XHR
application/javascript 34.206.127.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack_on_init.min.js

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210224

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.127.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-127-213.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2ef6098b152764c985338092267e7207676c7040d8f12187c4a9b419f1d41e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: HIT
Date: Sun, 07 Mar 2021 16:53:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 393
Connection: keep-alive
Content-Length: 25376
Last-Modified: Wed, 04 Oct 2017 17:48:57 GMT
Server: Apache
Vary: Accept-Encoding
X-Varnish: 3236714138 3236690325
Via: 1.1 varnish
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Sun, 21 Mar 2021 16:46:37 GMT

GET
H2 200 1f4f7.png
twemoji.maxcdn.com/36x36/ Frame 4137 396 B
782 B 273ms
99ms Image
image/png 23.111.9.57
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twemoji.maxcdn.com/36x36/1f4f7.png
Requested by: Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.57 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 6dccdb92ef025cb94a915e2371385bdaa577d821ee00e1492a3f07f597bbcb08

Request headers

Referer: https://thedp.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 6e8d68077358922c10787b44da855fb31b8839a6
date: Sun, 07 Mar 2021 16:53:10 GMT
x-cache: HIT
powered-by: MaxCDN
content-length: 396
last-modified: Fri, 17 Jul 2020 05:18:40 GMT
server: NetDNA-cache/2.2
x-github-request-id: 9D58:12E2F:FD9C4:106FA3:603E9E57
etag: "5f1134b0-18c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
expires: Tue, 06 Apr 2021 16:53:10 GMT

GET
H/1.1 200
OK f2fi.php
tracking.friends2follow.com/ Frame 4137 43 B
383 B 168ms
166ms Image
image/gif 34.206.127.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracking.friends2follow.com/f2fi.php?domain=thedp.friends2follow.com&wi=4&it=108/24013/25786,108/17053/25785,108/24013/25771,108/17053/25768,112/22744/25763,95/9287/25760,108/17053/25752,108/24013/25751,108/24013/25742,108/17053/25740&ti=1615135873&ha=b1dce62d4d8d1f491bb7e0fa3b7ab8bc&fi=35bd3a24aaf29f767e12c4c977ee536a

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.127.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-127-213.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedp.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: MISS
Date: Sun, 07 Mar 2021 16:53:10 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Server: Apache
Age: 0
Content-Type: image/gif
Cache-Control: must-revalidate
X-Varnish: 3236714156
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H/1.1 200
OK masonry.pkgd.min.js Show response
thedp.friends2follow.com/sites/all/modules/friends2follow/js/ Frame 4137 23 KB
7 KB 167ms
167ms XHR
application/javascript 34.206.127.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thedp.friends2follow.com/sites/all/modules/friends2follow/js/masonry.pkgd.min.js

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210224

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.127.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-127-213.compute-1.amazonaws.com

Software

Apache /

Resource Hash

13aebf2418a90a3a408fd528fcf45f90027657e5db7cd180312135b639da37c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: HIT
Date: Sun, 07 Mar 2021 16:53:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 212
Connection: keep-alive
Content-Length: 7034
Last-Modified: Thu, 10 Nov 2016 21:28:54 GMT
Server: Apache
Vary: Accept-Encoding
X-Varnish: 3236714158 3236701678
Via: 1.1 varnish
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Sun, 21 Mar 2021 16:49:39 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame D634 0
0 120ms
119ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmMsuceDv26wfkaIBqYS23WVi23GUybjuM_kMJicIeGC5bgjBUJ2MUofuPqJhlKFTXoH-RyiNR50sDYISmBMEX-tzqkY6TM02sZmcv7VN5KK-ktOL98kUwo1IYqo_4rlEqrNIMEmoBwEsSt5akJ3f7NYM0AtAugwAfzGvKpKH_ux1KjRRxrdnfq25_QYqdfsjl0_xkK0NsB1JHwd5g6ZR3SP8fxMlr8tgBzGh3bDhynKDWZGZiqrA77WgBGLbMiKLbv1iq7ocqofwj4NLqznHSmoQhEWOB9DPBaLphW4WnW74&sai=AMfl-YSkMTP0KWRxKrBpQusgzHrRl-7F4Fy-UDIK5zFT2yKk5Uxe1vYUSqWiEV-Z_dir0ktBLP9yGGURsZkQPB4M_IXtl7XBJGG-1X27hdN60-QYF_t5ycnVmcDqfpPVQRI&sig=Cg0ArKJSzNuZTmHLM0DmEAE&adurl=

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Mar 2021 16:53:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Mar 2021 16:53:10 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame D634 18 KB
8 KB 37ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:50:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 2412555088240638002
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 16:50:47 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame D634 3 KB
2 KB 50ms
35ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 16:47:11 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D634 110 KB
33 KB 46ms
31ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Sun, 07 Mar 2021 16:53:10 GMT

GET
H3-Q050 200 18276823910090463078
tpc.googlesyndication.com/simgad/ Frame D634 99 KB
99 KB 37ms
23ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18276823910090463078

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f83beec92aa924b29c1b4212a2e037ab0a19be69531af923087a358e781daea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 09:07:43 GMT
x-content-type-options: nosniff
age: 200727
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101547
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 17:52:01 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Mar 2022 09:07:43 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A0EF 0
0 117ms
117ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFCoPVi6GktY1__D0Uzg8jPskm8H9UdyKluV9Bm-lF4iuy0sOHqjlyn9hX7l_jA-tSQfDJ7KOIGqLMM0Zp8aemtFY-Dyzzqi4ilPHIexECPaI6gEcVu-X9b4r6Qu9lT08lVpJsbkrlA-GLuXM1AdqG8M1W_249yQcyshxsNRegb6juP0E_UFRhaGDAyJDP0GqUOMRLfWjKWc68ohJSEviAaroPUg5TO7CWnG_q6xGrF0_Up5ziwK94qM4_FYeLNs-70QXIaBswcInlfVFv0NQi-n9ojKYo-j72kL4feV4dtNHRPRCDJlU&sai=AMfl-YTJ2We1O3simRNGUBYrrI95D7wUM9iff0vFWjbzYvMYyLUpCY7aYIm3uPzgxyQPpZewwsjMAIlc8-Mf91UMBbkAjpiiq4kkIZAQuwYVh-dIZLKFCrb4p9ldONjUYco&sig=Cg0ArKJSzD1cnAgC3hlsEAE&adurl=

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Mar 2021 16:53:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Mar 2021 16:53:10 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame A0EF 18 KB
7 KB 34ms
25ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:50:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 2412555088240638002
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 16:50:47 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame A0EF 3 KB
2 KB 31ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 16:47:11 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A0EF 110 KB
34 KB 36ms
27ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Sun, 07 Mar 2021 16:53:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A0EF 0
0 36ms
16ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQJDSB3bj0HE311fvfXozxaAIQRaFjFJVNPZKePdIAx4jTHepZArlTFqptaHwfV8RPPHNsA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 11034281318793152464
tpc.googlesyndication.com/simgad/ Frame A0EF 43 KB
43 KB 34ms
25ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11034281318793152464

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be43554ff7bcbd51cb639a3cb138d1640f6643584f880fa0ff5b7b8853f415b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 21:43:34 GMT
x-content-type-options: nosniff
age: 500976
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43859
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 21:36:22 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Mar 2022 21:43:34 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774803212306"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Sun, 07 Mar 2021 16:53:10 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame FDE0 0
0 124ms
124ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3nTScQJ50BBRYpNtA3Erk2pt7nWNrRVMZ8wyoDCDrFiSLKNH_XUPPl_w4LxjkTdsw4CyKg_ihnWZICngZkZRJvtzXRcJ9Qh9MzWt2FYmLyvV3LZmSM_gQ1sr4jfSdz6v58gkDTQI371SJC4z0F9BpM9hJAZmSo9ZSHsvNEmkGGTMfZLpIDrBnCWn1J-Gz-gqRiSc57q0DjpwwVf0Zq5ghkbaXdogh2AY5A8NkfULz3D_quyEg8xG55I-BP6WO0mxhCw4uW-aDlKU-PiilalRMKh3jApGSw0wM-wsrukSvzUp-EVsBjit8Q-E&sai=AMfl-YTaXTv7_Y5KUA2fUwshmMb6FgVdFdyMvw5gL6LyTDxXKpTEO3xdxR-53tjuVWbl5wxp630PQbQaM58jAPvmq8ezctC9BzU7gi4PgIwDYSxKmPC4_q0oF0_fFhNcbXo&sig=Cg0ArKJSzAOjZ7oDFEx-EAE&adurl=

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Mar 2021 16:53:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Mar 2021 16:53:10 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame FDE0 18 KB
7 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:50:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 2412555088240638002
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 16:50:47 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame FDE0 3 KB
2 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 16:47:11 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FDE0 110 KB
33 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Sun, 07 Mar 2021 16:53:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FDE0 0
0 45ms
41ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQpZiEWCxeBWkalQG5Ye3aiGRVzLxHDj9Wl2F38dgVYMGMnYuGIJVYsfo9t7ieTBt9n79bx
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 9234069541564081024
tpc.googlesyndication.com/simgad/ Frame FDE0 46 KB
47 KB 15ms
12ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9234069541564081024

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6eed98931655debdc89298d0eb310b33425e777578d0d8ca83147885dcdb22bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 11:17:29 GMT
x-content-type-options: nosniff
age: 192941
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47580
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 21:37:51 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Mar 2022 11:17:29 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3042 0
0 125ms
123ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPu2H5IG_Bf0q2g1xJITJ8h_q2x_EfsXKcLCUxPuO9bhb_jByOOTGE1lCdclXbwaYFOF0XNNPYhjYZWLP60GwkyI0GGC2fQa7WB8rONRmlZS5UIuL90FQ3vXRtugiJLwRsF3rPkxrpT0-QSDmfww95U2M4NbJByYE-qIkBtsVvYukwjM_IC63XaV_qcp0IIY2-vAWDLAnsc8hV9gVRNhuQPQfAVvQQCRs2PIl0XFKuwy5k0MAOBbnIq81_J9095fJ2hsujkXL8z1pXFkfcw3zyRSOhsa4uxajzf-ZAAJaJZI1Ls2oa4jhX&sai=AMfl-YQCYfhspC8FjXrZ3mM9pZBYskDCl4ZIhE3Kw2r9Q2pW1ATtDBVQnP80wFvzEDCU6btwUFovHoHh7SuNBcw622AAQhskBqmpH0N6Red6RMmU24ai5KMHT1HUJg4oVlc&sig=Cg0ArKJSzNqzu_-kINB1EAE&adurl=

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Mar 2021 16:53:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Mar 2021 16:53:10 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame 3042 18 KB
7 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:50:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 2412555088240638002
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 16:50:47 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 3042 3 KB
2 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 16:47:11 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3042 110 KB
33 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Sun, 07 Mar 2021 16:53:10 GMT

GET
H3-Q050 200 1329132637944984833
tpc.googlesyndication.com/simgad/ Frame 3042 31 KB
31 KB 11ms
10ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1329132637944984833

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd184e21e5a6a37eaa585cd676af394149c1ebf68f9598bca07945f0bd16351e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:33:44 GMT
x-content-type-options: nosniff
age: 253166
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31923
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 17:52:26 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Mar 2022 18:33:44 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4D10 0
0 134ms
127ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBijo9NHIpsvGcfGlRXXq3bVM0k7MMNwn47V3avE60_ndGnwqEpXx8Dk27kV78esK2tW_Aj0vzCIsTM9XRPXzG9JM39zwZLSHkl3he0vtMxLYRAMwIxf9LJs45KJurGUcSdmUL0K0OPAT-lEex5fdrR27R8og4EMnfCJ59_jZ4UbZkLb2dh6JvzaWXjUjl1bGhTlEUgx0et8uT4BPf_hxECvsemCRLxPjpWZ7fA6lBLanrYyt9hES_KDrdneNF7fvWg0-tBsiogl85brEAKRed3TrMlfBwAdJgR-nZq8Q8mKhNR83-V-U&sai=AMfl-YTaBmouOcAKZDQppImMVF6S8gRTx0ONAKYMtSHnW9LzQY9aPp9DQPj8F437_NDlsSaa_7p1CC1_242gEFQQqBkYYXC3OR-nsso0GqqGbT5UDfLJb59FAF_1wEXoYro&sig=Cg0ArKJSzI_OFWoayoBjEAE&adurl=

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Mar 2021 16:53:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Mar 2021 16:53:10 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame 4D10 18 KB
7 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:50:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 2412555088240638002
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 16:50:47 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 4D10 3 KB
2 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 16:47:11 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D10 110 KB
33 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Sun, 07 Mar 2021 16:53:10 GMT

GET
H3-Q050 200 16899783222252814130
tpc.googlesyndication.com/simgad/ Frame 4D10 61 KB
62 KB 17ms
10ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16899783222252814130

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44ec0683257f8d9d1f4e71bcdbfa2bc03127442ca9ebeed0aa441d0725410cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 23:00:44 GMT
x-content-type-options: nosniff
age: 409946
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62930
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 16:22:26 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 23:00:44 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 312F 0
0 128ms
125ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5CYWL0Fqx2RofwAhkCJ6izMUkPj3z4x-BvLpWADTZ8VZ2ykCqchcKYdigfZboirtBteZPPo8RC8sAUTmduUl2aTR8HOMIq3IUTgZLYWUoNcCG539zsJ4d9meOzVFsM52iptqZLybZiIKKcAbedxnCmv8MQL_bDg4BHnXDvTVkLGt7hO0Nml8JcdRUWbcJ22JXKrq3OLg1gQzJJ1O5v5rKXMcXE9PfpQrw1zZiZNwBYIC9AWlIcesoez2NYYN4_Dji3nRbZfbrCUHl0CSeT0RhmgN5Bsk9ctf2jNRNAivK4SgktHd_f9n6SIE&sai=AMfl-YTWak4cVIfFs9iCL2VchE4uali6DYTVxt-FkjLqnmhjg1AZe7Du6aoNtKOM25uGsDFriuQFptWHFyEyr21Q8xYaenQzXu-jggF_R1DTLq7JnKnUh29dOq1NAdN8dlk&sig=Cg0ArKJSzBXr4bvMYAHZEAE&adurl=

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Mar 2021 16:53:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Mar 2021 16:53:10 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame 312F 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:50:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 2412555088240638002
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 16:50:47 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 312F 3 KB
2 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 16:47:11 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 312F 110 KB
33 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Sun, 07 Mar 2021 16:53:10 GMT

GET
H3-Q050 200 4358238407734098465
tpc.googlesyndication.com/simgad/ Frame 312F 91 KB
91 KB 9ms
7ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4358238407734098465

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75ad6b76f7c47d26bd4b3caa1d8d98232c95733d0904bc0932f41df2ea00abca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 22:25:37 GMT
x-content-type-options: nosniff
age: 152853
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92694
x-xss-protection: 0
last-modified: Fri, 26 Feb 2021 21:48:22 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Mar 2022 22:25:37 GMT

GET
DATA 200
OK truncated
/ Frame A0EF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f53c74bfb39fc5984a06a828bbf484ce47ceebaff888a9df7c5626fc73ee59b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D634 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc3a8ea62a0b56effaaca1d663072bfab25bf1bcf0c1d8d61835dd6bc5914c82

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FDE0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 338627e0cbc994e8f1b2c1892d3c5c490836d844bf89559400094bb10bbfcdcf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK friends2follow_infinitescroll_and_share_follow.min.js Show response
thedp.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 4137 24 KB
13 KB 175ms
174ms XHR
application/javascript 34.206.127.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_infinitescroll_and_share_follow.min.js

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210224

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.127.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-127-213.compute-1.amazonaws.com

Software

Apache /

Resource Hash

479789ebc7c7b79e6b0a3cd5769880403fedb19890b2c1a959cdd9a400f90db3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: HIT
Date: Sun, 07 Mar 2021 16:53:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 291
Connection: keep-alive
Content-Length: 13249
Last-Modified: Wed, 04 Oct 2017 17:48:57 GMT
Server: Apache
Vary: Accept-Encoding
X-Varnish: 1396791875 1396773071
Via: 1.1 varnish
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Sun, 21 Mar 2021 16:48:20 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame D634 0
0 245ms
143ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOu-Pn9pUTiyRuoM4VywOdQBj6UHmqJXlu_6Du64wTZXmcQV3U_kM7vi8s_GLZTWIHcVjqAaBRSn1eizmWFn5wIa9tr3L25jQLrW-1s93t2SwZPuPZtzojgPHSFdbAERMth32uAP2s37_oktRwgVHA8pnW8P4TQ0KPb6NP5Ma9cyIoRqT2bcjJdXFYMPp4btZ0s-HO66aU1JOQ_KUaILf1maIa1PDpPjSzNYz51Id7NbtbwCQSJYQfkKLo1G0guBQJ-FQdsyfCUVh1LTOkiS6YAoa8jZsNbCHAaYJEzwlyVEKdnw&sai=AMfl-YRHi_TC2gikETH8Y-a87SjmWNSOmH1juA1vF5QZQGQiaqikPuZy7irkYY1105QwBSEP10oDC1nZ5Qr4zfF6lspY4e-2cFUFNWelAtl0Bg3RCK3CV9AFIjjiZd4Dsv4&sig=Cg0ArKJSzGYWYENbWzJzEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Mar 2021 16:53:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Mar 2021 16:53:11 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A0EF 0
0 243ms
143ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss95NsHm8gj6hJ06JrGQY3YhH6s-qf-5ATl68xwndOPBN_p8Y_wnICZ_l0FzTbwI42OAaSOdE70D07TJjeYRT-CGs0KjBNUxvMCB0i7htyZhEtuRE5IfK1f87fNLyo-0R6L3spJpH3DF6_s_CebPbJHZLm50LdbBsQUvjkWhWOOFJMeoWsu0Ja5ePqJEkO_Z3Rf6DBk9e46MXWe7K-LfSFJ7PYzg7lfY19DXKLcsHElOSXo9c1C0LfOcXanFIpYURAx-VuyNUQm0y3TIWoIr_DkZkYqYMXPHn6PB5AWd6SQ8hyxLXDFVvmoFA&sai=AMfl-YRUPM-B1i7pcUPh9Z6LL8O4LWfyG5tgK8Awdc5jWYmyWoIEmjq5jCa3G8gYFn3cMqU0PVHjgPUM8IP1Kc3UnWzpeO1QDaSwIWR6CW4TCcfknhC0LNwhILUvTITz9A4&sig=Cg0ArKJSzMg8cNTaUwfdEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Mar 2021 16:53:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Mar 2021 16:53:11 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame FDE0 0
0 242ms
143ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0mcHlg-dJ8oGWBkACUrOtQ5j80GnDr7N7R8OeJvvfS1bMk-x1tNyWYzVzRL5vw7JcOPKsaDa9dekRuOK7Z-lWvnX0lO9EeJAX3_gfDC6MhM7zqnhb_-4AISSLUv5H9yO2KWgMhWZYhdEGL9KEcgTdyL247cUUSJ-fLd4cZpt9_HWuJjQRBRCN1JmthfOGfslBBmjXujDCxOemNe0z5lDjasn29SUxvKNm7qDsxzKfAumar_CNB2yheerRqUxR30yJYghVwh32DEXFU_JqDCfMxB4uGBkrSevhDUqpNBXNdbOPQi-WyYCgmz8GNA&sai=AMfl-YTDWQKnqC1hzZCijpfE8YvTx5QosFl3edeH2b05-V0kHZXsccR3YaDxa5XHch5CWAZVbExYQytMFLALtTnazZMr5BizDqN3RRpTXdhaBRetyfqITTXc6-cBPtnsmBA&sig=Cg0ArKJSzIstFj2on4lbEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Mar 2021 16:53:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Mar 2021 16:53:11 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4D10 0
0 196ms
145ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstn7gYuMiPRMsceiw92wiQ1Da-ENUy2U_nuP1IcXsz3yjjaOoaiTP3wkarLBfG57Ukpby22w9Sf3s3Yi5CJQtw0-dkruIgJV6RVaUEAtXQ8pHpHjhmQclionXD5LYBNDCcz768egaqYZ3FNmfWKvAMap-bFYkZ6UmLAAWul_ISSjo6wcZWy7bv7Nqwne6CwDmhdn3WyJ6mXwkRESa-N9b7kf4IHDx0LD8I4DgqIognLtVEgvZe3wKOj3tZXcjB-fMX4FriFbPVl36fw5fJ_IiRZTfhPSdIJousYIL7u-w42r0zPWES29uf-xA&sai=AMfl-YR-knxQT_p25co65bwqS05fjZWdq5xpGEhU9GyJgTF_lY42MRXVtYunKCPkDqKYUTun1zJFm_t6XTDd1aIFvLIxUNdJwzvXLJ3IJ0vGp--NaPBiKJ2P2yW2KrR7QbU&sig=Cg0ArKJSzA3gSiVn_XSzEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Mar 2021 16:53:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Mar 2021 16:53:11 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 312F 0
0 192ms
143ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaPCaM69uKboxSowClrSc6K4StiULMAOME8aCF4UCH0OSK6C-IXK1gkGrlUzYvjryI08bOERwoJFLwhTAxs1gwRTSOM5SLAJnFzsan91lGHwyIMbPcdlTv6LlcGacghjZni7RZIFenrxkxHczJVRZpcF3maOtPNQIejhThAOAbwVZ8ofQYheKyZ0-QfFnFgPEvAKRACrMsNg-_W5EJy73HTt7qfPzYb0_7Ju9BsVt8B6BFDOWwbrdXxftNLmg6OY41-ojgFqitOw94yv3gomG0XH2kDYRv1h6D430esdQmovVobS5TnNZfx3OcHQ&sai=AMfl-YT-l_70Z8HOVBJyOxWbN6dDIIQnE3c50Mg6V61BNUmNcv-QcCSwWoVFwJJmNYRhvLJw-qoR8Ee5fKkh5TNsHulRfYmjzUU9i2Hz6Zb4LnYXPO3oWon5eEFopMrI41k&sig=Cg0ArKJSzCMYt5zWCVNSEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Mar 2021 16:53:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Mar 2021 16:53:11 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3042 0
0 186ms
144ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscS4MMY5RAtZcLlYCgPvOeSiBm5Zi37A9t0QY7DIbiPY1HHCIH0Sz_8tlFSfAo7H_RCXyw4Zi5pAj3qx-HBoG624xGVZehckPxWdMfH9Wmyfe8KZHuX_Y3g3HZ8cM5eqfzVoot39SVOTMvBEemIMdx6itk3izrKthvNykA_2jQz5dDo_qqh9ujXA3Ilk0ttEuW5yzy-8NAq60Qx94gc7FS3O3PNKuwZA_6aQvDQMV9Z_dy1AcErmNH2lw4Hxj4KsTVPqUZqXOCRYigjvJn6wCaoVMz0peq48-X0VIPBR5cWg34VTGrvxi3yCQ&sai=AMfl-YS1Eq12XPunIMQ-q6QnLV4U2hPxhKmsVIlNEheovCOnwIbF1Pzb5C40b50EhK_FTQObJ5b2yQkhx7wOZ6y7CgBW1-2r67g__R-639wkQ8pwJxym-FPAx4CqrFhJEL8&sig=Cg0ArKJSzMEvgIm7e3SWEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Mar 2021 16:53:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Mar 2021 16:53:11 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 38ms
18ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b3fc1074727786cc7cbc062b032bd641236b498b15abe5fc40f8ee0b65788ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Mar 2021 16:53:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6520
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sun, 07 Mar 2021 16:53:11 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 9508 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.34st.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.34st.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sun, 07 Mar 2021 01:19:32 GMT
expires: Mon, 07 Mar 2022 01:19:32 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 56019
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ Frame 4137 96 KB
29 KB 53ms
12ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B79) /
Resource Hash: 0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500

Request headers

Referer: https://thedp.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 16:53:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 19:22:22 GMT
Server: ECS (amb/6B79)
Age: 69
Etag: "965fcfc23c3459afe3ebf42b92f31e6d+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29026

GET
H2 200 platform.js Show response
apis.google.com/js/ Frame 4137 54 KB
21 KB 52ms
31ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29c2221091bda7b82623054ba28bc28ed592752da15d7db1158f640f94bbb423

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ellcpLQl1GgYnfovkYDRNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thedp.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 16:53:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "623116f45e9f09f5d58245285ae27df0"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-ellcpLQl1GgYnfovkYDRNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sun, 07 Mar 2021 16:53:11 GMT

GET
H3-Q050 200 cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js Show response
pagead2.googlesyndication.com/bg/ Frame 9508 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7018b266b136bf06c53c14bab13f798cea7435a302a32f20e4be7b48d2c7065f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 20:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 72937
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5702
x-xss-protection: 0
expires: Sun, 06 Mar 2022 20:37:34 GMT

GET
H/1.1 200
OK widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html Show response
platform.twitter.com/widgets/ Frame 7A4B 320 KB
104 KB 13ms
13ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fthedp.friends2follow.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC3) /
Resource Hash: a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://thedp.friends2follow.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://thedp.friends2follow.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 336645
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 07 Mar 2021 16:53:11 GMT
Etag: "e9ffeb87a3b6f068499be71966b442d9+gzip"
Last-Modified: Wed, 03 Mar 2021 19:20:25 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BC3)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105690

GET
DATA 200
OK truncated
/ Frame 4137 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 7A4B 183 B
410 B 403ms
209ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=e742b626634cfc94d6ae9158f476ad46f69ce69f

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fthedp.friends2follow.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time: 113
date: Sun, 07 Mar 2021 16:53:11 GMT
content-encoding: gzip
last-modified: Sun, 07 Mar 2021 16:53:11 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: cc6c0177a6b245ca2cc779fa927dd01d
strict-transport-security: max-age=631138519
content-length: 152

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 41ms
41ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030201&jk=1912356834494735&bg=!fX6lfj3NAAWsVXnBrDsAKQB2-Dxaf13XXsiz34oIEsvTj8KwB6yGrGZd13GQk_scMGkdOEahFKUuAgAAAKpSAAAADWgBBwoALca-pMz6oTanjZreY1ClosWUUBjQyNRMMwbq-Um2GnxS4Wxe8tbyvCeIH9HyIZkCIKN8YkqgV2F49YUAyY2O9-f_m7zi0-elCWyM9EJAPxtIGPOVWPGJGHM0NVOcHCMfeuSKEEtKX-Oo2TMVsn3KGkl1yGf6JvGHcWIkcTV1jm5efhZdOLf5807BB2rX4ZM4PFsIMxwbpoupc6nSi6oPhe9xwBU71sElp-JL0jBD96X141E_MiEa2hFvwLUDmxnreZfkleWrmrdf3do8lzPLjTFDWrYLcF9FXx0U7Xu52zGt9DRrwmYTMggsZVqj6BzbJMewyecluJux4z6twqSlPLyDhOnU5eFnDSjUrO5_jNVsNhff2YR5rJgUe0r8JX8NP9RKTBq4s_gjUulUj4QrTfSSOcpSzO_-txNiIDsVzBwP-hGTLzJsodY7oKovLvNzdg831VY3yRRy_4uYawFLC01MS2pLBaoSPuBUIVG9Y__uKehAP9H1fcylojaVhWh1BhioI81Sm4rlbFK8nSOq2lrGyyqq3FLJHHCL8ZANP4xjd0wV-byW8gld3UBmvF12oFFKNc2ifJVJWFkjGKbSiMogE30Tob-ciV7K9rWXVNnFMku8SMQLiFaFp1OY8r6kDDCsBXXdxB1FmAh-yhFs-0ThNn2ZFgnv93Gc8fLGWwbGjF5WSsXvDczhMZ2JoY_5IJ2o7InAxl_l4HFoA2K5MuyDDwgt0PP2s27qkDDccONt4rdMnlJlLZ-F3WzsL5BxJkddeuUlRMyK4lZ3OAvXFqM

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Mar 2021 16:53:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 7046 31 KB
13 KB 80ms
55ms Document
text/html 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F925905214228884&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

741c9b148ab986f48e381c33c60d801d09e36582f7efe124bba8b7b7e60ad2ba

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F925905214228884&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thedp.friends2follow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://thedp.friends2follow.com/

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: wIODMcKkZrPKvBzaMtbfJDOyOOIpXyt9oCStegdEcrMSPRbSZTTm44XxAxqVUsxqOioUr2E5r2q41NTqyW5rkQ==
date: Sun, 07 Mar 2021 16:53:11 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 157503760_916697382418234_3285294982271835132_n.jpg
scontent-iad3-1.cdninstagram.com/v/t51.2885-15/ Frame 4137 43 KB
43 KB 306ms
102ms Image
image/jpeg 2a03:2880:f203:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-1.cdninstagram.com/v/t51.2885-15/157503760_916697382418234_3285294982271835132_n.jpg?_nc_cat=101&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=rvsvWPwqV90AX_AllyF&_nc_ht=scontent-iad3-1.cdninstagram.com&oh=fdd4db9178e6d341e456428edb0d17bf&oe=6068CB27
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f203:c4:face:b00c:0:43fe Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 465ac29c630c5db7eb40d68fc0c66e382fc148a60f0a189dc48db98a8425dd79

Request headers

Referer: https://thedp.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2555844236
date: Sun, 07 Mar 2021 16:53:11 GMT
x-fb-trip-id: 1718053925
last-modified: Fri, 05 Mar 2021 18:08:04 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2678803391
x-fb-config-version-olb-prod: 1038
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44165

GET
H2 200 157272189_1892505510902178_6678693488524852729_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t1.0-9/ Frame 4137 41 KB
41 KB 302ms
97ms Image
image/jpeg 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-1.xx.fbcdn.net/v/t1.0-9/157272189_1892505510902178_6678693488524852729_n.jpg?_nc_cat=109&ccb=1-3&_nc_sid=8024bb&_nc_ohc=mm3KHn-YH1IAX9C5sJz&_nc_ht=scontent-iad3-1.xx&oh=256e98e67fd66279a06f53a7cb5f33ed&oe=60694D1B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 5ec5b978e30f3e14caafdd102e3f31b50ada996a2e28e2d8b1a9dcd1754dd26b

Request headers

Referer: https://thedp.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 848464745
date: Sun, 07 Mar 2021 16:53:11 GMT
x-fb-trip-id: 1814657579
last-modified: Fri, 05 Mar 2021 18:05:04 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1905720914
x-fb-config-version-olb-prod: 1037
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 41795

GET
H2 200 24058800_939739716178767_7505532661457756276_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/ Frame 4137 2 KB
2 KB 327ms
123ms Image
image/jpeg 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/24058800_939739716178767_7505532661457756276_n.jpg?_nc_cat=103&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=qvFrnhp2AkIAX9VCcpT&_nc_ht=scontent-iad3-1.xx&tp=27&oh=eb83774c0f8c127acf0aa67959495019&oe=6069CFBB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 24c89ecfcac3c69b53d3a6db4be20d7ddea7b31700cf705664c66e8b42a55f6d

Request headers

Referer: https://thedp.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 504904109
date: Sun, 07 Mar 2021 16:53:11 GMT
x-fb-trip-id: 1814657579
last-modified: Tue, 28 Nov 2017 15:33:10 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2866039459
x-fb-config-version-olb-prod: 1030
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1643

GET
H2 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 7046 400 B
703 B 12ms
11ms Image
image/png 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F925905214228884&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F925905214228884&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: wIHatqgLxKpJBlkbrP9ZFIfgXjev6IS+Uva6+cYUVV8xkd4zLiMjBevrxLM6DnHT0dBRPGiGKsXW7nQqKyNqxg==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Fri, 26 Feb 2021 00:17:22 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Sat, 26 Feb 2022 00:17:22 GMT

GET
H2 200 fOyZBFTxtPs.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yh/l/en_US/ Frame 7046 479 KB
124 KB 12ms
11ms XHR
application/x-javascript 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yh/l/en_US/fOyZBFTxtPs.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3f3822bbf8b80419340e8e47e67b208cda34befc24ef408c7fa246ee41fa4ad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F925905214228884&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 03:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: kxXVBVACgaHRwVhsEN49AQ==
cross-origin-resource-policy: cross-origin
content-length: 126317
x-fb-rlafr: 0
x-fb-debug: IY7vc+vAJ2F4yffF+3pyCnJ4HlrUsfMkkejS7Xr1JtSdGe2ijrPDD5XNDHb8adVlzrmh6y7T+6MmVzZfj2p05A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 06 Mar 2022 03:13:56 GMT

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 7046 67 B
963 B 30ms
29ms Image
image/png 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1615135991627&t_start=1615135991627&t_domcontent=1615135991648&t_layout=1615135991668&t_onload=1615135991668&t_paint=1615135991668&t_creport=1615135991668&t_tti=1615135991648&lid=6936956261039647447-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F925905214228884&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: pI6hZeyuaGdg52qOhfFNOX+Xdqk9opiKkLAiZ4mdjCrC0Kkr6WJHLkoaw1ALcFrGslfh4JK1FTTTzPvgIkNyVw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 07 Mar 2021 16:53:11 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FDE0 42 B
66 B 67ms
53ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSpokqScdLTK6SGTNCdki88G-1Lh-oeOeQVWXR6QbPONk7_wYdyglezHY6foGI-1ko9W4mwkKJYg2p3tyImn88b0JPLYvL8_dXPkcwYmk&sig=Cg0ArKJSzMTbJUYvUCpKEAE&id=osdim&mcvt=1000&p=315,1285,565,1585&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210303&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=463008574&rs=4&met=mue&la=0&cr=0&osd=0&vs=4&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Mar 2021 16:53:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A0EF 42 B
479 B 65ms
53ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvxHJ2DJIrRRetwdzOVtRdBUZVWsacfwdhuuTnMBBWkwaMtI9xcXAZgEMeJOnXI_RMu3OWdgM4qpaDXjGMnkmSTkX-zOI11lxQATI07YY&sig=Cg0ArKJSzAAk0tlUVIT5EAE&id=osdim&mcvt=1002&p=50,1285,300,1585&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210303&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1792969111&rs=4&met=mue&la=0&cr=0&osd=0&vs=4&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Mar 2021 16:53:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D634 42 B
66 B 65ms
54ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssaS8xsak1UVcTVSqSqQhNprSNEobZGxun9ijD4fzkxG_p48HEWpuECpxvPCm7O83br6me3qBg64KUr_AIpgFTpiJfAL3-jjZNJYDtSad0&sig=Cg0ArKJSzK34Vwj7gC5GEAE&id=osdim&mcvt=1003&p=70,286,160,1014&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20210303&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1431065736&rs=4&met=mue&la=0&cr=0&osd=0&vs=4&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Mar 2021 16:53:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 156606660_1559749600886507_4382396409545853203_n.jpg
scontent-iad3-1.cdninstagram.com/v/t51.2885-15/ Frame 4137 471 KB
472 KB 102ms
102ms Image
image/jpeg 2a03:2880:f203:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-1.cdninstagram.com/v/t51.2885-15/156606660_1559749600886507_4382396409545853203_n.jpg?_nc_cat=100&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=U38tOfXr4cgAX_emvS2&_nc_ht=scontent-iad3-1.cdninstagram.com&oh=a9531743f68f2642fb43665b755be9ae&oe=606A2A45
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f203:c4:face:b00c:0:43fe Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ff4cfb8235f488f14084c12f37999e6a1f872bcc3a58d47401f1393f4349fb79

Request headers

Referer: https://thedp.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 4184392570
date: Sun, 07 Mar 2021 16:53:16 GMT
x-fb-trip-id: 1718053925
last-modified: Thu, 04 Mar 2021 18:56:28 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 999247339
x-fb-config-version-olb-prod: 1038
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 482783

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 14FF 31 KB
12 KB 55ms
55ms Document
text/html 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F925905214228884&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e938ee60cb3a1399fe25702e2d786fee5c514e2b973d1dbb23a6f4a55a14d36e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F925905214228884&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thedp.friends2follow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://thedp.friends2follow.com/

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: A6ikBOn/bcm5oGpcYKoEaXKINf2KPicykOP9k6DKwm5a+/oqsqUCZCW7bFLAj1QjIuHZgswbRAs509wjnK7twQ==
date: Sun, 07 Mar 2021 16:53:21 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 153231766_1886735504812512_2656714356355842370_o.jpg
scontent-iad3-1.xx.fbcdn.net/v/t1.0-9/p720x720/ Frame 4137 160 KB
161 KB 98ms
97ms Image
image/jpeg 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-1.xx.fbcdn.net/v/t1.0-9/p720x720/153231766_1886735504812512_2656714356355842370_o.jpg?_nc_cat=107&ccb=1-3&_nc_sid=8024bb&_nc_ohc=XwWGTkTf3p8AX-u7Iyj&_nc_ht=scontent-iad3-1.xx&tp=6&oh=280965a6278e73817cbd1414b86ee2ea&oe=606BC4B5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d52003a69407fe91a999b3516e2ea8a67d1ed2fd831960dedc2f060e4d374283

Request headers

Referer: https://thedp.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 574195204
date: Sun, 07 Mar 2021 16:53:21 GMT
x-fb-trip-id: 1814657579
last-modified: Fri, 26 Feb 2021 18:53:34 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2200525590
x-fb-config-version-olb-prod: 1037
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 164320

GET
H2 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 14FF 400 B
544 B 11ms
11ms Image
image/png 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F925905214228884&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: wIHatqgLxKpJBlkbrP9ZFIfgXjev6IS+Uva6+cYUVV8xkd4zLiMjBevrxLM6DnHT0dBRPGiGKsXW7nQqKyNqxg==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Fri, 26 Feb 2021 00:17:22 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Sat, 26 Feb 2022 00:17:22 GMT

GET
H2 200 fOyZBFTxtPs.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yh/l/en_US/ Frame 14FF 479 KB
124 KB 12ms
12ms XHR
application/x-javascript 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yh/l/en_US/fOyZBFTxtPs.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3f3822bbf8b80419340e8e47e67b208cda34befc24ef408c7fa246ee41fa4ad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F925905214228884&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 03:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: kxXVBVACgaHRwVhsEN49AQ==
cross-origin-resource-policy: cross-origin
content-length: 126317
x-fb-rlafr: 0
x-fb-debug: IY7vc+vAJ2F4yffF+3pyCnJ4HlrUsfMkkejS7Xr1JtSdGe2ijrPDD5XNDHb8adVlzrmh6y7T+6MmVzZfj2p05A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 06 Mar 2022 03:13:56 GMT

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 14FF 67 B
188 B 39ms
38ms Image
image/png 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1615136001599&t_start=1615136001599&t_domcontent=1615136001603&t_layout=1615136001619&t_onload=1615136001619&t_paint=1615136001619&t_creport=1615136001619&t_tti=1615136001603&lid=6936956304984047138-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F925905214228884&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: RX2M7JdSLm1tPObzIVhMik70ZzUL95HMNisbvXbwhjYKV23NsJ0/m5bcoqmSI5Uj92P4vpBlla0XL3W9DMo3WA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 07 Mar 2021 16:53:21 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 24058800_939739716178767_7505532661457756276_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/ Frame 4137 2 KB
2 KB 97ms
97ms Image
image/jpeg 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/24058800_939739716178767_7505532661457756276_n.jpg?_nc_cat=103&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=qvFrnhp2AkIAX9VCcpT&_nc_ht=scontent-iad3-1.xx&tp=27&oh=eb83774c0f8c127acf0aa67959495019&oe=6069CFBB
Requested by: Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 24c89ecfcac3c69b53d3a6db4be20d7ddea7b31700cf705664c66e8b42a55f6d

Request headers

Referer: https://thedp.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 504904109
date: Sun, 07 Mar 2021 16:53:21 GMT
x-fb-trip-id: 1814657579
last-modified: Tue, 28 Nov 2017 15:33:10 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2866039459
x-fb-config-version-olb-prod: 1030
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1643

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.34st.com/	1970-01-20 02:00:31	Name: __gads Value: ID=7d26430bf969e402-222f0f34b4ba00b4:T=1615135990:S=ALNI_MZfoQsBbpPf4Zi4cXYl62Mm2lM66Q
www.34st.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 68864m68lfc4ths6u72c3j39a6
.34st.com/	1970-01-19 16:38:56	Name: _gat Value: 1
.34st.com/	1970-01-19 16:40:22	Name: _gid Value: GA1.2.1441764975.1615135989
www.34st.com/	1970-01-19 16:40:22	Name: _dpn-34sceoInfo Value: oFoC9G7TFpY7%2FTXg95Oz73KDggyV%2FqKKsaxyAppr%2FR%2Flz31vd7kmF%2F31sRS6PWiSeeG2Ew%3D%3D
.34st.com/	1970-01-20 10:10:07	Name: _ga Value: GA1.2.1321348729.1615135989

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.34st.com/b/e.js(Line 3) Message: Starting integration for dpn-34s
console-api	log	URL: https://www.34st.com/b/e.js(Line 4) Message: FP 9bf7e3df-9ea7-49ff-b3bb-08547141737e
console-api	log	URL: https://www.34st.com/b/e.js(Line 5) Message: REF https://www.34st.com/
console-api	log	URL: https://antifraudjs.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_antifraud.min.js?v=20210224(Line 1) Message: Skipping WebGL fingerprinting because it is not supported in this browser

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9fe50e4502c7e0d80768bc726183f5a9.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
antifraudjs.friends2follow.com
apis.google.com
cdnjs.cloudflare.com
connect.facebook.net
d8es5520nmizf.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
image.issuu.com
p.typekit.net
pagead2.googlesyndication.com
platform.twitter.com
scontent-iad3-1.cdninstagram.com
scontent-iad3-1.xx.fbcdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
snworksceo.imgix.net
stats.g.doubleclick.net
syndication.twitter.com
thedp.friends2follow.com
tpc.googlesyndication.com
tracking.friends2follow.com
twemoji.maxcdn.com
us-central1-web-services-dp.cloudfunctions.net
use.typekit.net
www.34st.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.rtb123.com
104.244.42.72
142.250.186.66
18.211.38.197
2001:4860:4802:36::36
23.111.9.57
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:125e
2a00:1450:4001:802::200a
2a00:1450:4001:803::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2003
2a00:1450:4001:813::2008
2a00:1450:4001:813::200e
2a00:1450:4001:828::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:400c:c0c::9d
2a02:26f0:6c00::210:ba0a
2a02:26f0:7100:295::19fd
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
2a03:2880:f203:c4:face:b00c:0:43fe
2a04:4e42:1b::622
2a04:4e42:3::720
34.206.127.213
37.252.173.38
65.9.23.2
67.225.220.126
016b91219c6ed7712bdfed0dfa714b53c5df005847771cddf79e2a3a5d5679ac
0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
13aebf2418a90a3a408fd528fcf45f90027657e5db7cd180312135b639da37c4
23e7d4b8ec4c855b7a9b9ab3ffec672623bafec5a7f5c5b4effd8e72d47e278c
24c89ecfcac3c69b53d3a6db4be20d7ddea7b31700cf705664c66e8b42a55f6d
267195b4e1f948b19566c644a8c5d0208ba18eb691988b1ea4d4456392eea7a0
29c2221091bda7b82623054ba28bc28ed592752da15d7db1158f640f94bbb423
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ef6098b152764c985338092267e7207676c7040d8f12187c4a9b419f1d41e83
33420032025be92c6989f6824252d8db1c3bb6209891f8e1b8d4764cf38705bf
338627e0cbc994e8f1b2c1892d3c5c490836d844bf89559400094bb10bbfcdcf
35344c8fadf8cc7e65b9adc5e6f8a6ebaa48548dc006d8066052775b3e209310
357532c7ab4e7263ca751ac10eeb4c3dc0a901da2c5de01709128f61966e22f2
3ebd026647714647aaa1e9ce958a12670dee2ff940ac4b334d2d718f780400bf
3ede266c5f4dc2bdb36c3e9d4f7b5c1f71bd32d9c42cae330fe5105c559cc80c
3f3822bbf8b80419340e8e47e67b208cda34befc24ef408c7fa246ee41fa4ad7
412640f6199d6b01cf7a8b621d0edcccb49775de74e4dd430a210f9fbe2d9ad3
41c6da77d77cffa41861bdd90ae709a70ad4f23c6d2ec051a59103dd0f566e3a
41cb85c8ba888ce669493d3f362a368882fdce9ab0e0b676dee0ad46e2e8ef17
44ec0683257f8d9d1f4e71bcdbfa2bc03127442ca9ebeed0aa441d0725410cc4
4592216ca0c1354735c9d85ebc2a90666fc547087f11e1cec9df4f206c5c62e4
465ac29c630c5db7eb40d68fc0c66e382fc148a60f0a189dc48db98a8425dd79
479789ebc7c7b79e6b0a3cd5769880403fedb19890b2c1a959cdd9a400f90db3
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b3fc1074727786cc7cbc062b032bd641236b498b15abe5fc40f8ee0b65788ac
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ffcd198554ff7c94d76cb678ae1a4cd8544e64a4b61d5c5eb563ef360ad061d
5665f8390a5ed541cbfd66da58c3212dd18a200dc62a0bd6096e9d9cfd3da9c7
5ec5b978e30f3e14caafdd102e3f31b50ada996a2e28e2d8b1a9dcd1754dd26b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb85a5c483b78f51de07c46c385e1961790cbfe0059abb8105ee3c6a16f1f6e
6d4a0784c2c235c723466def715d53fd223024601c3c54bbc3944e27697b8b7d
6dccdb92ef025cb94a915e2371385bdaa577d821ee00e1492a3f07f597bbcb08
6eed98931655debdc89298d0eb310b33425e777578d0d8ca83147885dcdb22bb
7018b266b136bf06c53c14bab13f798cea7435a302a32f20e4be7b48d2c7065f
741c9b148ab986f48e381c33c60d801d09e36582f7efe124bba8b7b7e60ad2ba
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
756f7b7a6673fae6482c0f112672855dad18f1f475533fb445f0752077640370
75ad6b76f7c47d26bd4b3caa1d8d98232c95733d0904bc0932f41df2ea00abca
76608ec15e1dea101d8a39f181db44181947fd060f773761eb01b49f27109ad4
7727d977fa39f40c2d319f2aaa6d290f6fda454be7929c3f5370e04ab718292c
7ccb245308f9b91dc424715958420a2ced0d1d9dccb3335b1cda35167d9814fc
7cfe91cf9e016980de76d9aae9787b53d95062fb9e5ea9dc5cd1b3e2d471ff20
81dc8f18ee8963fb2044f24d94196da40185e1387ccf9cfc46c3183594109868
849eb578891d83f8262c8eb06fe113ef6b0c2db18e8d48540aeb6d4b97f43bee
84d4a2dc02914908eb5d9449575cac928c8264f72e754c56ef3579f9b197a854
84f9c105c3b16ac4a510dae6e1f6271f201c3b17e19968e8a73c9c7cd630b32d
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8c11f38b1438802b90b6ffa6092a21782684654c3b967297eaf0c26574ff95f5
92f119f596ed65591ddd0791c045a1c4b2efbde9e2ec7b856e8d4f3981b7996c
9acc0508e702ffc94446e64d52286fb014defe050b4cb4a24109f922dfa6d6a2
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9bd289fe9457f6fca4b7fa73dd8f7a6c31d9818693481b2fa1e3e778383b6bc5
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9ec0c64f115b1597b9058cb7774e56a240de29ad3cf40e75c2fb2c49fc5338a8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a870f8c0efeb6e2f998fdf7dc1c4f9c074f7de696ea4043602e1677d1d34c062
a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138
aa27f6140ef05882ffafa3a531f56d0222553e38477e037310a43c80b6e2391b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b787dab85c8eef1f68c7d93568de391a264ed065f5fc66718468351ac9326fc9
b8c33f9f6ee597b155bbe34ccab3a2d0e55329919e98fad8b0fce81169e65006
be43554ff7bcbd51cb639a3cb138d1640f6643584f880fa0ff5b7b8853f415b4
be5d0abbc3f855f270c575fab2f765920ef25930531c6d150cc0dee5775afcd0
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
c956c60a313b79f354d38ca57b691af87e2011b01119eab507ad72515c879ddd
cd184e21e5a6a37eaa585cd676af394149c1ebf68f9598bca07945f0bd16351e
cd482357c0415690fe23972a4b6c62f0cdeebaa29f66bf2851bbeaed4450b982
cdb837c261b2b8d8df4b4ec5555bf11d94db7208b96d249037326c5bd87e4c1f
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
cf4db0634fb2cbde501a7ef7b0c2768d8ca09a390238e422f4d3f1074f2ee467
d52003a69407fe91a999b3516e2ea8a67d1ed2fd831960dedc2f060e4d374283
d75983aed79b205bf45ca8b5af192a7cb3f0e91d872e8cd9cf19693f18912bd3
d987eed73fafe2f6d7390243623f3547ddf7489c70f45c7949008bea05fe1b36
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
de71fa7acfd31b2b19a4ee556a3772b9c6fe285606ba65830037a3e0670c3bd5
e0c1fa7b0a60e874c8d1e5a10d29383725f088f1cd4fdc4eef66bf18f21aae7a
e157827ae082f67c8429ef20dd2a914e8391e72db67ddcf32baa2cfe5d44a447
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e938ee60cb3a1399fe25702e2d786fee5c514e2b973d1dbb23a6f4a55a14d36e
e94f4426e2a0165d50a9b25f375357ef06922ad522ca096a5ed3f83efd5b4e98
ea0d1ca33f56cc14b2c84dc147ca8af543f22f580e09e537f4f08bf154ad4900
eae0a7a4a49aab7a0917d81a455debd0b245183287b2ef78a94eb7206a66f478
eb5b5bfea09af0d58057cb8a1159ed0ad9d9f58c1a053d1baafc5e7c0eb1af1b
ec75f5f81f8d9976ae985ba86f53f9a069e44f1ee66bc3595f97801abf582b3f
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f53c74bfb39fc5984a06a828bbf484ce47ceebaff888a9df7c5626fc73ee59b5
f83beec92aa924b29c1b4212a2e037ab0a19be69531af923087a358e781daea7
fc3a8ea62a0b56effaaca1d663072bfab25bf1bcf0c1d8d61835dd6bc5914c82
ff4cfb8235f488f14084c12f37999e6a1f872bcc3a58d47401f1393f4349fb79
ff8c0d0e0bd1c1b1c15235e3629e1eb665f985e90a96bc614f9170575913b98d
ff9cebade2da3e0a2d879691d0540a47f8a77129ac734d4193a329fa87a6a95c

www.34st.com Open in urlscan Pro 18.211.38.197 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

128 Requests

100 %HTTPS

74 %IPv6

25 Domains

34 Subdomains

32 IPs

3 Countries

3322 kBTransfer

6035 kBSize

6 Cookies

7 Outgoing links

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.34st.com Open in urlscan Pro
18.211.38.197 Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

100 %
HTTPS

74 %
IPv6

25
Domains

34
Subdomains

32
IPs

3
Countries

3322 kB
Transfer

6035 kB
Size

6
Cookies

128 HTTP transactions
9 data transactions