www.orlytaitzesq.com Open in urlscan Pro
67.20.113.97 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://taitzreport.com/
Effective URL:
http://www.orlytaitzesq.com/
Submission Tags: falconsandbox
Submission: On October 26 via api (October 26th 2020, 10:11:42 am UTC) from US

Summary HTTP 197 Redirects Links 52 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 28 domains to perform 197 HTTP transactions. The main IP is 67.20.113.97, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.orlytaitzesq.com.

This is the only time www.orlytaitzesq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2607:f1c0:100... 2607:f1c0:100f:f000::250	8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48)
27	67.20.113.97 67.20.113.97	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	52.4.145.141 52.4.145.141	14618 (AMAZON-AES) (AMAZON-AES)
2 2	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
2	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
14	2606:4700:10:... 2606:4700:10::ac43:2958	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
2	35.241.35.213 35.241.35.213	15169 (GOOGLE) (GOOGLE)
1 2	193.189.143.34 193.189.143.34	34948 (TYPHON-AS) (TYPHON-AS)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1 4	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.190.66 65.9.190.66	16509 (AMAZON-02) (AMAZON-02)
1	65.9.190.47 65.9.190.47	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
4	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	52.3.114.119 52.3.114.119	14618 (AMAZON-AES) (AMAZON-AES)
4	40.84.148.247 40.84.148.247	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	34.98.126.214 34.98.126.214	15169 (GOOGLE) (GOOGLE)
1	65.9.190.60 65.9.190.60	16509 (AMAZON-02) (AMAZON-02)
1 1	72.21.202.25 72.21.202.25	16509 (AMAZON-02) (AMAZON-02)
1 1	52.14.128.61 52.14.128.61	16509 (AMAZON-02) (AMAZON-02)
1	143.204.208.131 143.204.208.131	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
4	2a00:1450:400... 2a00:1450:4001:815::2010	15169 (GOOGLE) (GOOGLE)
1 43	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
23	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
41	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400c:c04::84	15169 (GOOGLE) (GOOGLE)
1	13.35.253.160 13.35.253.160	16509 (AMAZON-02) (AMAZON-02)
197	30

1 2607:f1c0:100f:f000::250 (United States) 1 redirects

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)

taitzreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 67.20.113.97 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: host2075.hostmonster.com

www.orlytaitzesq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.145.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-145-141.compute-1.amazonaws.com

s.gweini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.21 (United States) 2 redirects

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.228.123 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:10::ac43:2958 (United States)

ASN13335 (CLOUDFLARENET, US)

www.thegatewaypundit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.35.213 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 213.35.241.35.bc.googleusercontent.com

media.breitbart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.189.143.34 (Ankara, Turkey) 1 redirects

ASN34948 (TYPHON-AS, FR)
PTR: www.netvibes.com

www.netvibes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, DE)

us.i1.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

buttons.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.190.66 (Seattle, United States)

ASN16509 (AMAZON-02, US)

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.190.47 (Seattle, United States)

ASN16509 (AMAZON-02, US)

fs.gweini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.114.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-114-119.compute-1.amazonaws.com

www.petition2congress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 40.84.148.247 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ads3.mthsense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.126.214 (United States)

ASN15169 (GOOGLE, US)
PTR: 214.126.98.34.bc.googleusercontent.com

api.lanistaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.190.60 (Seattle, United States)

ASN16509 (AMAZON-02, US)

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.21.202.25 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

cloudfront-labs.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.14.128.61 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-14-128-61.us-east-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.208.131 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-131.fra53.r.cloudfront.net

a867ee162c8ea1fd193d446ab42222743.profile.fra53-c1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:815::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 172.217.23.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8006cf7d3687d5ba633aef2407cf117d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400c:c04::84 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

af1ba2f55bd92e12fe9d8d397864e76a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9ebf52670b792882c5e5f44935721910.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ef2ebc0431bca7f1b91cd6defcbcffca.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
25dd6d3f91070678031188e975226238.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
40b6bdcdddfc0625e5db165fb7eac6d0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.160 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-160.fra6.r.cloudfront.net

d2tbmvllb55wxq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	googlesyndication.com buttons.googlesyndication.com 8006cf7d3687d5ba633aef2407cf117d.safeframe.googlesyndication.com tpc.googlesyndication.com af1ba2f55bd92e12fe9d8d397864e76a.safeframe.googlesyndication.com 9ebf52670b792882c5e5f44935721910.safeframe.googlesyndication.com ef2ebc0431bca7f1b91cd6defcbcffca.safeframe.googlesyndication.com pagead2.googlesyndication.com 25dd6d3f91070678031188e975226238.safeframe.googlesyndication.com 40b6bdcdddfc0625e5db165fb7eac6d0.safeframe.googlesyndication.com	298 KB
27	orlytaitzesq.com www.orlytaitzesq.com	542 KB
25	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net	691 KB
14	thegatewaypundit.com www.thegatewaypundit.com	164 KB
12	googletagservices.com www.googletagservices.com	290 KB
11	ampproject.org cdn.ampproject.org	231 KB
10	google.com 1 redirects adservice.google.com www.google.com	2 KB
6	google.de adservice.google.de	1 KB
5	twitter.com platform.twitter.com syndication.twitter.com	31 KB
4	googleapis.com storage.googleapis.com	1 MB
4	lanistaads.com api.lanistaads.com	1 KB
4	mthsense.com ads3.mthsense.com	14 KB
3	youtube.com www.youtube.com
3	cloudfront.net d31qbv1cthcecs.cloudfront.net a867ee162c8ea1fd193d446ab42222743.profile.fra53-c1.cloudfront.net d2tbmvllb55wxq.cloudfront.net	5 KB
2	google-analytics.com www.google-analytics.com	17 KB
2	netvibes.com 1 redirects www.netvibes.com	1 KB
2	breitbart.com media.breitbart.com	177 KB
2	paypalobjects.com www.paypalobjects.com	2 KB
2	paypal.com 2 redirects www.paypal.com	680 B
2	gweini.com s.gweini.com fs.gweini.com	17 KB
1	googleadservices.com partner.googleadservices.com	410 B
1	a2z.com 1 redirects redirect.prod.experiment.routing.cloudfront.aws.a2z.com	243 B
1	amazonaws.com 1 redirects cloudfront-labs.amazonaws.com	186 B
1	alexametrics.com certify.alexametrics.com	552 B
1	petition2congress.com www.petition2congress.com
1	yimg.com us.i1.yimg.com	2 KB
1	twimg.com pbs.twimg.com	16 KB
1	taitzreport.com 1 redirects taitzreport.com	247 B
197	28

	Domain	Requested by
30	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.orlytaitzesq.com tpc.googlesyndication.com cdn.ampproject.org pagead2.googlesyndication.com
27	www.orlytaitzesq.com	www.orlytaitzesq.com
22	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.orlytaitzesq.com
19	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
14	www.thegatewaypundit.com	www.orlytaitzesq.com
12	www.googletagservices.com	www.orlytaitzesq.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
11	cdn.ampproject.org	securepubads.g.doubleclick.net
7	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
6	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	storage.googleapis.com	ads3.mthsense.com
4	api.lanistaads.com	www.orlytaitzesq.com
4	ads3.mthsense.com	fs.gweini.com
4	platform.twitter.com	www.orlytaitzesq.com platform.twitter.com
3	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
3	www.google.com	1 redirects www.orlytaitzesq.com
3	www.youtube.com	www.orlytaitzesq.com
2	40b6bdcdddfc0625e5db165fb7eac6d0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.orlytaitzesq.com
2	www.netvibes.com	1 redirects www.orlytaitzesq.com
2	media.breitbart.com	www.orlytaitzesq.com
2	www.paypalobjects.com	www.orlytaitzesq.com
2	www.paypal.com	2 redirects
1	d2tbmvllb55wxq.cloudfront.net	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	25dd6d3f91070678031188e975226238.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ef2ebc0431bca7f1b91cd6defcbcffca.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	9ebf52670b792882c5e5f44935721910.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	af1ba2f55bd92e12fe9d8d397864e76a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	8006cf7d3687d5ba633aef2407cf117d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	syndication.twitter.com	www.orlytaitzesq.com
1	a867ee162c8ea1fd193d446ab42222743.profile.fra53-c1.cloudfront.net	www.orlytaitzesq.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	1 redirects
1	cloudfront-labs.amazonaws.com	1 redirects
1	certify.alexametrics.com	www.orlytaitzesq.com
1	www.petition2congress.com	www.orlytaitzesq.com
1	fs.gweini.com	s.gweini.com
1	d31qbv1cthcecs.cloudfront.net	www.orlytaitzesq.com
1	buttons.googlesyndication.com	www.orlytaitzesq.com
1	us.i1.yimg.com	www.orlytaitzesq.com
1	pbs.twimg.com	www.orlytaitzesq.com
1	s.gweini.com	www.orlytaitzesq.com
1	taitzreport.com	1 redirects
197	42

This site contains links to these domains. Also see Links.

Domain
taitzreport.com
www.drtaitz.com
www.taitzofficesuites.com
banned.video
www.thegatewaypundit.com
www.investors.com
www.rasmussenreports.com
twitter.com
help.twitter.com
www.realclearpolitics.com
www.breitbart.com
www.netvibes.com
add.my.yahoo.com
fusion.google.com
www.feedly.com
www.petition2congress.com
petitions.whitehouse.gov
plus.google.com
www.youtube.com
www.facebook.com
www.orlytaitzforussenate2012.com
www.videospromo.com
www.washingtonamerica.com
www.elementsofseo.com
www.drewstauffer.com
www.alibiproductions.com

Subject Issuer	Validity	Valid
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-12`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
*.breitbart.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-23` - `2022-06-27`	2 years	crt.sh
*.netvibes.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-25` - `2021-08-27`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
platform.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-13` - `2021-08-18`	a year	crt.sh
certify.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh

This page contains 30 frames:

Primary Page: http://www.orlytaitzesq.com/
Frame ID: 32D58797DF0F0ED77A4D982574534962
Requests: 63 HTTP requests in this frame

Frame: https://www.youtube.com/embed/E2zjIhEqGIU?feature=oembed
Frame ID: 487F111178D9AF9AAE48D9E24174C714
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/OreNM9NDxlE?rel=0
Frame ID: E0F55F8574D83FFE70C5B1C47D70D4C9
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/948FBVCqTu4?rel=0
Frame ID: 94B9047D6356612B883BC88C9B000C70
Requests: 1 HTTP requests in this frame

Frame: http://www.petition2congress.com/9026/start-immediate-investigation-barack-obamas-use-forged-ids-ct-ssn/wt/?src=widget
Frame ID: 57558C7A1B90BABE653455D1BA006594
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=http%3A%2F%2Fwww.orlytaitzesq.com
Frame ID: 8BA081ABE95E95CA88FFD7F084B82B09
Requests: 1 HTTP requests in this frame

Frame: http://ads3.mthsense.com/RenderAd.aspx?id=727&width=728&height=90
Frame ID: 64F3F3667BE496CA098043FFC0D06170
Requests: 1 HTTP requests in this frame

Frame: http://ads3.mthsense.com/RenderAd.aspx?id=732&width=300&height=250
Frame ID: C46D2DCA2D2B9BF0A98CBA38E89ECE05
Requests: 1 HTTP requests in this frame

Frame: http://ads3.mthsense.com/RenderAd.aspx?id=733&width=300&height=250
Frame ID: B7D3BDD29BAD50CB5F1745ABE9620F1C
Requests: 1 HTTP requests in this frame

Frame: http://ads3.mthsense.com/RenderAd.aspx?id=729&width=728&height=90
Frame ID: D2CC3EDCA8AC5C95D27B7D2B501B3F14
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
Frame ID: 5C1DECA3EC04DA7ACA14DD8B7AD825C2
Requests: 1 HTTP requests in this frame

Frame: http://storage.googleapis.com/rs-static/prebid4.7.0.js
Frame ID: D2C8CA1AE00FD0BDEA4416DFED908530
Requests: 12 HTTP requests in this frame

Frame: http://storage.googleapis.com/rs-static/prebid4.7.0.js
Frame ID: EBF687E2A83A7CE64A11F577E2ADA7AA
Requests: 11 HTTP requests in this frame

Frame: http://storage.googleapis.com/rs-static/prebid4.7.0.js
Frame ID: 5A869F146894A4365EA8E4FBA5B1F7EB
Requests: 11 HTTP requests in this frame

Frame: http://storage.googleapis.com/rs-static/prebid4.7.0.js
Frame ID: D94598B6FE3727DE27687298074B2555
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js
Frame ID: EA21527D4761FEBCDCDF3F042B8F5AF1
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjbOl6itjXulZj2xeizFXztU9JvBhp8kqf9DaS4k9k9rBbO-g8hedbFZC69LG5YbDLOH_N5bEnKrnSn1hWB19eQW8M0B6gsKbxuWJPcaMZ3pSx6zLHlwtbz456u4eSkPVruAH5pSakXBGsDzb0E--dNeyJSw3vqICnv52gCIA0o390ZCmypeX6JxrGxvvo6C8-hOsdp_fv31U2x7Sj9Pd_S4SsWUC_InlEc3K3ZcMCksDxvI2WIQJxkRWG6xsl2NcnASj9jrPH_9Qsh2mkY_eusNg&sig=Cg0ArKJSzOM-pIgG0VdGEAE&urlfix=1&adurl=
Frame ID: BA56164953F0BDA20EBE1920B73945C1
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js
Frame ID: 91F8A67509BD0A39B4EE1F3FCC7B0395
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRi192_m48KVW7T1A4m4dMZveEQqiLKKYnfRuBtSMcn5RofQCmhR8G3T3PuEy8ZPWZhvbCaaFaPljIohxuqKn5GCFnXGUIFFaVjHEzINKon60ls-xVjZjVHnhs1LVqBnobXVmOKzIsAQScmyNGcrB56H_EhmSzbotrPbxsSj8DtVTMMvRE548CLWrO6qphdBuJyn5q1zmEM2uQyNRgUVK_ei6-2oKDVOOqmcFnQQnqhWwyMVUf1aFOjjv5BJvbcHI4yq6FZMjCYvEsDRv9S5CFFIU&sig=Cg0ArKJSzKzfdJDHx912EAE&urlfix=1&adurl=
Frame ID: A45A4227F508F28B17FF5C08ADE5B222
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: CB26AE586A0C02E2236337F04E576B01
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: 4780D3AD9FF910BFE9961B500D2A184D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: 7ACE8D44BD09E59359F38D2FDF22306B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: 8EC7E17B8FE1BCB386650F1F4D30832B
Requests: 1 HTTP requests in this frame

Frame: https://40b6bdcdddfc0625e5db165fb7eac6d0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Frame ID: E0FFC0D84B35DDB29F379886B53EA5BA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvn5jrTSaO-F6Wf73KbmVNzmJvOQlqEXYJJN94J-19N7rV3qdHZC3GWmht73XVxzhMxwmaVw7l7AuKlV-jeB1dK8XD0M3tm6ON-9Tn-id69mvuk_Gj1m_I4m-xCkxaDKvFcd5RM8bicRO-oXEe68grRXLOs08RKhiDap7x5FIWjp-gvkzCpK_RFeC7u5d_bZ83m5xTn60AVbSisIx250staCtjHgqezAUl-CLqGSXSH9p-z-1tg0yY0cGYhhLGWHZDGACH85e4reDbSf6SxMy4dYeM5zw&sig=Cg0ArKJSzEp8mPXSB6ybEAE&urlfix=1&adurl=
Frame ID: 408E9FD89285F2E09DC7A05173925915
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: A9BD3C1B56DDCCAF64F24BE5904884FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/zrt_lookup.html
Frame ID: 412C0F8CE2669F7C8479CFC60D2F1CCB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: 0CCFB426821A91BA11D94E548203EBCF
Requests: 1 HTTP requests in this frame

Frame: https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm
Frame ID: C827CB01E241780101F623686F045C7F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: 17F26F0BEB6C32ADB9D7D13405E2B00F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://taitzreport.com/ HTTP 302
http://www.orlytaitzesq.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

197
Requests

73 %
HTTPS

42 %
IPv6

28
Domains

42
Subdomains

30
IPs

6
Countries

3713 kB
Transfer

6625 kB
Size

9
Cookies

52 Outgoing links

These are links going to different origins than the main page.

URL: http://taitzreport.com/
Title: TaitzReport.com

Search URL Search Domain Scan URL

URL: http://www.drtaitz.com/
Title:

Search URL Search Domain Scan URL

URL: http://www.taitzofficesuites.com/
Title:

Search URL Search Domain Scan URL

URL: https://banned.video/watch?id=5f94e4faa80a7d18716bfd68
Title: https://banned.video/watch?id=5f94e4faa80a7d18716bfd68

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/10/breaking-whistleblower-releases-statement-personally-witnessed-former-vp-joe-biden-involved-deals-hunter-biden/

Search URL Search Domain Scan URL

URL: https://www.investors.com/news/biden-vs-trump-poll-donald-trump-new-high-in-tight-race-ibd-tipp-presidential-poll/
Title: IBD/TIPP

Search URL Search Domain Scan URL

URL: https://www.rasmussenreports.com/public_content/politics/elections/election_2020/white_house_watch_oct21
Title: Rasmussen Reports

Search URL Search Domain Scan URL

URL: https://twitter.com/realDonaldTrump
Title: @realDonaldTrump

Search URL Search Domain Scan URL

URL: https://twitter.com/DrOrlyTaitzEsq/status/1318894676724781057
Title: 5:39 AM · Oct 21, 2020

Search URL Search Domain Scan URL

URL: https://help.twitter.com/using-twitter/how-to-tweet#source-labels
Title: Twitter Web App

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/10/developing-ukrainian-lawmaker-says-government-seized-second-laptop-belonging-hunter-bidens-business-contacts/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/10/sources-tell-fox-news-big-guy-hunter-bidens-emails-proposed-equity-split-reference-joe-biden/

Search URL Search Domain Scan URL

URL: https://www.realclearpolitics.com/epolls/2020/president/us/general_election_trump_vs_biden_vs_jorgensen_vs_hawkins-7225.html
Title: General Election: Trump vs. Biden vs. Jorgensen vs. Hawkins

Search URL Search Domain Scan URL

URL: https://www.investors.com/politics/2020-election-poll-donald-trump-vs-biden-poll-tightens-ibd-tipp/
Title: IBD/TIPP

Search URL Search Domain Scan URL

URL: https://www.realclearpolitics.com/epolls/2020/president/us/general_election_trump_vs_biden-6247.html
Title: General Election: Trump vs. Biden

Search URL Search Domain Scan URL

URL: https://www.rasmussenreports.com/public_content/politics/elections/election_2020/white_house_watch_oct14
Title: Rasmussen Reports

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/10/14/donald-trump-the-bidens-got-rich-while-americans-got-robbed/
Title: TRUMP: ‘THE BIDENS GOT RICH WHILE AMERICANS GOT ROBBED’

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/10/amazing-2000-vehicles-take-part-trump-car-rally-parade-southern-california-los-angeles-beach-towns/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/10/joe-biden-confuses-president-trump-george-bush-4-years-george-uh-george-uh-video/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/10/today-went-trump-rally-democrat-majority-greenwich-ct-wanted-see-one-close-eye-opening-experience/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/10/bidens-staff-told-us-misspoke-joe-biden-confuses-agenda-60-minutes-interview-staff-steps-correct-record-video/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/10/25/joe-biden-donor-rich-goldman-sachs-admits-record-1-6b-bribery-scheme/
Title: JOE BIDEN-DONOR-RICH GOLDMAN SACHS ADMITS TO RECORD $1.6B BRIBERY SCHEME

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/10/reports-wray-hunters-laptop-since-december-kept-secret-president-trump/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/10/watch-trump-plays-biden-hairy-legs-video-new-hampshire-rally/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/10/google-searches-can-change-vote-spike-following-hunter-biden-sex-tape-release/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/10/jewish-trump-supporters-attacked-new-york-city-video/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/10/thousands-supporters-show-president-trumps-off-record-stop-levant-maine-announced-last-minute-video/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/2020-election/2020/10/25/more-than-1000-people-rally-trump-new-jersey/
Title: SILENT MAJORITY: 1,000+ RALLY FOR TRUMP IN NEW JERSEY…135

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/2020-election/2020/10/25/thousands-drive-around-i-275-loop-cincinnati-second-trump-parade/
Title: …CINCINNATI: THOUSANDS DRIVE AROUND I-275 LOOP FOR TRUMP PARADE…167

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/2020-election/2020/10/25/trump-train-parade-cruises-around-northwest-missouri/
Title: …‘TRUMP TRAIN’ PARADE IN MISSOURI…30

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/2020-election/2020/10/25/video-more-1500-cars-line-up-pro-trump-parade-arizona/
Title: …1,500+ CARS LINE UP FOR PRO-TRUMP EVENT IN ARIZONA37

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/clips/2020/10/25/ice-cube-im-not-a-sellout-for-working-with-trump-im-not-playing-politics-with-this/
Title: ICE CUBE: I’M NOT SELLOUT FOR WORKING WITH TRUMP158

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/2020-election/2020/10/25/nolte-post-debate-polls-show-trump-leading-mi-az-fl/
Title: Post-Debate Polls: POTUS Leads FL, MI, AZ

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/10/wow-massive-jewish-trump-supporters-car-parade-brooklyn-bridge-new-york-city/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/10/25/under-trump-america-became-a-net-exporter-of-natural-gas-and-crude-oil-for-the-first-time-in-more-than-fifty-years/
Title: Trump KAG: USA Net Exporter of Natural Gas & Crude Oil for First Time in Over Half Century

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/10/reports-president-trump-adds-maine-visit-sunday-schedule-campaign-stop-follow-new-hampshire-rally/

Search URL Search Domain Scan URL

URL: http://www.netvibes.com/subscribe.php?url=http://www.orlytaitzesq.com/?feed=rss2

Search URL Search Domain Scan URL

URL: http://add.my.yahoo.com/rss?url=http://www.orlytaitzesq.com/?feed=rss2

Search URL Search Domain Scan URL

URL: http://fusion.google.com/add?feedurl=http://www.orlytaitzesq.com/?feed=rss2

Search URL Search Domain Scan URL

URL: http://www.feedly.com/home#subscription/feed/http://www.orlytaitzesq.com/?feed=rss2

Search URL Search Domain Scan URL

URL: http://www.petition2congress.com/18945/ban-importation-200000-syrian-migrants-us/
Title: PETITION TO CONGRESS: Ban importation of 200,000 Syrian migrants into the US

Search URL Search Domain Scan URL

URL: https://petitions.whitehouse.gov/petition/institute-edward-snowden-national-whistleblower-patriots-against-government-corruption-day/Qhjys2vw

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/117378858973367836955/posts/KuCZfqzLPut
Title: CHANNEL (Google Plus)

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/DrOrlyTV
Title: SUBSCRIBE TO YOUTUBE

Search URL Search Domain Scan URL

URL: http://www.facebook.com/orlytaitz?ref=ts

Search URL Search Domain Scan URL

URL: http://www.orlytaitzforussenate2012.com/donateslogan.html

Search URL Search Domain Scan URL

URL: http://www.orlytaitzforussenate2012.com/donate.html
Title: RunOrlyRun.com

Search URL Search Domain Scan URL

URL: http://www.videospromo.com/
Title: Videography by Barbara Rosenfeld

Search URL Search Domain Scan URL

URL: http://www.washingtonamerica.com/
Title:

Search URL Search Domain Scan URL

URL: http://www.elementsofseo.com/
Title: Elements of SEO

Search URL Search Domain Scan URL

URL: http://www.drewstauffer.com/
Title: Website Design

Search URL Search Domain Scan URL

URL: http://www.alibiproductions.com/html/website-development.html
Title: Accessible Website Development

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://taitzreport.com/ HTTP 302
http://www.orlytaitzesq.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif HTTP 301
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

Request Chain 4

https://www.paypal.com/en_US/i/scr/pixel.gif HTTP 301
https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Request Chain 26

http://www.netvibes.com/img/add2netvibes.gif HTTP 301
https://www.netvibes.com/img/add2netvibes.gif

Request Chain 44

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 52

http://www.youtube.com/embed/OreNM9NDxlE?rel=0 HTTP 307
https://www.youtube.com/embed/OreNM9NDxlE?rel=0

Request Chain 53

http://www.youtube.com/embed/948FBVCqTu4?rel=0 HTTP 307
https://www.youtube.com/embed/948FBVCqTu4?rel=0

Request Chain 57

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=277549140&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=OrlyTaitzEsq.com&utmhid=951360605&utmr=-&utmp=%2F&utmht=1603707084534&utmac=UA-38912701-1&utmcc=__utma%3D209516236.1058099512.1603707085.1603707085.1603707085.1%3B%2B__utmz%3D209516236.1603707085.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=34573843&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=277549140&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=OrlyTaitzEsq.com&utmhid=951360605&utmr=-&utmp=%2F&utmht=1603707084534&utmac=UA-38912701-1&utmcc=__utma%3D209516236.1058099512.1603707085.1603707085.1603707085.1%3B%2B__utmz%3D209516236.1603707085.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=34573843&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 69

http://cloudfront-labs.amazonaws.com/x.png HTTP 301
http://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png HTTP 302
http://a867ee162c8ea1fd193d446ab42222743.profile.fra53-c1.cloudfront.net/test.png

Request Chain 146

http://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 189

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9339919749774457&output=html&h=90&slotname=9866181553&adk=2660574010&adf=702193768&pi=t.ma~as.9866181553&w=728&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603707086350&bpp=39&bdt=68&idt=117&shv=r20201021&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dee00f30fc5ddfd7e-22d7523058a600c9%3AT%3D1603707086%3ART%3D1603707086%3AS%3DALNI_MbfEdW6j62jqquAvJNdZK0Xeae1lw&correlator=6094333111511&frm=23&ife=4&pv=2&ga_vid=1058099512.1603707085&ga_sid=1603707085&ga_hid=2124243796&ga_fc=1&iag=255&icsg=2218&nhd=4&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=11190&biw=1600&bih=1200&isw=728&ish=90&ifk=2772832079&scr_x=0&scr_y=0&eid=21066706%2C44730557&oid=3&pvsid=165275665450370&pem=426&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.8kunsg4bpz21&btvi=1&fsb=1&dtd=138 HTTP 302
https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm

197 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.orlytaitzesq.com/
Redirect Chain

http://taitzreport.com/
http://www.orlytaitzesq.com/

110 KB
37 KB

2034ms
1923ms

Document
text/html

67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: f00c9596328ad3cf83c7da4bb46cd2d69098938eae4db128ea8066e1c585daca

Request headers

Host: www.orlytaitzesq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:22 GMT
Server: Apache
Link: <http://www.orlytaitzesq.com/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=15
Date: Mon, 26 Oct 2020 10:11:21 GMT
Server: Apache/2.4.10 (Debian)
Cache-Control: no-cache
Location: http://www.orlytaitzesq.com

GET
H/1.1 200
OK style.min.css
www.orlytaitzesq.com/wp-includes/css/dist/block-library/ 52 KB
10 KB 349ms
343ms Stylesheet
text/css 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Jun 2020 14:37:37 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=75
Content-Length: 9824

GET
H/1.1 200
OK si_captcha.js Show response
www.orlytaitzesq.com/wp-content/plugins/si-captcha-for-wordpress/captcha/ 685 B
707 B 308ms
302ms Script
application/javascript 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/wp-content/plugins/si-captcha-for-wordpress/captcha/si_captcha.js?ver=1603707083
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: c52d8ecaada50da7a9739ca285872b431fad51042eccf398e2c2ecad8013880b

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Mar 2018 19:48:30 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=75
Content-Length: 380

GET
H/1.1 200
OK gweiniClientV1.php Show response
s.gweini.com/ 8 KB
1 KB 266ms
236ms Script
text/html 52.4.145.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://s.gweini.com/gweiniClientV1.php?ClientID=PUB_ID&group=GPOrlyTaitz
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 52.4.145.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-145-141.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 070d4dea9892475272d9fa96611644f5cdb3abdc8bc1e5124e80ad7c8daca3ba

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Content-Length: 1140
Content-Type: text/html; charset=UTF-8

GET
H2

200

btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/
Redirect Chain

https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

1 KB
2 KB

30ms
30ms

Image
image/webp

104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

7ee6e85a2f79ff3a3acc9655f71db591b468f6db903542ad66aff7451779f2ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:24 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 1483
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=43200
last-modified: Fri, 08 May 2020 01:21:37 GMT
content-length: 1412
server: Akamai Image Manager
expires: Mon, 26 Oct 2020 22:11:24 GMT

Redirect headers

date: Mon, 26 Oct 2020 10:11:24 GMT
via: 1.1 varnish, 1.1 varnish
x-timer: S1603707084.236727,VS0,VE151
x-served-by: cache-lhr7324-LHR, cache-hhn4066-HHN
status: 301
x-cache: MISS, MISS
location: https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: e0a4da0453d2d
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes, bytes
dc: phx-origin-www-2.paypal.com
content-length: 0
x-cache-hits: 0, 0

GET
H2

200

pixel.gif
www.paypalobjects.com/en_US/i/scr/
Redirect Chain

https://www.paypal.com/en_US/i/scr/pixel.gif
https://www.paypalobjects.com/en_US/i/scr/pixel.gif

43 B
279 B

21ms
20ms

Image
image/gif

104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:24 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 56
strict-transport-security: max-age=31536000
content-type: image/gif
status: 200
cache-control: private, no-transform, max-age=43200
last-modified: Fri, 08 May 2020 01:21:33 GMT
content-length: 43
server: Akamai Image Manager
expires: Mon, 26 Oct 2020 22:11:24 GMT

Redirect headers

date: Mon, 26 Oct 2020 10:11:24 GMT
via: 1.1 varnish, 1.1 varnish
x-timer: S1603707084.417423,VS0,VE152
x-served-by: cache-lhr7342-LHR, cache-hhn4066-HHN
status: 301
x-cache: MISS, MISS
location: https://www.paypalobjects.com/en_US/i/scr/pixel.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: eff050b756c13
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes, bytes, bytes
dc: phx-origin-www-1.paypal.com
content-length: 0
x-cache-hits: 0, 0

GET
H/1.1 200
OK 1Apple3b.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/11/ 41 KB
41 KB 183ms
176ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/11/1Apple3b.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: a3ef56776059c63a9cfc3942da96551853ab111d06ddb378a086c1ee77141283

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 42198

GET
H/1.1 200
OK 1Office4a.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/11/ 34 KB
34 KB 171ms
164ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/11/1Office4a.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 1665506ab8c83c485ed0a0b961e152b4208458f871b04399ffc5018baf316200

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 34330

GET
H2 200 hunter-joe-kazakhstan-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 7 KB
7 KB 776ms
752ms Image
image/jpeg 2606:4700:10::ac43:2958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/hunter-joe-kazakhstan-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ed130995eeb31a7d818aa6d143da8ea048b842d99de4c01141e0897ec75f221

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=7449
status: 200
content-length: 6972
cf-request-id: 0605fd36980000c29fc3858000000001
last-modified: Tue, 20 Oct 2020 17:18:03 GMT
server: cloudflare
etag: "5f8f1bcb-1d19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5e83649dbecdc29f-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 comedycentral_thecolbertreport_0510103_v6_bigger.jpg
pbs.twimg.com/profile_images/633988514/ 16 KB
16 KB 39ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/633988514/comedycentral_thecolbertreport_0510103_v6_bigger.jpg

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A3) /

Resource Hash

55dd134081762cd1177a66a82e74d7fccd238870f486f0a38ef7a4495166ace9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:24 GMT
x-content-type-options: nosniff
age: 599006
x-cache: HIT
status: 200
content-length: 16298
x-response-time: 125
surrogate-key: profile_images profile_images/bucket/7 profile_images/633988514
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (fcn/41A3)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7d9ee2c927ef90de46b590382403fc45
accept-ranges: bytes

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.orlytaitzesq.com/wp-includes/js/ 14 KB
5 KB 165ms
159ms Script
application/javascript 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Jun 2020 14:37:37 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 4928

GET
H2 200 derkach-ukraine-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 13 KB
14 KB 767ms
744ms Image
image/jpeg 2606:4700:10::ac43:2958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/derkach-ukraine-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d89ee98004331e32a57c863f687fd488d8afa6b3ea0b4b4d1bfb88b3d7cdc1

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
cf-cache-status: REVALIDATED
cf-polished: degrade=85, origSize=16363
status: 200
content-length: 13743
cf-request-id: 0605fd36980000c29f8b037000000001
last-modified: Thu, 10 Oct 2019 15:28:33 GMT
server: cloudflare
etag: "5d9f4e21-3feb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5e83649dbecec29f-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 IMG_7230-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 10 KB
10 KB 737ms
714ms Image
image/jpeg 2606:4700:10::ac43:2958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/IMG_7230-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e50327f98aa82193d5b6217e95ba526c07bbc81ff0dd50a650007cecd23f935

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
cf-cache-status: REVALIDATED
cf-polished: degrade=85, origSize=15788
status: 200
content-length: 9806
cf-request-id: 0605fd36980000c29f8bb37000000001
last-modified: Fri, 27 Sep 2019 23:40:08 GMT
server: cloudflare
etag: "5d8e9dd8-3dac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5e83649dced1c29f-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 rally-4-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 15 KB
15 KB 47ms
24ms Image
image/jpeg 2606:4700:10::ac43:2958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/rally-4-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b952500941a6e13a5d568af224c0a6f89dd38b51c9a4ee991e00284c8ad83bb

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:24 GMT
cf-cache-status: HIT
age: 1120
cf-polished: origSize=15956
status: 200
content-length: 15163
cf-request-id: 0605fd369c0000c29fdc974000000001
last-modified: Mon, 26 Oct 2020 00:32:22 GMT
server: cloudflare
etag: "5f961916-3e54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5e83649dced4c29f-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 IMG_5920-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 8 KB
8 KB 39ms
23ms Image
image/jpeg 2606:4700:10::ac43:2958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/IMG_5920-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd7df62a132da5e5383148c765e1249afa304c9c5a66447cbc7fff9b02f24769

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:24 GMT
cf-cache-status: HIT
age: 1277
cf-polished: origSize=8550
status: 200
content-length: 7815
cf-request-id: 0605fd36990000c29f068cb000000001
last-modified: Mon, 26 Oct 2020 01:15:06 GMT
server: cloudflare
etag: "5f96231a-2166"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5e83649dced2c29f-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 rally-greenwich-CT-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 15 KB
15 KB 27ms
24ms Image
image/jpeg 2606:4700:10::ac43:2958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/rally-greenwich-CT-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8a7a887757fecf184c23287fee3b0812e4490bf7000359ac4c7ffcc9383564b

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:24 GMT
cf-cache-status: HIT
age: 788
cf-polished: origSize=15724
status: 200
content-length: 14913
cf-request-id: 0605fd369c0000c29f92230000000001
last-modified: Mon, 26 Oct 2020 02:17:29 GMT
server: cloudflare
etag: "5f9631b9-3d6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5e83649dcee9c29f-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 IMG_5930-2-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 6 KB
6 KB 33ms
31ms Image
image/jpeg 2606:4700:10::ac43:2958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/IMG_5930-2-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cffdcd84f83d2e322a082e2ec4e2325548ec38aaead3e1acbdfe06dca5ef568e

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:24 GMT
cf-cache-status: HIT
age: 1678
cf-polished: origSize=6347
status: 200
content-length: 5859
cf-request-id: 0605fd369d0000c29f8ebe9000000001
last-modified: Mon, 26 Oct 2020 01:51:20 GMT
server: cloudflare
etag: "5f962b98-18cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5e83649dceecc29f-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 chris-wray--360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 11 KB
11 KB 22ms
20ms Image
image/jpeg 2606:4700:10::ac43:2958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/chris-wray--360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8d61d17162d32a3f60801ee590653dcda65c14e719f203758b8dcd6ee47d958

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:24 GMT
cf-cache-status: HIT
age: 789
cf-polished: status=not_needed
status: 200
content-length: 10799
cf-request-id: 0605fd369d0000c29fb9241000000001
last-modified: Fri, 25 Jan 2019 20:24:11 GMT
server: cloudflare
etag: "5c4b706b-2a2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5e83649dcef0c29f-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 2-26-360x188.jpeg
www.thegatewaypundit.com/wp-content/uploads/ 9 KB
9 KB 713ms
711ms Image
image/jpeg 2606:4700:10::ac43:2958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/2-26-360x188.jpeg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 105de5812e37aa90fd719ea86e76a57357531b5f9502215d5817d6d3ada58f1e

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=9433
status: 200
content-length: 8970
cf-request-id: 0605fd369d0000c29fc0b0d000000001
last-modified: Sun, 25 Oct 2020 18:26:55 GMT
server: cloudflare
etag: "5f95c36f-24d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5e83649dcef1c29f-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 hb-2-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 23 KB
23 KB 30ms
27ms Image
image/jpeg 2606:4700:10::ac43:2958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/hb-2-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4f827e4cc6cb17fed503066b19e089e5507305d90d5b052a35c299372bf736e

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:24 GMT
cf-cache-status: HIT
age: 494
cf-polished: degrade=85, origSize=34764
status: 200
content-length: 23385
cf-request-id: 0605fd369e0000c29fc3859000000001
last-modified: Tue, 15 Oct 2019 19:28:35 GMT
server: cloudflare
etag: "5da61de3-87cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5e83649dcef2c29f-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Trump-Jewish-Supporters-Attacked-NYC-Scanner-Twitter-Screen-Image-10252020-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 12 KB
12 KB 28ms
25ms Image
image/jpeg 2606:4700:10::ac43:2958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/Trump-Jewish-Supporters-Attacked-NYC-Scanner-Twitter-Screen-Image-10252020-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7857372d2cc409977aab9f98daba85e9f79a89813e94669e2fc0df89faaf8c27

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:24 GMT
cf-cache-status: HIT
age: 1405
cf-polished: origSize=12287
status: 200
content-length: 11897
cf-request-id: 0605fd369e0000c29f9ebf8000000001
last-modified: Sun, 25 Oct 2020 18:41:34 GMT
server: cloudflare
etag: "5f95c6de-2fff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5e83649dcef3c29f-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 IMG_5906-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 10 KB
11 KB 27ms
25ms Image
image/jpeg 2606:4700:10::ac43:2958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/IMG_5906-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e893411e83c7c6f5e7cb56845949c8bfe1b735562c0e3b3ab966bff9178aa5b8

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:24 GMT
cf-cache-status: HIT
age: 466
cf-polished: origSize=11078
status: 200
content-length: 10595
cf-request-id: 0605fd369e0000c29f982af000000001
last-modified: Sun, 25 Oct 2020 21:17:30 GMT
server: cloudflare
etag: "5f95eb6a-2b46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5e83649dcef5c29f-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Trump-Rally-in-Michigan-640x480.jpg
media.breitbart.com/media/2020/10/ 55 KB
55 KB 40ms
15ms Image
image/jpeg 35.241.35.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.breitbart.com/media/2020/10/Trump-Rally-in-Michigan-640x480.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.35.213 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.35.241.35.bc.googleusercontent.com
Software: shield /
Resource Hash: 04446668d7fef7a6143cbb65377fe12668569af7ef2eb5c73f2d790f5d68ac01

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:24 GMT
via: 1.1 google, 1.1 google
last-modified: Sun, 18 Oct 2020 01:00:09 GMT
server: shield
etag: "5f8b9399-dcf5"
content-type: image/jpeg
status: 200
cache-control: max-age=31556926
x-shield-request-id: b58da11e580ed680964a4407b6c84b05
accept-ranges: bytes
alt-svc: clear, clear
content-length: 56565

GET
H2 200 Trump-Car-Parade-Brooklyn-Bridge-RealMarkKennedy-Twitter-Screen-Image-10252020-e1603642687215-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 14 KB
14 KB 28ms
26ms Image
image/jpeg 2606:4700:10::ac43:2958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/Trump-Car-Parade-Brooklyn-Bridge-RealMarkKennedy-Twitter-Screen-Image-10252020-e1603642687215-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af432c0e44760f0066d736ac479cf8c709f6b9cfae7edc955a14edddc3617ad1

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:24 GMT
cf-cache-status: HIT
age: 854
cf-polished: origSize=14600
status: 200
content-length: 13892
cf-request-id: 0605fd369f0000c29fffa7e000000001
last-modified: Sun, 25 Oct 2020 16:18:07 GMT
server: cloudflare
etag: "5f95a53f-3908"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5e83649dcef6c29f-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 jeromecover1-640x480.png
media.breitbart.com/media/2020/10/ 122 KB
122 KB 47ms
22ms Image
image/png 35.241.35.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.breitbart.com/media/2020/10/jeromecover1-640x480.png
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.35.213 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.35.241.35.bc.googleusercontent.com
Software: shield /
Resource Hash: 834a44939ada96bbb541032ab6b59aff56d08842786a85c0426337c94e01bb08

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:24 GMT
via: 1.1 google, 1.1 google
last-modified: Sun, 25 Oct 2020 15:10:06 GMT
server: shield
etag: "5f95954e-1e63d"
content-type: image/png
status: 200
cache-control: max-age=31556926
x-shield-request-id: 16c7c4e7dddfbeb13e10fa0bd846089a
accept-ranges: bytes
alt-svc: clear, clear
content-length: 124477

GET
H2 200 IMG_5399-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 10 KB
11 KB 35ms
33ms Image
image/jpeg 2606:4700:10::ac43:2958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/IMG_5399-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5c8456a99c9441d6ef615bd9f4bfff03723342de5ab65689b2fdccc0142bd3d

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:24 GMT
cf-cache-status: HIT
age: 1203
cf-polished: origSize=11025
status: 200
content-length: 10686
cf-request-id: 0605fd369f0000c29fb695a000000001
last-modified: Sun, 25 Oct 2020 14:57:04 GMT
server: cloudflare
etag: "5f959240-2b11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5e83649dcef9c29f-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK rss.png
www.orlytaitzesq.com/wp-includes/images/ 608 B
875 B 334ms
328ms Image
image/png 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-includes/images/rss.png
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Last-Modified: Sun, 05 Jan 2014 06:00:00 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=75
Content-Length: 608

GET
H2

200

add2netvibes.gif
www.netvibes.com/img/
Redirect Chain

http://www.netvibes.com/img/add2netvibes.gif
https://www.netvibes.com/img/add2netvibes.gif

832 B
966 B

70ms
22ms

Image
image/gif

193.189.143.34
TYPHON-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.netvibes.com/img/add2netvibes.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 193.189.143.34 Ankara, Turkey, ASN34948 (TYPHON-AS, FR),
Reverse DNS: www.netvibes.com
Software: nginx /
Resource Hash: 5bf4f0187f8b56b1ecd95eb89dc1cd74ce4c54c9abc47899b2eaa0370b5fff19

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:24 GMT
x-slb: slb1
last-modified: Fri, 03 Apr 2015 14:18:16 GMT
server: nginx
content-type: image/gif
status: 200
x-men: web9
accept-ranges: bytes
content-length: 832

Redirect headers

Location: https://www.netvibes.com/img/add2netvibes.gif
Date: Mon, 26 Oct 2020 10:11:24 GMT
X-slb: slb4
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK addtomyyahoo4.gif
us.i1.yimg.com/us.yimg.com/i/us/my/ 765 B
2 KB 53ms
20ms Image
image/gif 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, DE),
Reverse DNS
Software: ATS /
Resource Hash: e68b2d2efd1b7f25593795d295dece45a1f403e8768ca22a945114ca940c18e9

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Sep 2020 12:35:53 GMT
x-amz-meta-created-date: Wed, 14 Nov 2012 17:41:49 GMT
Age: 2237733
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1352914909579380
Connection: keep-alive
x-amz-request-id: 46627FA86E4FED3D
x-amz-id-2: z5hVljjNQ2Gaypz/8EPIz4Bf3jemQ2+JGBoL4SwXJPc1EvRALhoif0BNVHApwcCdsSdfPbrvj7o=
Accept-Ranges: bytes
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 17 May 2018 13:30:46 GMT
Server: ATS
ETag: "9652eeb62b03f1fbf4d358ea0ce13107"
Vary: Origin
Content-Type: image/gif
Cache-Control: public,max-age=315360000
Content-Length: 765
x-amz-meta-x-ysws-access: public
x-amz-meta-mbst-etag: "YM:1:a7bd8e41-25b9-44bf-917e-b7efec483bac0004ce780c98c874"
Expires: Sun, 14 May 2028 13:30:45 GMT

GET
H/1.1 200
OK add.gif
buttons.googlesyndication.com/fusion/ 2 KB
2 KB 38ms
18ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buttons.googlesyndication.com/fusion/add.gif

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4ee009a24925f6617ea25066e34d260d1e5e22352183e261dd36961bb4dd35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Oct 2019 12:00:00 GMT
Server: sffe
Content-Type: image/gif
Cache-Control: private, max-age=31536000
Accept-Ranges: bytes
Content-Length: 2068
X-XSS-Protection: 0
Expires: Mon, 26 Oct 2020 10:11:24 GMT

GET
H/1.1 200
OK feedly.png
www.orlytaitzesq.com/wp-content/uploads/2013/05/ 2 KB
2 KB 186ms
186ms Image
image/png 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2013/05/feedly.png
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: b73d4a41b76b1acc0796331a2630d5eef972a94183744384eb237161136945e9

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 1662

GET
H/1.1 200
OK Petition2Congress_200px.png
www.orlytaitzesq.com/wp-content/uploads/2015/11/ 4 KB
5 KB 170ms
170ms Image
image/png 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2015/11/Petition2Congress_200px.png
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 2f17ce8bab06450f044c8e5a7867bf0d05ec724fa0bfed2e633488d5633ba9d6

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Last-Modified: Wed, 18 Nov 2015 19:28:43 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 4521

GET
H/1.1 200
OK WethePeople1.jpg
www.orlytaitzesq.com/wp-content/uploads/2013/06/ 25 KB
25 KB 160ms
160ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2013/06/WethePeople1.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 21c4026c2095492e493a113f1774b3a13cf30e19a93a3e346023aa498e750a53

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 25452

GET
H/1.1 200
OK Defend.jpeg
www.orlytaitzesq.com/wp-content/uploads/2013/10/ 2 KB
2 KB 190ms
189ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2013/10/Defend.jpeg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: d9ab4d66d758c1c98f75d9a386e2efea59838d4ea0d6fc956c1bd7a3889159e2

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Last-Modified: Mon, 28 Oct 2013 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 1956

GET
H/1.1 200
OK Ad-1.jpg
www.orlytaitzesq.com/wp-content/uploads/2013/02/ 44 KB
44 KB 159ms
157ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2013/02/Ad-1.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: bb2282739e14d89938d9117cd4ab5bc9252e8f303ec91c8682956a72bb1128d7

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 45118

GET
H/1.1 200
OK OrlyABC1.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/11/ 63 KB
63 KB 168ms
168ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/11/OrlyABC1.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 78e0412848a676ef0f690b7aa8b47f9ff01d023f0a11a7b6f56a738164399c86

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 64632

GET
H/1.1 200
OK 281_DVD-3.jpg
www.orlytaitzesq.com/wp-content/uploads/2014/04/ 46 KB
46 KB 161ms
161ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2014/04/281_DVD-3.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 1d68fb29bbb1da59354b9e0fe7639644a42e13d9e0381005f2b15f801916a24a

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:25 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 47025

GET
H/1.1 200
OK appealing-ad.jpg
www.orlytaitzesq.com/images/ 14 KB
15 KB 174ms
173ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/images/appealing-ad.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: dc8d52ba16a8441eeff66731ec05b9f0e3b7c72f323de71ba01af0e85d7360b5

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:25 GMT
Last-Modified: Sat, 17 Oct 2009 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 14766

GET
H/1.1 200
OK office-ad.jpg
www.orlytaitzesq.com/images/ 14 KB
14 KB 156ms
156ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/images/office-ad.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 42434e578691eac8c007f427b49b962990dd16f8a004acda3a7b2621ac5498d2

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:25 GMT
Last-Modified: Sat, 17 Oct 2009 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 14275

GET
H/1.1 200
OK fame-small.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/06/ 3 KB
4 KB 156ms
156ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/06/fame-small.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 9754802a20e3f412075abbc5d8f1b794001b0cd8ac87441919231de900d818ea

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:25 GMT
Last-Modified: Thu, 30 Jun 2011 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 3530

GET
H/1.1 200
OK Obama-bumper-sticker-Thumbnail.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/06/ 13 KB
13 KB 156ms
156ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/06/Obama-bumper-sticker-Thumbnail.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 763fd8be27755874d97df36c07a55674d6ff6b14c4f206a281f7a4df597ca5da

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:25 GMT
Last-Modified: Tue, 07 Jun 2011 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=70
Content-Length: 13273

GET
H/1.1 200
OK Washington-America-Ad1.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/08/ 4 KB
4 KB 161ms
161ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/08/Washington-America-Ad1.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 7fe5a0b02836ac823b358d3dc460a7c133fe356aa3db085d458a64afaf2cefd6

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:25 GMT
Last-Modified: Thu, 04 Aug 2011 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 3733

GET
H/1.1 200
OK Orlypix1.jpg
www.orlytaitzesq.com/wp-content/uploads/2014/04/ 117 KB
117 KB 185ms
185ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2014/04/Orlypix1.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: b1826a7019dde654654a9df41a108cc9b005cfe74a1f233e5517550e9be78201

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:25 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=70
Content-Length: 120067

GET
H/1.1 200
OK wp-embed.min.js Show response
www.orlytaitzesq.com/wp-includes/js/ 1 KB
1 KB 160ms
159ms Script
application/javascript 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/wp-includes/js/wp-embed.min.js?ver=5.4.2
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Jun 2020 14:37:37 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 782

GET
H/1.1 200
OK style.css
www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/ 13 KB
4 KB 177ms
176ms Stylesheet
text/css 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 1d001ffd8d372613954fdc500d03d6e0c0149dad92455fbde0bb1ecb93f2702b

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jul 2016 17:35:21 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 4281

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 535
date: Mon, 26 Oct 2020 10:02:29 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 26 Oct 2020 12:02:29 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
5 KB 141ms
45ms Script
text/javascript 65.9.190.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.190.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 00:34:48 GMT
Via: 1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 2367397
ETag: "96c08723796affab377d9bb08d631cd0"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Cache-Control: max-age=26920000
X-Amz-Cf-Pop: ZAG50-C1
Accept-Ranges: bytes
Content-Length: 4264
X-Amz-Cf-Id: kWDEkBWu6Mo240LVEUtDZNhlqdRd8ir227FtFwHNke1uhIkzWQltiw==

GET
H/1.1 200
OK gweiniV1_6_1.min.js Show response
fs.gweini.com/ 15 KB
16 KB 104ms
76ms Script
application/javascript 65.9.190.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://fs.gweini.com/gweiniV1_6_1.min.js
Requested by: Host: s.gweini.com
URL: http://s.gweini.com/gweiniClientV1.php?ClientID=PUB_ID&group=GPOrlyTaitz
Protocol: HTTP/1.1
Server: 65.9.190.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c60536e1387fd63f18755c87e9028bc138c1cb11fc77a64a159777aae49a12b5

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 25 Oct 2020 20:13:20 GMT
Via: 1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
Last-Modified: Tue, 28 Jan 2020 19:47:21 GMT
Server: AmazonS3
Age: 50285
ETag: "e7bb56484553f1223fea5d70ca7104f4"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: ZAG50-C1
Accept-Ranges: bytes
Content-Length: 15682
X-Amz-Cf-Id: wHoyxLHQclNaxYlo47j41cKT61BQsngyi8eKIGxzW7ztWmeO7fFGRQ==

GET
H/1.1 200
OK Masthead_Orly_960x244_DOFF.jpg
www.orlytaitzesq.com/wp-content/uploads/2016/06/ 52 KB
52 KB 319ms
313ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2016/06/Masthead_Orly_960x244_DOFF.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 8bd58e04a6241a4b4e7af76e95b37e5903d0008f80ec81926b907eaa8550e458

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Last-Modified: Sat, 11 Jun 2016 15:48:28 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=75
Content-Length: 52821

GET
H2 200 E2zjIhEqGIU
www.youtube.com/embed/ Frame 487F 0
0 113ms
107ms Document
text/html 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/E2zjIhEqGIU?feature=oembed

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/E2zjIhEqGIU?feature=oembed
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
content-length: 10495
cache-control: no-cache
x-content-type-options: nosniff
content-type: text/html; charset=utf-8
content-encoding: br
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
expires: Tue, 27 Apr 1971 19:44:06 GMT
date: Mon, 26 Oct 2020 10:11:24 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=Sj7_nBhiBpw; path=/; domain=.youtube.com; secure; expires=Sat, 24-Apr-2021 10:11:24 GMT; httponly; samesite=None YSC=IeFcml8qInA; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Mon, 26-Oct-2020 10:41:24 GMT VISITOR_INFO1_LIVE=Sj7_nBhiBpw; path=/; domain=.youtube.com; secure; expires=Sat, 24-Apr-2021 10:11:24 GMT; httponly; samesite=None
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK top.gif
www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/ 51 B
317 B 405ms
400ms Image
image/gif 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/top.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: cec0576649667442f929687c183661c292799cb7f46b8e846f80ac0aed007d74

Request headers

Referer: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Last-Modified: Wed, 11 Apr 2012 05:00:00 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=5, max=75
Content-Length: 51

GET
H/1.1 200
OK ul-bullet.gif
www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/ 140 B
381 B 159ms
159ms Image
image/gif 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/ul-bullet.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 87ecb1f5bf30a4f019788a64ac0bc004176a28a539eb37bef3db06e1e44e0351

Request headers

Referer: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:25 GMT
Last-Modified: Wed, 11 Apr 2012 05:00:00 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 140

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 39ms
29ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Content-Encoding: gzip
X-Cache: HIT, HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 28698
X-Served-By: cache-bwi5130-BWI, cache-fra19140-FRA
Last-Modified: Thu, 01 Oct 2020 21:52:09 GMT
Etag: "a671d4d584ef50954e5cebb21da17065+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
Accept-Ranges: bytes
TW-CDN: FT

GET
H2

200

OreNM9NDxlE
www.youtube.com/embed/ Frame E0F5
Redirect Chain

http://www.youtube.com/embed/OreNM9NDxlE?rel=0
https://www.youtube.com/embed/OreNM9NDxlE?rel=0

0
0

107ms
106ms

Document
text/html

2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/OreNM9NDxlE?rel=0

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/OreNM9NDxlE?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
content-encoding: br
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-length: 10378
strict-transport-security: max-age=31536000
cache-control: no-cache
date: Mon, 26 Oct 2020 10:11:24 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=Fpy2Gxn7nIg; path=/; domain=.youtube.com; secure; expires=Sat, 24-Apr-2021 10:11:24 GMT; httponly; samesite=None YSC=z6Fg-rSy73I; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Mon, 26-Oct-2020 10:41:24 GMT VISITOR_INFO1_LIVE=Fpy2Gxn7nIg; path=/; domain=.youtube.com; secure; expires=Sat, 24-Apr-2021 10:11:24 GMT; httponly; samesite=None
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Location: https://www.youtube.com/embed/OreNM9NDxlE?rel=0
Non-Authoritative-Reason: HSTS

GET
H2

200

948FBVCqTu4
www.youtube.com/embed/ Frame 94B9
Redirect Chain

http://www.youtube.com/embed/948FBVCqTu4?rel=0
https://www.youtube.com/embed/948FBVCqTu4?rel=0

0
0

94ms
93ms

Document
text/html

2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/948FBVCqTu4?rel=0

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/948FBVCqTu4?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
expires: Tue, 27 Apr 1971 19:44:06 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
content-type: text/html; charset=utf-8
cache-control: no-cache
strict-transport-security: max-age=31536000
content-length: 8570
x-content-type-options: nosniff
date: Mon, 26 Oct 2020 10:11:24 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=WGhjjYy9QxY; path=/; domain=.youtube.com; secure; expires=Sat, 24-Apr-2021 10:11:24 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Mon, 26-Oct-2020 10:41:24 GMT YSC=7WCtNbefFT4; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=WGhjjYy9QxY; path=/; domain=.youtube.com; secure; expires=Sat, 24-Apr-2021 10:11:24 GMT; httponly; samesite=None
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Location: https://www.youtube.com/embed/948FBVCqTu4?rel=0
Non-Authoritative-Reason: HSTS

GET
H/1.1 404
Not Found Cookie set /
www.petition2congress.com/9026/start-immediate-investigation-barack-obamas-use-forged-ids-ct-ssn/wt/ Frame 5755 0
0 257ms
231ms Document
text/html 52.3.114.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.petition2congress.com/9026/start-immediate-investigation-barack-obamas-use-forged-ids-ct-ssn/wt/?src=widget
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 52.3.114.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-114-119.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Host: www.petition2congress.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.orlytaitzesq.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 740
Connection: keep-alive
Set-Cookie: AWSALB=6UyV1bHC5i/vXlNpxET+Tq4UnMrsZbd5Xt/GYsciSREjnDrmmly/5nd8sdKjcI7UuOSQOZsFiSPHg2Xe/Jjk6Ke2Xvhimj1TYG/ZjRER1ZVzz5QgyCeW4bQgK3mE; Expires=Mon, 02 Nov 2020 10:11:24 GMT; Path=/ AWSALBCORS=6UyV1bHC5i/vXlNpxET+Tq4UnMrsZbd5Xt/GYsciSREjnDrmmly/5nd8sdKjcI7UuOSQOZsFiSPHg2Xe/Jjk6Ke2Xvhimj1TYG/ZjRER1ZVzz5QgyCeW4bQgK3mE; Expires=Mon, 02 Nov 2020 10:11:24 GMT; Path=/; SameSite=None
Server: Apache
Cache-Control: no-cache, private

GET
H/1.1 200
OK bullet.gif
www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/ 49 B
289 B 159ms
158ms Image
image/gif 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/bullet.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 2ef3c331d5dd8cfd7cd4fa8afc1f482b8ba4a8e00a8e110ae7f70e0a6a8e5fe2

Request headers

Referer: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:25 GMT
Last-Modified: Wed, 11 Apr 2012 05:00:00 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 49

GET
H/1.1 200
OK foot.gif
www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/ 50 B
290 B 158ms
157ms Image
image/gif 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/foot.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: b664ef8817f547a6910ae600ea85db4bded2986e4f369f9b7ae5047a0cc81b51

Request headers

Referer: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:25 GMT
Last-Modified: Wed, 11 Apr 2012 05:00:00 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=69
Content-Length: 50

GET
H3-Q050

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=277549140&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=O...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=277549140&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=...

35 B
399 B

41ms
25ms

Image
image/gif

2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=277549140&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=OrlyTaitzEsq.com&utmhid=951360605&utmr=-&utmp=%2F&utmht=1603707084534&utmac=UA-38912701-1&utmcc=__utma%3D209516236.1058099512.1603707085.1603707085.1603707085.1%3B%2B__utmz%3D209516236.1603707085.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=34573843&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Oct 2020 10:11:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=277549140&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=OrlyTaitzEsq.com&utmhid=951360605&utmr=-&utmp=%2F&utmht=1603707084534&utmac=UA-38912701-1&utmcc=__utma%3D209516236.1058099512.1603707085.1603707085.1603707085.1%3B%2B__utmz%3D209516236.1603707085.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=34573843&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H2 200 widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame 8BA0 0
0 55ms
18ms Document
text/html 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=http%3A%2F%2Fwww.orlytaitzesq.com
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=http%3A%2F%2Fwww.orlytaitzesq.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
last-modified: Thu, 01 Oct 2020 21:50:01 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "9fa476ae827f556d5b037fe43632370d+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Mon, 26 Oct 2020 10:11:24 GMT
x-served-by: cache-bwi5123-BWI, cache-fra19170-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 5825

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame 64F3 8 KB
3 KB 267ms
239ms Script
text/html 40.84.148.247
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ads3.mthsense.com/RenderAd.aspx?id=727&width=728&height=90
Requested by: Host: fs.gweini.com
URL: http://fs.gweini.com/gweiniV1_6_1.min.js
Protocol: HTTP/1.1
Server: 40.84.148.247 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2d65381c26070d4eced639cf18ef831c98152f7134a2c58493076ae2ad8fed27

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 3021

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame C46D 8 KB
3 KB 260ms
238ms Script
text/html 40.84.148.247
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ads3.mthsense.com/RenderAd.aspx?id=732&width=300&height=250
Requested by: Host: fs.gweini.com
URL: http://fs.gweini.com/gweiniV1_6_1.min.js
Protocol: HTTP/1.1
Server: 40.84.148.247 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a66a9eb842badbde03b4eea09c267bbacf465b5918ff890a3532a72a29cc41b

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 3022

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame B7D3 8 KB
3 KB 255ms
239ms Script
text/html 40.84.148.247
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ads3.mthsense.com/RenderAd.aspx?id=733&width=300&height=250
Requested by: Host: fs.gweini.com
URL: http://fs.gweini.com/gweiniV1_6_1.min.js
Protocol: HTTP/1.1
Server: 40.84.148.247 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 434ab7929510cf842b41ca73cd3d3aa1386ece90ee900afcd58e824c2afe5cea

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 3023

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame D2CC 8 KB
3 KB 250ms
240ms Script
text/html 40.84.148.247
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ads3.mthsense.com/RenderAd.aspx?id=729&width=728&height=90
Requested by: Host: fs.gweini.com
URL: http://fs.gweini.com/gweiniV1_6_1.min.js
Protocol: HTTP/1.1
Server: 40.84.148.247 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ae8d679563f9dda3e661b8548f5d79ef87157dfbeae8745e9b39dce177832708

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 3021

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
321 B 138ms
115ms Image
image/png 34.98.126.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.lanistaads.com/ServeAd?s=t&AdSize=728x90&SiteID=LCST0701ORLY7281&Zone=ATF&g=774
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 34.98.126.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.126.98.34.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 26 Oct 2020 10:11:24 GMT
Via: 1.1 google
Server: Apache-Coyote/1.1
Access-Control-Allow-Headers: Content-Type
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
321 B 138ms
116ms Image
image/png 34.98.126.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=LCST0401ORLY3001&Zone=ATF&g=761
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 34.98.126.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.126.98.34.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 26 Oct 2020 10:11:24 GMT
Via: 1.1 google
Server: Apache-Coyote/1.1
Access-Control-Allow-Headers: Content-Type
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
321 B 138ms
115ms Image
image/png 34.98.126.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=LCST0401ORLY3002&Zone=ATF&g=511
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 34.98.126.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.126.98.34.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 26 Oct 2020 10:11:24 GMT
Via: 1.1 google
Server: Apache-Coyote/1.1
Access-Control-Allow-Headers: Content-Type
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
321 B 138ms
116ms Image
image/png 34.98.126.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.lanistaads.com/ServeAd?s=t&AdSize=728x90&SiteID=LCST0701ORLY7282&Zone=ATF&g=69
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 34.98.126.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.126.98.34.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 26 Oct 2020 10:11:24 GMT
Via: 1.1 google
Server: Apache-Coyote/1.1
Access-Control-Allow-Headers: Content-Type
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 200 button.63c51c903061d0dbd843c41e8a00aa5a.js Show response
platform.twitter.com/js/ 7 KB
2 KB 18ms
17ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.63c51c903061d0dbd843c41e8a00aa5a.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e0a70c5d116d9c823c7d7958ecea2a7926315fac156e390bd7dc8a5fa088cdc3

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:24 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 2294
x-served-by: cache-bwi5121-BWI, cache-fra19170-FRA
last-modified: Thu, 01 Oct 2020 21:49:51 GMT
etag: "62d4b0301f07768d13f3ee5de8633739+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 117ms
38ms Image
image/gif 65.9.190.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=OrlyTaitzEsq.com&time=1603707084678&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&random_number=13591644127&sess_cookie=2bc9a59617564641f8015405c96&sess_cookie_flag=1&user_cookie=2bc9a59617564641f8015405c96&user_cookie_flag=1&dynamic=true&domain=orlytaitzesq.com&account=FEYuj1aAkN00q1&jsv=20130128&user_lang=en-US
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.190.60 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 25 Oct 2020 14:47:59 GMT
Via: 1.1 375ffc8f2a15d6fd2fa731e1cdf5a737.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 69805
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: ZAG50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: DmfNKc8FDTWEKTgnjzvRj8orH92_A87NT5EtwybMrW_muibdV2gvTA==

GET
H/1.1

200
OK

test.png
a867ee162c8ea1fd193d446ab42222743.profile.fra53-c1.cloudfront.net/
Redirect Chain

http://cloudfront-labs.amazonaws.com/x.png
http://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
http://a867ee162c8ea1fd193d446ab42222743.profile.fra53-c1.cloudfront.net/test.png

58 B
58 B

27ms
8ms

Image
text/plain

143.204.208.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a867ee162c8ea1fd193d446ab42222743.profile.fra53-c1.cloudfront.net/test.png
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 143.204.208.131 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-131.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:25 GMT
Via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
Server: CloudFront
X-Cache: RoutingProfileExp from cloudfront
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 58
X-Amz-Cf-Id: 2sMBFEMYr5VkZ7RgZfRb10VBKA8JIX0sptWv6zxhotPHyewYAgttMg==
Expires: Mon, 26 Oct 2020 10:11:25 GMT

Redirect headers

Access-Control-Allow-Origin: *
Date: Mon, 26 Oct 2020 10:11:25 GMT
Server: Server
Connection: keep-alive
Content-Length: 0
Location: http://a867ee162c8ea1fd193d446ab42222743.profile.fra53-c1.cloudfront.net/test.png

GET
H2 200 tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
platform.twitter.com/widgets/ Frame 5C1D 0
0 18ms
17ms Document
text/html 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
last-modified: Thu, 01 Oct 2020 21:49:58 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "076dccdedb34f3771be52190b917884e+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Mon, 26 Oct 2020 10:11:24 GMT
x-served-by: cache-bwi5136-BWI, cache-fra19170-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 12263

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
361 B 133ms
133ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.orlytaitzesq.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1603707084897%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22ed20a2b%3A1601588405575%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 114
pragma: no-cache
last-modified: Mon, 26 Oct 2020 10:11:24 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 570d9648b0942ee41c399b56441b43ae
x-transaction: 007ff583003abd78
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK prebid4.7.0.js Show response
storage.googleapis.com/rs-static/ Frame D2C8 302 KB
303 KB 14ms
8ms Script
text/javascript 2a00:1450:4001:815::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://storage.googleapis.com/rs-static/prebid4.7.0.js
Requested by: Host: ads3.mthsense.com
URL: http://ads3.mthsense.com/RenderAd.aspx?id=727&width=728&height=90
Protocol: HTTP/1.1
Server: 2a00:1450:4001:815::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 09:18:11 GMT
Age: 3193
X-GUploader-UploadID: ABg5-Uzod-QtgCYJrFb97WvGMMxxCU7pMTzXn6Rg0-ynZJ5ehoiMGovEUWYZ2MiZehxsrHg3wFYhEgDntaLx5kTZq7ax04nwAw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Content-Length: 309272
Last-Modified: Tue, 15 Sep 2020 19:30:03 GMT
Server: UploadServer
ETag: "6093877422c034fe300df8ed44d1e948"
x-goog-hash: crc32c=t+/UZw==, md5=YJOHdCLANP4wDfjtRNHpSA==
x-goog-generation: 1600198203919898
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 309272
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Mon, 26 Oct 2020 10:18:11 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame D2C8 51 KB
18 KB 47ms
41ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26dd03f13f161b7d502fb705aa8b251e9ef2dcb21ba0c4d8e9045d8a144d4c74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "674 / 462 of 1000 / last-modified: 1603705468"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 17616
X-XSS-Protection: 0
Expires: Mon, 26 Oct 2020 10:11:24 GMT

GET
H/1.1 200
OK prebid4.7.0.js Show response
storage.googleapis.com/rs-static/ Frame EBF6 302 KB
303 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:815::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://storage.googleapis.com/rs-static/prebid4.7.0.js
Requested by: Host: ads3.mthsense.com
URL: http://ads3.mthsense.com/RenderAd.aspx?id=733&width=300&height=250
Protocol: HTTP/1.1
Server: 2a00:1450:4001:815::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 09:18:11 GMT
Age: 3194
X-GUploader-UploadID: ABg5-Uzod-QtgCYJrFb97WvGMMxxCU7pMTzXn6Rg0-ynZJ5ehoiMGovEUWYZ2MiZehxsrHg3wFYhEgDntaLx5kTZq7ax04nwAw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Content-Length: 309272
Last-Modified: Tue, 15 Sep 2020 19:30:03 GMT
Server: UploadServer
ETag: "6093877422c034fe300df8ed44d1e948"
x-goog-hash: crc32c=t+/UZw==, md5=YJOHdCLANP4wDfjtRNHpSA==
x-goog-generation: 1600198203919898
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 309272
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Mon, 26 Oct 2020 10:18:11 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame EBF6 51 KB
18 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6e0ab30fa0d04487e9957b63a1aac2ca220131df04e05a646d91ed6a41c7911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "674 / 966 of 1000 / last-modified: 1603705339"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 17616
X-XSS-Protection: 0
Expires: Mon, 26 Oct 2020 10:11:25 GMT

GET
H/1.1 200
OK prebid4.7.0.js Show response
storage.googleapis.com/rs-static/ Frame 5A86 302 KB
303 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:815::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://storage.googleapis.com/rs-static/prebid4.7.0.js
Requested by: Host: ads3.mthsense.com
URL: http://ads3.mthsense.com/RenderAd.aspx?id=732&width=300&height=250
Protocol: HTTP/1.1
Server: 2a00:1450:4001:815::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 09:18:11 GMT
Age: 3194
X-GUploader-UploadID: ABg5-Uzod-QtgCYJrFb97WvGMMxxCU7pMTzXn6Rg0-ynZJ5ehoiMGovEUWYZ2MiZehxsrHg3wFYhEgDntaLx5kTZq7ax04nwAw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Content-Length: 309272
Last-Modified: Tue, 15 Sep 2020 19:30:03 GMT
Server: UploadServer
ETag: "6093877422c034fe300df8ed44d1e948"
x-goog-hash: crc32c=t+/UZw==, md5=YJOHdCLANP4wDfjtRNHpSA==
x-goog-generation: 1600198203919898
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 309272
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Mon, 26 Oct 2020 10:18:11 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 5A86 51 KB
18 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6e0ab30fa0d04487e9957b63a1aac2ca220131df04e05a646d91ed6a41c7911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "674 / 964 of 1000 / last-modified: 1603705339"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 17616
X-XSS-Protection: 0
Expires: Mon, 26 Oct 2020 10:11:25 GMT

GET
H/1.1 200
OK prebid4.7.0.js Show response
storage.googleapis.com/rs-static/ Frame D945 302 KB
303 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://storage.googleapis.com/rs-static/prebid4.7.0.js
Requested by: Host: ads3.mthsense.com
URL: http://ads3.mthsense.com/RenderAd.aspx?id=729&width=728&height=90
Protocol: HTTP/1.1
Server: 2a00:1450:4001:815::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 09:18:11 GMT
Age: 3194
X-GUploader-UploadID: ABg5-Uzod-QtgCYJrFb97WvGMMxxCU7pMTzXn6Rg0-ynZJ5ehoiMGovEUWYZ2MiZehxsrHg3wFYhEgDntaLx5kTZq7ax04nwAw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Content-Length: 309272
Last-Modified: Tue, 15 Sep 2020 19:30:03 GMT
Server: UploadServer
ETag: "6093877422c034fe300df8ed44d1e948"
x-goog-hash: crc32c=t+/UZw==, md5=YJOHdCLANP4wDfjtRNHpSA==
x-goog-generation: 1600198203919898
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 309272
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Mon, 26 Oct 2020 10:18:11 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame D945 52 KB
18 KB 47ms
42ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8ea34ebd789e00c1519bcb5ec4cfb074f7fbd9c0fa1f07bef1978e7788d4e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 10:11:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "674 / 489 of 1000 / last-modified: 1603705468"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 17638
X-XSS-Protection: 0
Expires: Mon, 26 Oct 2020 10:11:25 GMT

GET
H2 200 pubads_impl_2020102001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D2C8 274 KB
96 KB 59ms
31ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068104

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

ae3eab02cd1c63cf9f27505e5a1ad885db7f4c8a32b6d52083238e38543314d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 08:43:52 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98311
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:25 GMT

GET
H2 200 pubads_impl_2020102001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame EBF6 274 KB
96 KB 36ms
20ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

ae3eab02cd1c63cf9f27505e5a1ad885db7f4c8a32b6d52083238e38543314d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 08:43:52 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98311
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:25 GMT

GET
H3-Q050 200 pubads_impl_2020102001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5A86 274 KB
96 KB 50ms
32ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

ae3eab02cd1c63cf9f27505e5a1ad885db7f4c8a32b6d52083238e38543314d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 08:43:52 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98311
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:25 GMT

GET
H3-Q050 200 pubads_impl_2020102101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D945 274 KB
96 KB 40ms
31ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102101.js?21068105

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

226e1f6bd332b8724450b220d10f5d6888a2deb581f1cb1a3a35510fe73df188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Oct 2020 08:40:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98377
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:25 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame EBF6 109 B
168 B 17ms
17ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame EBF6 109 B
168 B 18ms
18ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EBF6 89 KB
32 KB 358ms
356ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=25262519411480&correlator=3256275579313046&output=ldjh&impl=fifs&eid=21068066%2C21065976%2C21067631%2C21067753&vrg=2020102001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201026&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DLCST0401ORLY3002__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1603707085&dt=1603707085294&dlt=1603707084927&idt=345&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=980&adys=637&adks=31174620&ucis=lyfhtf838d94&ifi=1&ifk=1621562291&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ref=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=11&icsg=554&std=0&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1058099512.1603707085&ga_sid=1603707085&ga_hid=2090807143&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

daba16753648681e29c402e97f20613d21bf32b1e929967846f7855e70504f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32295
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
8006cf7d3687d5ba633aef2407cf117d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame EBF6 0
0 66ms
16ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://8006cf7d3687d5ba633aef2407cf117d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame EBF6 0
0 7ms
6ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame D2C8 109 B
126 B 48ms
31ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068104

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame D2C8 109 B
810 B 49ms
30ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068104

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D2C8 5 KB
3 KB 392ms
392ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4119295804254777&correlator=4376297996284680&output=ldjh&impl=fifs&eid=21068104%2C21067753%2C21067655&vrg=2020102001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201026&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=hb_name%3DLCST0701ORLY7281__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1603707085&dt=1603707085335&dlt=1603707084920&idt=399&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=552&adys=16&adks=3753387349&ucis=bnkckhc3bfl9&ifi=1&ifk=3718035668&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ref=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=11&icsg=554&std=0&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=1058099512.1603707085&ga_sid=1603707085&ga_hid=217400614&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068104

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

1a6c40cc0bad75e4e6d5e9332ea3bbb729c74d099686335c3123e3a3bc5c2cfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2649
x-xss-protection: 0
google-lineitem-id: 5218642977
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138294117295
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
af1ba2f55bd92e12fe9d8d397864e76a.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame D2C8 0
0 58ms
17ms Other
text/html 2a00:1450:400c:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://af1ba2f55bd92e12fe9d8d397864e76a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068104
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::84 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame D2C8 0
0 34ms
17ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068104
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5A86 109 B
810 B 21ms
20ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5A86 109 B
126 B 26ms
25ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5A86 42 KB
11 KB 324ms
322ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=474710268164882&correlator=4440786032678918&output=ldjh&impl=fifs&eid=21067753&vrg=2020102001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201026&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DLCST0401ORLY3001__54%26passback_pb%3D0.40%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1603707085&dt=1603707085356&dlt=1603707084936&idt=413&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=320&adys=483&adks=30620639&ucis=um4ufgelfaud&ifi=1&ifk=1621562291&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ref=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=11&icsg=554&std=0&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1058099512.1603707085&ga_sid=1603707085&ga_hid=134353193&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

f1944dfab895719c05bfa773ae9ffdfb3198a1294d3427b323f983dc14eb3a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10872
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
9ebf52670b792882c5e5f44935721910.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 5A86 0
0 57ms
17ms Other
text/html 2a00:1450:400c:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://9ebf52670b792882c5e5f44935721910.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::84 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 5A86 0
0 17ms
17ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame D945 109 B
126 B 21ms
19ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102101.js?21068105

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame D945 109 B
126 B 19ms
18ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102101.js?21068105

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D945 5 KB
3 KB 279ms
279ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=130521073801537&correlator=82471752443553&output=ldjh&impl=fifs&eid=21067995%2C21068105%2C21067590%2C21067753%2C44730557&vrg=2020102101&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201026&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=hb_name%3DLCST0701ORLY7282__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1603707085&dt=1603707085382&dlt=1603707084944&idt=420&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=436&adys=11190&adks=3698927989&ucis=ayypnddg2qh4&ifi=1&ifk=3718035668&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ref=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=11&icsg=554&std=0&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=1058099512.1603707085&ga_sid=1603707085&ga_hid=1868580813&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102101.js?21068105

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

56a8d91fbcfe0f111577df46a645909d545a8d20e702e4f26d5f0a7a8b591cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2642
x-xss-protection: 0
google-lineitem-id: 5218642977
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138294117295
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
ef2ebc0431bca7f1b91cd6defcbcffca.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame D945 0
0 31ms
17ms Other
text/html 2a00:1450:400c:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ef2ebc0431bca7f1b91cd6defcbcffca.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102101.js?21068105
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::84 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame D945 0
0 6ms
6ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102101.js?21068105
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012010122315000/ Frame EA21 205 KB
57 KB 34ms
5ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4fe35ae7cb63b874da447fdf6cc6f9a15d4e4ea1c8709f98c30ec7df7eb8e9a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 355011
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57150
x-xss-protection: 0
server: sffe
date: Thu, 22 Oct 2020 07:34:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9715d5719dcfdbf4"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Oct 2021 07:34:34 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame EA21 14 KB
5 KB 48ms
20ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ada7247129f48b1409f1bd93168aff2f817bf462dc35640d300a3cd1558c527f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 579814
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5340
x-xss-protection: 0
server: sffe
date: Mon, 19 Oct 2020 17:07:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "279840de0e1327fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Oct 2021 17:07:51 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame EA21 96 KB
29 KB 46ms
18ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

735c7b3ba798e1642fd859791c1a7d36309093657270aa0cc4ca28284d5ecd12

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 579814
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29488
x-xss-protection: 0
server: sffe
date: Mon, 19 Oct 2020 17:07:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3d99b3326035eca3"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Oct 2021 17:07:51 GMT

GET
H2 200 amp-animation-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame EA21 76 KB
18 KB 44ms
17ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-animation-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f7a650bd47fb51257a5212eb8911ccaab4b24885827b5bbcf0dcdf687c51964

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 579813
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18087
x-xss-protection: 0
server: sffe
date: Mon, 19 Oct 2020 17:07:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3c7f698b6635062d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Oct 2021 17:07:52 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame EA21 4 KB
2 KB 43ms
17ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13bc9de1964c9e5ec81697e1356a175650b248958046da884eab5e1150904e1d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 355011
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1805
x-xss-protection: 0
server: sffe
date: Thu, 22 Oct 2020 07:34:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bb28063f0b321e21"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Oct 2021 07:34:34 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame EA21 45 KB
14 KB 42ms
16ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dc50cc05720d5979cb53e0a0bc27febc3d7dffba34cc8982d0fa52bbdfa0173

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 461603
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14159
x-xss-protection: 0
server: sffe
date: Wed, 21 Oct 2020 01:58:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b78f479991288ae5"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 01:58:02 GMT

GET
DATA 200
OK truncated
/ Frame EA21 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 023a68a67bd279500043c380d24c57b7aae6d76d2f2aef799beadca36950ab9b

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EA21 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Oct 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 82947
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 26 Oct 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EA21 295 B
388 B 11ms
9ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Oct 2020 22:32:01 GMT
x-content-type-options: nosniff
server: cafe
age: 41964
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 26 Oct 2020 22:32:01 GMT

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame EA21 0
0 30ms
19ms Image
text/html 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaRcogvZ908IUWMSWvmX5LJyNnBTMKMU4BzedFUzDhPTarHJQB-rrK8196ljfs2aqPTjHbHV
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EA21 0
0 22ms
21ms Image
text/html 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJcWvzaCWX_7rFO6L7_UPtf-suAWExtjeX8LFqsH5C97ZHhABIPbPgx9glfrwgYwHoAGbiNGfA8gBCakCfwTcN_Tlsz7gAgCoAwHIAwiqBIYCT9Aw48DBOYy0o2IhTyPh_SJiaktaw9KnPA0JpKjsZQCjO8oRgtaonsH8Na-ESWm081cyVm9_DCrK39HKAW816hH4Gql4eH0PjkUZGwjGhfvQYe0nGdaukU1QQFILgKrNnjq_nHi1eyqiKRFeNQnxJFB5ch1ka6B-sxJ_p7FBnsvUYIrZaTF3EI50_nxKY30-ormCkNTAKzwO8_cbelZx6arYTkGHKEGoGs2eSMJrETK771HpbRFjqQyTlqdK8yb978Q2m4xMClFL6eNZjDPX2KMQU6fKtAt7m1f7B063u5wamKwWZ7Adii0BWfZ4CQek78cZTQo14GMCYKuPNubW9S5RuZbBgcAEnKq9zaID4AQBkgUECAQYAZIFBAgFGASgBi6AB833rmCoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwDyBwQQo4kQ0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi0zNDQxNjIzODI1NDkzOTE1gAoDyAsBsgwUcHViLTkzMzk5MTk3NDk3NzQ0NTfCDAIIAdgTDA&sigh=V8PNX6BKMRY&template_id=419&tpd=AGWhJmvGsn_LGoX4U9RoxMbJ51k9Rf354ZWxrVav10C8kew_xg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s18-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame EA21 20 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d9acbd04979a544c89a678dc91203b4367e21393a0f7c0947c8e2ae34e2c573

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EBF6 8 KB
7 KB 46ms
21ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d79566ec34649aec4673d88d03a03528fa9b7378741b1be4ccbc89b7e90a54a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6514
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame BA56 0
0 27ms
26ms Fetch
image/gif 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjbOl6itjXulZj2xeizFXztU9JvBhp8kqf9DaS4k9k9rBbO-g8hedbFZC69LG5YbDLOH_N5bEnKrnSn1hWB19eQW8M0B6gsKbxuWJPcaMZ3pSx6zLHlwtbz456u4eSkPVruAH5pSakXBGsDzb0E--dNeyJSw3vqICnv52gCIA0o390ZCmypeX6JxrGxvvo6C8-hOsdp_fv31U2x7Sj9Pd_S4SsWUC_InlEc3K3ZcMCksDxvI2WIQJxkRWG6xsl2NcnASj9jrPH_9Qsh2mkY_eusNg&sig=Cg0ArKJSzOM-pIgG0VdGEAE&urlfix=1&adurl=

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:25 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame BA56 51 KB
17 KB 21ms
21ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102101.js?21068105

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

a6e0ab30fa0d04487e9957b63a1aac2ca220131df04e05a646d91ed6a41c7911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "674 / 604 of 1000 / last-modified: 1603705339"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17616
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:25 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA56 74 KB
28 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102101.js?21068105

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e745ee399c09f38870abb2535b63f337c2730334790b3f0cd71065de66098fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603453024747546"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28820
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:25 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame D945 72 KB
27 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102101.js?21068105

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77e75934de7a7d9b475ed5205181eed15c424e1ead2039ada5818432e841bc9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603453024747546"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27565
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:25 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D945 8 KB
6 KB 20ms
20ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102101.js?21068105

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cccb0d1dcd9771eca809edf5b0257b49f51945e3ac30f51da37cfd9a8ef1796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6406
x-xss-protection: 0

GET
H3-Q050 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012010122315000/ Frame 91F8 205 KB
57 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4fe35ae7cb63b874da447fdf6cc6f9a15d4e4ea1c8709f98c30ec7df7eb8e9a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 355011
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57150
x-xss-protection: 0
server: sffe
date: Thu, 22 Oct 2020 07:34:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9715d5719dcfdbf4"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Oct 2021 07:34:34 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame 91F8 14 KB
5 KB 40ms
20ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ada7247129f48b1409f1bd93168aff2f817bf462dc35640d300a3cd1558c527f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 579814
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5340
x-xss-protection: 0
server: sffe
date: Mon, 19 Oct 2020 17:07:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "279840de0e1327fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Oct 2021 17:07:51 GMT

GET
H3-Q050 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame 91F8 96 KB
29 KB 40ms
20ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

735c7b3ba798e1642fd859791c1a7d36309093657270aa0cc4ca28284d5ecd12

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 579814
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29488
x-xss-protection: 0
server: sffe
date: Mon, 19 Oct 2020 17:07:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3d99b3326035eca3"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Oct 2021 17:07:51 GMT

GET
H3-Q050 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame 91F8 4 KB
2 KB 38ms
18ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13bc9de1964c9e5ec81697e1356a175650b248958046da884eab5e1150904e1d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 355011
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1805
x-xss-protection: 0
server: sffe
date: Thu, 22 Oct 2020 07:34:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bb28063f0b321e21"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Oct 2021 07:34:34 GMT

GET
H3-Q050 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame 91F8 45 KB
14 KB 37ms
18ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dc50cc05720d5979cb53e0a0bc27febc3d7dffba34cc8982d0fa52bbdfa0173

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 461603
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14159
x-xss-protection: 0
server: sffe
date: Wed, 21 Oct 2020 01:58:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b78f479991288ae5"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 01:58:02 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 91F8 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Oct 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 82947
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 26 Oct 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 91F8 295 B
319 B 9ms
8ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Oct 2020 22:32:01 GMT
x-content-type-options: nosniff
server: cafe
age: 41964
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 26 Oct 2020 22:32:01 GMT

GET
DATA 200
OK truncated
/ Frame 91F8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eac5845b74d8c26664e5d47faae073243a5d31196b87d0e0e9ea5130082afefe

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 11666831926923645485
tpc.googlesyndication.com/simgad/ Frame 91F8 37 KB
37 KB 13ms
10ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11666831926923645485?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlhTVyoZnvz7IYeQkttoxA36nYvCA

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12682d42b57186ced3c068710abf89b837fd6b193874374e6de11efe54ca5c0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 06:13:42 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Oct 2020 05:57:13 GMT
server: sffe
age: 14263
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37801
x-xss-protection: 0
expires: Tue, 26 Oct 2021 06:13:42 GMT

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame 91F8 0
0 19ms
16ms Image
text/html 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaQDBqk6F0bBXAY-MLsicj0Jo-C_KaKqNJHuA1BxFbWfucK7KM37R6yJmc77rQUjv06mi1X_
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 91F8 0
0 25ms
23ms Image
text/html 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDnwdzaCWX96DGNHV7_UPo72hmATa27neX-CDosWgDN7ZHhABIPbPgx9glfrwgYwHoAGk7KbtAsgBAqkCfwTcN_Tlsz7gAgCoAwHIAwiqBIMCT9D3BEOxYmdoGQ3nUb4dUiGNTPn33AmCmBf0lcWgDCcTqmtgiqFCLiKDS5iuzGeX8x0XxxdHeuWYHTVm8V7FBP30ROuKNUconceM4SMuE1WquQ1IcHDKh4M625_-V0x8QyPF9Fp1XqeKsVDJu2nEjP8Hyk7V_GidNN0vUFml4QnjEJYosvMjDzPcbj_O1OynPlExG_xv8nmCHPb5ZjQqjbs9wP5t_l_whnonZOxuQtzO1qTi5V1wjBUIQNXNJhJ3XM_HCWFytf9B-pOyVJ2oceFJyB2UaxnF7jszpW_JQmfgW_OU2AZ3RYeNuhn1fvCoya1h-os-IowZxrmYHKtjgO7gLsAEzqP72IgD4AQBkgUECAQYAZIFBAgFGASgBgKAB8ST2ZIBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEP6iItIICQiA4YBwEAEYHfIIG2FkeC1zdWJzeW4tMzQ0MTYyMzgyNTQ5MzkxNYAKA8gLAbIMFHB1Yi05MzM5OTE5NzQ5Nzc0NDU3wgwCCAHYEww&sigh=Xlx2eJon8BE&tpd=AGWhJmuOhyMZyyZYlkdsZ7Q9ysSBZwV0zMFCTFAU0QmzGCbpoQ
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s18-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5A86 8 KB
6 KB 36ms
35ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db83a8bdb2f19f3abdf194aa026edffd96dcf185bc5cedb958f341b206c8f1ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6369
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A45A 0
0 23ms
21ms Fetch
image/gif 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRi192_m48KVW7T1A4m4dMZveEQqiLKKYnfRuBtSMcn5RofQCmhR8G3T3PuEy8ZPWZhvbCaaFaPljIohxuqKn5GCFnXGUIFFaVjHEzINKon60ls-xVjZjVHnhs1LVqBnobXVmOKzIsAQScmyNGcrB56H_EhmSzbotrPbxsSj8DtVTMMvRE548CLWrO6qphdBuJyn5q1zmEM2uQyNRgUVK_ei6-2oKDVOOqmcFnQQnqhWwyMVUf1aFOjjv5BJvbcHI4yq6FZMjCYvEsDRv9S5CFFIU&sig=Cg0ArKJSzKzfdJDHx912EAE&urlfix=1&adurl=

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:25 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame A45A 51 KB
17 KB 21ms
19ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068104

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

a6e0ab30fa0d04487e9957b63a1aac2ca220131df04e05a646d91ed6a41c7911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "674 / 626 of 1000 / last-modified: 1603705339"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17616
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:25 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A45A 74 KB
28 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068104

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e745ee399c09f38870abb2535b63f337c2730334790b3f0cd71065de66098fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603453024747546"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28820
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:25 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame D2C8 72 KB
27 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068104

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77e75934de7a7d9b475ed5205181eed15c424e1ead2039ada5818432e841bc9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603453024747546"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27565
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:25 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D2C8 8 KB
7 KB 46ms
30ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068104

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5108bfe33b404ff36897a407d9c0b68b3a9fdd78c66cfc942b720b9935b14ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6424
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EBF6 17 KB
6 KB 23ms
16ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601937181905197"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6302
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:25 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D945 17 KB
6 KB 22ms
17ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102101.js?21068105

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601937181905197"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6302
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:25 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5A86 17 KB
6 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601937181905197"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6302
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:25 GMT

GET
DATA 200
OK truncated
/ Frame BA56 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 233a904b439409d1fa1b8fd2ab1fdcec907c1aaf17e9e5ac101d45cdfe872ac3

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 pubads_impl_2020102001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame BA56 274 KB
96 KB 18ms
18ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

ae3eab02cd1c63cf9f27505e5a1ad885db7f4c8a32b6d52083238e38543314d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 08:43:52 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98311
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:25 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D2C8 17 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068104

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601937181905197"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6302
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:25 GMT

GET
DATA 200
OK truncated
/ Frame A45A 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 396f10b8d929eff06781faab324c190674d3429317fd43b5dd2e85865f45e5cc

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 91F8
Redirect Chain

http://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
39ms

Image
text/html

2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date: Mon, 26 Oct 2020 10:11:25 GMT
X-Content-Type-Options: nosniff
Server: safe
Content-Type: text/html; charset=UTF-8
Location: https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control: private
Content-Length: 246
X-XSS-Protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame CB26 0
0 9ms
8ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/218/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Mon, 26 Oct 2020 09:53:47 GMT
expires: Tue, 26 Oct 2021 09:53:47 GMT
last-modified: Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1058
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 pubads_impl_2020102001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A45A 274 KB
96 KB 21ms
20ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

ae3eab02cd1c63cf9f27505e5a1ad885db7f4c8a32b6d52083238e38543314d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 08:43:52 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98311
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:25 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame 4780 0
0 7ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/218/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Mon, 26 Oct 2020 09:53:47 GMT
expires: Tue, 26 Oct 2021 09:53:47 GMT
last-modified: Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1058
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EA21 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Oct 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 82947
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 26 Oct 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EA21 295 B
319 B 7ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Oct 2020 22:32:01 GMT
x-content-type-options: nosniff
server: cafe
age: 41964
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 26 Oct 2020 22:32:01 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame 7ACE 0
0 7ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/218/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Mon, 26 Oct 2020 09:53:47 GMT
expires: Tue, 26 Oct 2021 09:53:47 GMT
last-modified: Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1058
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame 8EC7 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/218/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Mon, 26 Oct 2020 09:53:47 GMT
expires: Tue, 26 Oct 2021 09:53:47 GMT
last-modified: Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1058
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame BA56 109 B
149 B 18ms
17ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BA56 4 KB
2 KB 273ms
273ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1173309465986154&correlator=1825921924827751&output=ldjh&impl=fifs&eid=21066030%2C21067753%2C21067655%2C21065724&vrg=2020102001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201026&iu_parts=22803534%2CHB_DEFAULT_ADUNIT_PB&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3Dee00f30fc5ddfd7e%3AT%3D1603707085%3AS%3DALNI_MaGX0fCuXyy4g5N-4C2vlgFjjnOOA&cdm=www.orlytaitzesq.com&bc=23&abxe=1&lmt=1603707086&dt=1603707086000&dlt=1603707085735&idt=257&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=436&adys=11190&adks=3312051823&ucis=wjeurxqvqjho&ifi=1&ifk=3627238188&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&iag=63&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=11&icsg=170&std=0&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=1058099512.1603707085&ga_sid=1603707085&ga_hid=674515594&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

e3cc0e3bd0314aec716ad6f3b87c221329c2abb93257db23d0fe41c0b3b43f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2278
x-xss-protection: 0
google-lineitem-id: 4666443339
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138232667219
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
25dd6d3f91070678031188e975226238.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame BA56 0
0 32ms
16ms Other
text/html 2a00:1450:400c:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://25dd6d3f91070678031188e975226238.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::84 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame BA56 0
0 6ms
6ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 11666831926923645485
tpc.googlesyndication.com/simgad/ Frame 91F8 37 KB
37 KB 7ms
7ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11666831926923645485?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlhTVyoZnvz7IYeQkttoxA36nYvCA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12682d42b57186ced3c068710abf89b837fd6b193874374e6de11efe54ca5c0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 06:13:42 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Oct 2020 05:57:13 GMT
server: sffe
age: 14264
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37801
x-xss-protection: 0
expires: Tue, 26 Oct 2021 06:13:42 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 91F8 2 KB
2 KB 8ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Oct 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 82948
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 26 Oct 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 91F8 295 B
324 B 9ms
7ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Oct 2020 22:32:01 GMT
x-content-type-options: nosniff
server: cafe
age: 41965
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 26 Oct 2020 22:32:01 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame A45A 109 B
149 B 23ms
22ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame A45A 109 B
126 B 22ms
21ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A45A 95 KB
29 KB 209ms
209ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=104032580431637&correlator=2536321514429303&output=ldjh&impl=fifs&eid=21067118%2C21067753%2C21068000&vrg=2020102001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201026&iu_parts=22803534%2CHB_DEFAULT_ADUNIT_PB&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3Dee00f30fc5ddfd7e%3AT%3D1603707085%3AS%3DALNI_MaGX0fCuXyy4g5N-4C2vlgFjjnOOA&cdm=www.orlytaitzesq.com&bc=23&abxe=1&lmt=1603707086&dt=1603707086034&dlt=1603707085774&idt=254&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=552&adys=16&adks=3312051823&ucis=v58q7mnogdjz&ifi=1&ifk=3627238188&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&iag=63&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=12&icsg=682&std=0&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=1058099512.1603707085&ga_sid=1603707085&ga_hid=1027580817&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

f8cd6c4ea09e9d8839bd7caa16a1176bd5394f39edd7ecaaba2e4b64eeea8d62

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_728x90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_728x90.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPbZwbmC0uwCFRznuwgdEnoNoQ&gqi=&layout=/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_728x90.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_728x90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_728x90.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPbZwbmC0uwCFRznuwgdEnoNoQ&gqi=&layout=/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_728x90.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29104
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Mon, 26 Oct 2020 10:11:26 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
40b6bdcdddfc0625e5db165fb7eac6d0.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame A45A 0
0 34ms
16ms Other
text/html 2a00:1450:400c:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://40b6bdcdddfc0625e5db165fb7eac6d0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::84 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame A45A 0
0 12ms
11ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame BA56 0
44 B 30ms
29ms Image
image/gif 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvjq-nXxWBoR-nzwXEi1sbOjU12rrSXT5sr6SWQPqdbt7vU_YJlK_qPAOfmlOwnzQGvfoGElkiXUN1nDAVr0jjMhutMlq76x6MaLRSV2JO1REWcLhyB_xSIvLF_P_5qbJOunnqUeiPwuW8GUseRk4HLXGgqcgx3rg9w8w5dRMp3eEKIi95gxam8HTqsT1wTW0Kq7Ig53JmF8nPvB-hb_UeA_q3jF-X6iJ2GzOWzrFeGtbnARGneU2pEaDf7_nV4BU-DhKP0bHXTfU4DiYzfUBNkZ7mew&sig=Cg0ArKJSzB42Os2m0uJIEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:26 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A45A 0
21 B 24ms
23ms Image
image/gif 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstz5NX3X15rvUjburH6-PFMxZRTFoAMKffEpu-ZrttrJTmdXqyMxKk3chpHMoXTQrjoXEwuVYBQTx5no8KE7gzZTMrX0lhbxCXytEZyJwtOauP9eFpgQd5bXKnhjWda0YkWhlyct6DIB0ks5BKfnNP3rP1hrRfByl9QUvToMOunJwjuEI8wwv_0C8XtNWVfp8pC90CS3JbPxOlFgBUp6YVvphL15j2DvAJO0A6-cGyTzc2688IMijLSx1ivUSlRM92kd-R9mPrkFZlMohOKq-eRDNjwqg&sig=Cg0ArKJSzBU_vWt3gLWbEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:26 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 container.html
40b6bdcdddfc0625e5db165fb7eac6d0.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame E0FF 0
0 30ms
15ms Document
text/html 2a00:1450:400c:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://40b6bdcdddfc0625e5db165fb7eac6d0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::84 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 40b6bdcdddfc0625e5db165fb7eac6d0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Mon, 26 Oct 2020 10:11:26 GMT
expires: Tue, 26 Oct 2021 10:11:26 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame A45A 72 KB
27 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77e75934de7a7d9b475ed5205181eed15c424e1ead2039ada5818432e841bc9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603453024747546"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27565
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:26 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A45A 8 KB
6 KB 21ms
21ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec009135b6b12ed545a33ec38adaee23de8b1eb42e00457fcafa709fb11116a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6497
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 408E 0
0 25ms
24ms Fetch
image/gif 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvn5jrTSaO-F6Wf73KbmVNzmJvOQlqEXYJJN94J-19N7rV3qdHZC3GWmht73XVxzhMxwmaVw7l7AuKlV-jeB1dK8XD0M3tm6ON-9Tn-id69mvuk_Gj1m_I4m-xCkxaDKvFcd5RM8bicRO-oXEe68grRXLOs08RKhiDap7x5FIWjp-gvkzCpK_RFeC7u5d_bZ83m5xTn60AVbSisIx250staCtjHgqezAUl-CLqGSXSH9p-z-1tg0yY0cGYhhLGWHZDGACH85e4reDbSf6SxMy4dYeM5zw&sig=Cg0ArKJSzEp8mPXSB6ybEAE&urlfix=1&adurl=

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:26 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 408E 94 KB
33 KB 29ms
23ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e2b246103528db3179d2ed64a61718c8202e9afbd644accfb85302fc6f46385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Mon, 26 Oct 2020 10:11:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 2571982053440400425
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 33439
X-XSS-Protection: 0
Expires: Mon, 26 Oct 2020 10:11:26 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 408E 74 KB
28 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e745ee399c09f38870abb2535b63f337c2730334790b3f0cd71065de66098fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603453024747546"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28820
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:26 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA56 72 KB
27 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77e75934de7a7d9b475ed5205181eed15c424e1ead2039ada5818432e841bc9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603453024747546"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27565
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:26 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BA56 8 KB
6 KB 21ms
20ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

035008a671fa2f5aa82f38fc99f3df0eb527857c3b7e42bf0d5f2addc7b9b9ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6313
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A45A 17 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601937181905197"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6302
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:26 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BA56 17 KB
6 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601937181905197"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6302
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:26 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame A9BD 0
0 17ms
16ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/218/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Mon, 26 Oct 2020 09:53:47 GMT
expires: Tue, 26 Oct 2021 09:53:47 GMT
last-modified: Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1059
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 408E 206 B
410 B 25ms
24ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.orlytaitzesq.com&callback=_gfp_s_&client=ca-pub-9339919749774457&cookie=ID%3Dee00f30fc5ddfd7e%3AT%3D1603707085%3AS%3DALNI_MaGX0fCuXyy4g5N-4C2vlgFjjnOOA

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

4048c579465fd44176bc73fa0c81f19bbf75eea4c0269bd772db81ca50a2895b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/ Frame 408E 230 KB
87 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b93041c86419712e621598adda1d9749ce2855af2fd4d952873ef00905922730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88452
x-xss-protection: 0
server: cafe
etag: 16783570891068550005
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Oct 2020 10:11:26 GMT

GET
H3-Q050 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/ Frame 412C 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201021/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmF_LHW6Z8-4zUGaBgUTxAysQ15Xc0Lxjhd3hcFKF9bvUCAvVGA56eX8wUv; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Sun, 25 Oct 2020 12:16:25 GMT
expires: Sun, 08 Nov 2020 12:16:25 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 78901
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EBF6 0
108 B 18ms
18ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gpt_2020102001&jk=25262519411480&bg=!jI-lj6_NAAVp0lmVaViszyJ6pqhhxwIAAADLUgAAADUKATfQF0Aw88OO6uyLScr54w0uZUrHSi8wfcFEa8mOqd1U5wqFh61pLZKQSKxcPs1fZ_7hsBskrl0uIXzSAQsDuuMPGb4er8IL0zv2MmL9gWBZ368cDpBu831KMICmG7KJAorKg6_oWsj5a-F_hO725iMEDiIDJOtegN8KO60Z0uvC0gM7xCYIzh5ZmDm_UQ--8ErUWcbopyDqEyUynqwB4JOSZZobrV8qn0tvqhWx8ljQDaIYCnB5N39OfCVOkJV9fIEC40N0Gl3JmNNjobKZtfvKyr0nWAJT770bLQ9eLyOw4oevAygQJieWJUkHHsMRkDLwkA5km6tuSvROwNiylQkProbeH-JgXXyFPmuG0A0_ZqKjq23NjBRMyhqyc49lj71bx4FMIV1H1bNP9y0D1aaJqS2iVuLM_pkB5uWOgyzlPHp7PK9YUbir9yKjrvqqHJJjnwWRF8CyNZD2XAthyyot4747ieVniimW8l08CsPkajQpVQx-4-liGv6iaV9v9I6CFaP9ePnpxvrwHYvIGzOGe0jaZeybs4LqbYYoDfpPUeIE2TK9AQOAMqFT97q45zl1JnXkOqwkUkrqFn6JLyOEG-hbUUCOj81AvY8sOZlDXanmPChmQPm88r8xJl3tC6gJbxx_-GQ_MbAT3TA_hz-isxn616U0hfN7CpD6mOAtgjwBkNiJdwqxGrQtjtExLS-5gXw-DnpIy6JCbloo-QDYg-tbN4RuymZCExfUaO8umcbT_66uCimnMkl_rX-At4v29xkllYCliGkHfoBG4g8bZdfam-jT3GWLRXlgJrqX0pcgLolkPllmWIp0s_qxRuXm39ikCwgONDs3_caMC4_HJRut77DVmgkp_vRDBJlbClo5aL9UDgFsbBMQNd1F9kA0vmteWeKPF9-9mdwdO0oaRBdmZ1982OFBQpdh0QmT0p_KPoYXJAVQ4MyuCcVO4BQPpbTF69EDQso7X001sbixr_I0CrfxShh_PhFUV6ysS0vMxLwNDXHI-KIe7diIVdUjLx4ptt9P3-ojO0oEttzw0avW9Il2W_JnMUXdeEqEwQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Oct 2020 10:11:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D945 0
22 B 19ms
18ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gpt_2020102101&jk=130521073801537&bg=!_v2l_d3NAAVp0lmVaVj1rzClWyg2oAIAAAC8UgAAADgKALY88sV7_p6-FdWnV7U4XvYAClN03WmEVpeyo1Y8Ks5exsX9AmHnsFPiziaLdjjafIT4NkpWNIrkRfDAeV7RiT5xDt7i-GTaHHbvVne4rHFQz8HnO036xkqthV552vMC_VDFXOE_BW9rj1bxDcmOokqw-aNYmw3zWr01qzcWXr7yMK-FWS98z3HH1-2NaG4seUNoqan5p4IIkXkYkOVXNs8ldYobgT71bRehCrfG6wMJSOydC_2_0ZkB5uzwmNaMKrjJbVGpAOniju4IM2eGlwjhfHByXNSDRJyYZ8va77qEX__7P1MxlQEccLAbJkvmiW1GTer0oJL43rMq6v52qCzleQBPZOhFxlPrJlYR9H5AyempTgHgOp_8fsgXpMiVxy84JThqQIDx1oKQT7RXTYQbqm0wIuSKIJ8zN5hxXDmUfrwirkUjBk8U7wYKO2tq5TPPINgDusdNcG1xWhpncWsBu78bFzOP9DCJ81wSsMdhdE4JUZbwPGYMIA0x6b1kKrI8XpBCKaZxWHncbcEa16Br0CrT38pAsAO1rDNAzdVevTz-kNERe-DTJLEC595FP8utv6wCKNMu51FLIJt4i0-oe1NFFx-299VuQ_Y9xZ-GoyzzqjpqTc4rTU2J-_JyGpu5ed1ITu1tDJfBtV2VhaJ6TBrt9UlylaLwbUPf7dBkJ1ZE9XAG1G6KZNOK-thz-IDFNI98RXdWeVEcZfVSnVahfv9_gyPHKxQZXTiEWHIyuJkTrFGKqi1VgthuoNTKjHfkJmaIDas2TqLjlQqgT01aLd32ogh78MJA0HJsddoMIjylUKApC6rHvvVgCrez8_udOVKMTzrYZM-A-Tg8G4OQx3k6y408rtF4snARSno2FOkZoDNkbce26u3exkb2Zg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Oct 2020 10:11:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 408E 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed8af83f56d8304478081a0340f2ec85db45c352aeab39c894270c2009b60a2f

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame 0CCF 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/218/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Mon, 26 Oct 2020 09:53:47 GMT
expires: Tue, 26 Oct 2021 09:53:47 GMT
last-modified: Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1059
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A86 0
22 B 24ms
20ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gpt_2020102001&jk=474710268164882&bg=!0dKl0vLNAAVp0lmVaViXD3pi7E8wGwIAAADVUgAAADAKAMJ9JKYCuvLQmDM9IQdphKhw8JNXJKntS_b2cbNjVgN15rJaeQB_8OEny6i1lk_-fv5dkaJoEwhHKXEkjOPVx8pxPpQCiJi5_R1d5N-pl52oWkXwu7h0YWQ7o1l6On0ZZ4aUyRU81R4NLOuDYumQFVUC-3VgsLEz2FMoevUJlEJkVDZT9PFDEPpFBxdlP_m1TYXi6uMwg5hDR2vTH-ZN95XTYlhIZ_k2TP3NubzS6hdxRdgTReK8NmkKn0QoSrRcrJszH5kB5uCx6XDromEcJfz685yvNXxIznuG1gKwpzEaZO2ZjY3nSOj_4ro2VX0lmjd19OWJFdvKCB1IJlf9KzoYxJSVaATgBFZd8w1KjQ_uo-U1XoT9fZZkEA08lzsDtCY0W_w3ailRC6jo9XhGXgcMu-68hO3JM7R8K0QsITTQ5l2wzcfftLNrtLi-HrsTM-nn2DZmQ40pVfe4FXMLddwkOagZhg-SdNGfn5gxkVUrCdBZ6cqttxcfElTqFO1uJW513VP9dmHId4PxTwhknbogVZDEtMwSwUs0eHXpPY6WMIP6DY5Qo5Xt0OsSu8sJUhCE5UrtgfouEvGTiRPM1LNa-nq7VYgvZSej6fWmWGqKf11g2phcTzchzQ796v_i28GUvzMdYWW37QRvHwRiMTquaegb_35y8aOkAnB1KhzbrxL2hXecePGI1N1KNU9bGy-z-ldYqj87_DuGMB4LAEBIYIuCLmGkUKIB1ab0UzPtzjZoA1gQWVA4H7Bo_rn45bFxFXaS0xy-qO1CRsr88NiiQamzVDlgbDn0WxbAVFlq5ulIMD_bL7qz3x3Wte3Tx1nc5C7gHF54QjjxpmMXwTXCx3hEEvr-CmCENaCiqCBc82FcqyJ5lbQWFAMFuNQkwdluKD6LMuOieuPY0w

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Oct 2020 10:11:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 408E 109 B
126 B 25ms
20ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 408E 109 B
126 B 25ms
21ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H/1.1

200
OK

728.htm
d2tbmvllb55wxq.cloudfront.net/psa/ Frame C827
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9339919749774457&output=html&h=90&slotname=9866181553&adk=2660574010&adf=702193768&pi=t.ma~as.9866181553&w=728&guci=1.2.0.0.2.2.0.0&url=...
https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm

0
0

53ms
9ms

Document
text/html

13.35.253.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.160 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-160.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Host: d2tbmvllb55wxq.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

Content-Type: text/html
Content-Length: 158
Connection: keep-alive
Last-Modified: Tue, 24 Oct 2017 16:46:17 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Mon, 26 Oct 2020 09:39:34 GMT
ETag: "ad7b75065ec6b24a73a254d232ead673"
X-Cache: Hit from cloudfront
Via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: cJC3nb33bhZyDeh4A5l9A7F2oq5ckg4_zFSQH60hQwkI1mLMjMsHhA==
Age: 1913

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 26 Oct 2020 10:11:26 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 408E 72 KB
27 KB 46ms
43ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77e75934de7a7d9b475ed5205181eed15c424e1ead2039ada5818432e841bc9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603453024747546"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27565
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:26 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D2C8 0
22 B 21ms
18ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gpt_2020102001&jk=4119295804254777&bg=!pKelp4fNAAVp0lmVaVg1v9bitQi1_wIAAADQUgAAACUKAcdFh1cDmRoHnKbW6Gcr3dq7q88AVCOd5P2jqGum6hFQnOsLnmRBblnm1DjqgYlwrt4WnPETFcmi3ZfGXfP4BFOyN0UdRZy70SdUjt3rm2o-3PCA_pBPLOSDeG-VwUhzxf2DFCA16uGNAMW4UsM7OOFyNkJuLWQO-awSsJAWeUpT6jSnbJ5GC77tIbwxDAgqtLAF9SIsC2ZCkq6lL1Ts2dmc0XfrfjzS9ZAQdOFYlpOBSRI2KUndiTrzAoX9gt5v9cj-Ng5nWzBxEQUO7gPF1BeaLAE6W0NcMFBNY0mMVneaWtOeNQ0CLal9Cl2TXCrOXnL0MccautKK9xnQEI19ELuxfU-l1U01hfN6zS9xt3KzRCLPqA6wQFYOJ1S7hm8MBJH-qeu4KX8Qa5cT0ImoWa2Tmp66kIIUyp2MLJmc7YrNcKAOpkb61SDMBj9CO7_0m7fyMOd8tzntuwBkpQJa8H86dU7PJa245ziOOjgJmteeo3YORwwyH7EXPTgj_lfxmLZPncEHZSILy87EWM4QHkF07PDq5djkatZyo63gU9Fzg2nhgbe0CFu0G02uvK1fZjTiwKi8YkxeOckmUymhOPSh3XTrXbgCgpkB5otXtDQJGBJ8CtB7n-xoBRW0U0zMXsrQYUs82AHCZLHzv23qSdtGf2qP9rlufedwrsePIC8EYe9fyrqHuA-Wsxck-uT0BjWKX6XMqCHaOoBUgPfS1ofGxWHDNxXRjZ-Hm6Qq2dUkNlXdUtI8ajNW1Oh-Im_bfkyiSyH4xeFARytCdbhGLYKLLN2J9PYUkayBiBJf-GpHzzJx3B1pbO5ZZS94LyvRvRXaaig0NonfzDgM8HZAjObQGH1Jx_suS3ikXs5pU_ZgsvVM6WWzfY8GqXq-na0MMHlsl78cDd6HAxPzJmE1SJgE9lqj3IKl5RIGi007OLMzyJPbmPulTswW0Uud05fUlTTL6T2ZdGvhacGEf2zwqtMWK95L5iN_pXVhC1f1IjK2lSr_B0gJcnef3yzG3vc-rrjz54w80sqAi10VA7aaGL5FsgbSXevpzOLgau8dYhvvIrJj-T_4RyVt_aoDv-XcS0xaLCpy_tW09JZFuSZ887L-Eg7BbO-mhAWg_oZiNHdiUZFLbbsScj6yZ4GTLeJmdSxcse9EheWJ_dq2cprPITPOWP9HeXbBnzYygkCAu4b68dx5FJxmVGVVT3RdTdmCLFHajKvPNBOgUtJsUFwePb0GyiJlXJOJ4ngafzBjBBg8Fw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Oct 2020 10:11:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 408E 0
21 B 24ms
23ms Image
image/gif 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugrxXO8j9fdQGQZdF0sT22OLkxVGDdZOKLopCE00DWAQ4QqjXklIR6Aipa_501LEfpkSkFHmRKeTE1QlJNM0ZoMLcRDLhXvo8w6ksNDlmzMwj77k51VyxTmxfGD5sZ5pp13PsU-cqp2FYJrzDaq4Vm-bnD_f1P9iTZJAakZ8OVRkLIZCnXWnZ5A6p4O8hjis0aNnXoX1gPH4yYnMfazNXmUxwJhYcSOjTlcrKyi6kuWRJfTS-s3mVPnqniPRB5-FrJgFgVRkPcTTgDAhzl1LBO1dkHuEPF&sig=Cg0ArKJSzH1oDq0AZVRZEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:26 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 408E 8 KB
6 KB 24ms
23ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201021&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7dfcaa0a93bf7be78f9d9adec993a0e2eb5eb914014b599abfb5ca9351ae16c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 10:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6447
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 408E 17 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 10:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601937181905197"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6302
x-xss-protection: 0
expires: Mon, 26 Oct 2020 10:11:26 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame 17F2 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/218/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Mon, 26 Oct 2020 09:53:47 GMT
expires: Tue, 26 Oct 2021 09:53:47 GMT
last-modified: Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1059
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A45A 0
22 B 19ms
18ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gpt_2020102001&jk=104032580431637&bg=!IyClIADNAAVp0lmVaVjeHIge9WIwbQIAAADtUgAAAB4KAJN37xby0kOh6iLkWxakbKkMQSo4CW1Gz5ogYooP0A-2mnwDDc4cK4HcYxOvqbpuxK7PIdgZAL9jYjGUUeYSoKS67AfdIeq1zabPS1EeP2aLG1NMTjoBb4B7TgMToEeKnlxCLE0a9oFYevwJyzgwez2wgJWj5QykxwMsroAqKNdsH2nMM6UAp7R3UWv2_PgkQElUjRaZAeyyvh_hm_qW6rxQHJ5uxjq531s9QwDl_Fi615KHE5ZMRUjZsjI3UXAvwoXhsIQZm0oIicYV--pGAQWx6F1jU8YeRyDxRPd3aIOmeMWArx69OdPBhZMPYflvJjIq5q7S3sUgjXzawcFGrMO7EG80sjpwUOy-WTAAGoJDLSwNsqyhT08k5MFebYV10C0LgwXt9LXzkTDCksdIpXXPn1Dzi0HEuMXJ5777UsiT81P9dfjxhIs75HybKqLDLEI4lqy7ygxRz6PNQqz-VhG9lMlxr_EmrOrXcdY5zf9TCtNaqh8VfugulEIOARauRktlXZaJINJXXNhCtX1qpypuPpdfoMFN8Xgqx2pD8izUIeFxhRO_zg8bruaFsXQkAB5RB0xfvz3rFvOdtXzdpowrHuSuNCARglr1mw4fVKmhu29TzrbgNpW3gfYVNalx0tXqtPSo4Fg-LcONGWcFGfdSHEz6RFktEhFfqdxIQTKGpj0SkNaMxuImWGfQ6MpPwSzHJDc0V6Yim1LLZMvmyWNTrSlwvpAV_nCOkbbgqv0QElm66fid5C-uDfX06L2SJbX0WdeqNGSRyTxaJg6IovcTnYZ3p1ZzXAfkxJdb-POxEshf_BIuyE0VwUHXIb1ZqubMaeA97Rzf25UrEx5DamG2NMw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Oct 2020 10:11:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BA56 0
22 B 25ms
19ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gpt_2020102001&jk=1173309465986154&bg=!pqWlpYXNAAVp0lmVaVitB6mjqlNSKwIAAAD_UgAAAB4KAQxN4Ek1X4cQ61IOzzUHMiWUEPPNfQnLos2IQMBnPtxysgI4n2uiosTIIwnIOpc9XhDwMoxCt28F3v33kkmUBFkFoDLk4R0l9j21tZjiZaUsfDN2Xn5NfFRrxd2D-dYhz8OJvUp89cTwJywxVI0HlqhSuaKQfCYXGgIZTxJP5-MMzXedYndIWKbgeN-6XaoEHn_WwpU8YtocERID4kylx44ZVATzp8y0Y-7i_bySWoPJEqlXS9kg5DteBelZAj_BDk92PusPsFAF4wMRcM0p1SUTi067PIl3R9qMgawFkgMOVNq5c2b6i99kRPCtX7gzivPNTEBCvNT0-E2cVKEUj5EnuwaKc0pj4S_fcazqmQHs40UAc-bliEFQWr60zn8Zdfol052T1xRdhJAA26jzty_cuTln3FYDP3hCcIgZFTQv1VT0xpD6_M7hG1BYo52_tqAEzmEwZAakqDVAzVjaaJ1N1XCaMWRXeVGsmW9ANUzk8u3F8CRVy596WlSwfCxZWSrrPsSzfwanBWatZzsq3KG3XP4TG7j_HAsMY5d9y2w12O9zqShUoj7e-pCgst6mrXpTtS3KaCGlBZe99TVGltFEqN-2KAwUrQ6Qt2cu0rjcQ5KT6LyJsk9NCAiA1_miCRJij-RbuYnc5xkOBxydsMCdlVcwo_-kdHyc6a4vCu9D1SEE0BLfXM2wzUBrZiPdwNrzpkieVfB8cD9eH06Y8qPIy9bngTPPTqUgDYWEmM9lvA-sG2ie4Iszi4syvZSCbYY97Ko8jkLR_2dDKljUJbcRg2N5yh8ZLFMcV8P62egy98UKkN5Q0MmlDDXwAImvoM0TP73xGMPxlGbCtDehpQcBFWHZJqOZKYIYmNzqS9Qs8L8oyVHLWk0y158PIAcFHGubYOEUjxOZTJLLrP1CCniy9RsBCDN8eZ8Nr-E7u2mdlZyvyHtgEXheZMskdoQ4lDv7hvOAvp4xgZ4duQ0joioFpbkuypMZz8-OvPYOcEeRyP62Z9nWVmjcc_Ji

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Oct 2020 10:11:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 408E 0
22 B 19ms
18ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gda_r20201021&jk=165275665450370&bg=!ysmlyenNAAVp0lmVaVjRHeYoB1vTYAIAAAB-UgAAABAKAQqLkUmpXgH4iMv5ILNf-ao9hVIl0HmzGWkG-7VdLIbvdTRqKBetU8CE4qPSj3-xk99JP5RZVluHj87-eQ6ktA8XUkeiQ6dBG-F-GQe5yT052Ko1POhvC-CXz6bMd_35-OiQgr0u7-HTQzbjItM7xNcJRM5z0osZmJGQYNhuCRIuPDMhLC8ZgG4bsRm-g0dCCpyGuDF98Sx61gG2XXpBwJ_DQho2jgT8eLkRXBkgpiedAoFhJXHAintGBL6Sc3WOamkK7VaYBCEZNNcHg9S08Zl6Hahc9xUs-YlDzz2s48rymuIWmXjw37bfZmJawYZ-WOwGt3sobwowd9sTdovh0YVjDzqJmSogxG8aZZkB8hYgvq97KBGrZYBKxZnVRoaUGxgpeC_Z3YtN3UigVFxRbmH2xfhGR3KWrv9nOY_EBzREmRYDkVaLYB4pAyet3USnftlniKwnTzkW_gJbhWfMXKk1FN0zBTK3SktnkOWdFsj4kn_JJuunS8ttfIMrOSOCgdEbKJ5ZeUH5BM7Vp0v-9BuvSLVMqX92Len6PAZXBYLx9j7C0XxXUF1dwXJWuyN1LPYwbCOdg8tlbyoyDNL8rwaxEOJxn4H0qkjfImy5Uibx6KEE70mSLzBCI-pL5MuCT5Nks5qwBSqvVyRIJ3rvJYtjMokDCp12CZU3E8PegPnIPAQ67tMDAlXm7lKUlGdjLzuLouuTW3gKMWL22-ZqCCAFDVgzEwM5mvNlxJqRHgLanHn5NDaxXWK_HOudMRVlXgdQDAf5ixObXxuiE9CRUgGV29FX3Wc8oLLg9e5f9m55jqLywIs7Mko10LSj9zbaM1jynF7qFDJRtBk1fXjnmZ4wfl73VZctSAnUHj8P_fg5ywBLLlEp25-c9iT3cxe48Ceg8Z2uZd4HUSq_NIWRkv4NJml1iiLVbhcEY9o6y0gcgXgX6Z6mgWjFbIo7JLtss78vL94CP7yQ_VQKi3XnivjBL3gRYV4LGRXYvAkVhtcBKf18S3OE9e3Qo1MX2CwXQg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Oct 2020 10:11:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame EA21 42 B
540 B 20ms
20ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuL2gKYvGA-2Cg3pzyaNC5fXP7GQNaSF202KdR2fJs_v22HVzY7vXdPyepgWLuQm61Qm2d62RDUhq6_dCgnYW0bcNASz24Lj6Sz29z7AoR20hA3ZRZ8Mm5_kq8_8w&sai=AMfl-YTwZSFugHkdgINrR-pAp6QjEhjKje7W_fIYlavYZqEKYpr7EXRBQDoGtJ2C8Ntq7Y0vZhu-i3hv0J2iizcLrAJg7dCNZbS04_TD-3UW3LSMcpuqdyVxpbS0Zvgo&sig=Cg0ArKJSzGBLhqCrtH2rEAE&cid=CAASPeRoYU8SdInA9UnpyhXduC5mXxozRe4GmAGU2WbDUA5cNkfApDa4O-4T511XvTn-5GykTWBtG32-LGCrspk&id=ampim&o=980,637&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1003&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&tfs=212&tls=1215&g=100&h=100&tt=1215&r=v&avms=ampa&adk=31174620

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Oct 2020 10:11:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 91F8 42 B
65 B 26ms
26ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstW5SstpzHnoj8l_-pl2AdpS_PN8CAB4e4pPW1wO6Y5L5mxX2JlHhIfAe41Ks045kMaedqYi5pAV2UvceEuOLUfowfdXaxZJE6XhocAw2dBzsGiy1wh5oXSVKT63cVKLY1MQMrY_7EoLoGXw8RLk-wEeg&sai=AMfl-YRdBsft-X2qH_aZbjEUMvRCPTPwYNsJ-nhX1bKOXEzw8bDsdEl67dN4YnfF6ZSEcHPYa2jPW3fC0GyeFKnVFRTjCOSQpkXelXeXVHCjND38ZXaQb7iEuNNhVhTd&sig=Cg0ArKJSzJJxjrgofjsAEAE&cid=CAASPeRoMqbIon6smUkRb_9ZYdvCxJHksvMKqMa9jB4njy5Ghu9nrWnJiDL3Z2EFRDLSzWlk4WEf-G8d__pYn38&id=ampim&o=320,483&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=154&tls=1154&g=100&h=100&tt=1155&r=v&avms=ampa&adk=30620639

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Oct 2020 10:11:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A45A 42 B
65 B 18ms
17ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNupJAMSP-c3vb3sFD6W2SjJGZgg2YJ7iMh3vT9sYC2loVxkxVHcs8yzKIqZ_DHIlFgqZGtekn7QYlmfTv7p0bQ-OftKeIhoHHSFGt020&sig=Cg0ArKJSzByv3v5_GzGGEAE&adk=3753387349&tt=-1&bs=1600%2C1200&mtos=1061,1061,1061,1061,1061&tos=1061,0,0,0,0&p=0,0,90,728&mcvt=1061&rs=0&ht=0&tfs=257&tls=1318&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=155&niot_cbk=160&md=2&btr=0&cpmav=0&lm=2&rst=1603707085781&dlt&rpt=285&isd=0&msd&xdi=0&postrxl=1&bmi=1&ps=1600%2C11331&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1317&is=728%2C90&iframe_loc=http%3A%2F%2Fwww.orlytaitzesq.com%2F&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201023

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Oct 2020 10:11:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 17:47:39	Name: VISITOR_INFO1_LIVE Value: Fpy2Gxn7nIg
.orlytaitzesq.com/	1970-01-19 22:15:29	Name: __auc Value: 2bc9a59617564641f8015405c96
.orlytaitzesq.com/	1970-01-19 13:28:28	Name: __asc Value: 2bc9a59617564641f8015405c96
.orlytaitzesq.com/	1970-01-19 13:28:28	Name: __utmb Value: 209516236.1.10.1603707085
.orlytaitzesq.com/	1970-01-19 13:28:27	Name: __utmt Value: 1
.orlytaitzesq.com/	1970-01-20 06:59:39	Name: __utma Value: 209516236.1058099512.1603707085.1603707085.1603707085.1
.orlytaitzesq.com/	1969-12-31 23:59:59	Name: __utmc Value: 209516236
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: z6Fg-rSy73I
.orlytaitzesq.com/	1970-01-19 17:51:15	Name: __utmz Value: 209516236.1603707085.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js(Line 417) Message: Powered by AMP ⚡ HTML – Version 2010122315000 http://www.orlytaitzesq.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js(Line 417) Message: Powered by AMP ⚡ HTML – Version 2010122315000 http://www.orlytaitzesq.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

25dd6d3f91070678031188e975226238.safeframe.googlesyndication.com
40b6bdcdddfc0625e5db165fb7eac6d0.safeframe.googlesyndication.com
8006cf7d3687d5ba633aef2407cf117d.safeframe.googlesyndication.com
9ebf52670b792882c5e5f44935721910.safeframe.googlesyndication.com
a867ee162c8ea1fd193d446ab42222743.profile.fra53-c1.cloudfront.net
ads3.mthsense.com
adservice.google.com
adservice.google.de
af1ba2f55bd92e12fe9d8d397864e76a.safeframe.googlesyndication.com
api.lanistaads.com
buttons.googlesyndication.com
cdn.ampproject.org
certify.alexametrics.com
cloudfront-labs.amazonaws.com
d2tbmvllb55wxq.cloudfront.net
d31qbv1cthcecs.cloudfront.net
ef2ebc0431bca7f1b91cd6defcbcffca.safeframe.googlesyndication.com
fs.gweini.com
googleads.g.doubleclick.net
media.breitbart.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
platform.twitter.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
s.gweini.com
securepubads.g.doubleclick.net
storage.googleapis.com
syndication.twitter.com
taitzreport.com
tpc.googlesyndication.com
us.i1.yimg.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.netvibes.com
www.orlytaitzesq.com
www.paypal.com
www.paypalobjects.com
www.petition2congress.com
www.thegatewaypundit.com
www.youtube.com
104.111.228.123
104.244.42.200
13.35.253.160
143.204.208.131
151.101.12.157
151.101.193.21
172.217.23.130
193.189.143.34
2606:2800:134:fa2:1627:1fe:edb:1665
2606:4700:10::ac43:2958
2607:f1c0:100f:f000::250
2a00:1288:80:800::7000
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:815::2010
2a00:1450:4001:816::2001
2a00:1450:4001:819::2004
2a00:1450:4001:81d::2002
2a00:1450:4001:81e::2002
2a00:1450:4001:821::200e
2a00:1450:4001:824::200e
2a00:1450:400c:c04::84
34.98.126.214
35.241.35.213
40.84.148.247
52.14.128.61
52.3.114.119
52.4.145.141
65.9.190.47
65.9.190.60
65.9.190.66
67.20.113.97
72.21.202.25
023a68a67bd279500043c380d24c57b7aae6d76d2f2aef799beadca36950ab9b
035008a671fa2f5aa82f38fc99f3df0eb527857c3b7e42bf0d5f2addc7b9b9ae
04446668d7fef7a6143cbb65377fe12668569af7ef2eb5c73f2d790f5d68ac01
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
070d4dea9892475272d9fa96611644f5cdb3abdc8bc1e5124e80ad7c8daca3ba
0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8
105de5812e37aa90fd719ea86e76a57357531b5f9502215d5817d6d3ada58f1e
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12682d42b57186ced3c068710abf89b837fd6b193874374e6de11efe54ca5c0d
13bc9de1964c9e5ec81697e1356a175650b248958046da884eab5e1150904e1d
1665506ab8c83c485ed0a0b961e152b4208458f871b04399ffc5018baf316200
1a6c40cc0bad75e4e6d5e9332ea3bbb729c74d099686335c3123e3a3bc5c2cfe
1cccb0d1dcd9771eca809edf5b0257b49f51945e3ac30f51da37cfd9a8ef1796
1d001ffd8d372613954fdc500d03d6e0c0149dad92455fbde0bb1ecb93f2702b
1d68fb29bbb1da59354b9e0fe7639644a42e13d9e0381005f2b15f801916a24a
1dc50cc05720d5979cb53e0a0bc27febc3d7dffba34cc8982d0fa52bbdfa0173
21c4026c2095492e493a113f1774b3a13cf30e19a93a3e346023aa498e750a53
226e1f6bd332b8724450b220d10f5d6888a2deb581f1cb1a3a35510fe73df188
233a904b439409d1fa1b8fd2ab1fdcec907c1aaf17e9e5ac101d45cdfe872ac3
26dd03f13f161b7d502fb705aa8b251e9ef2dcb21ba0c4d8e9045d8a144d4c74
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
2d65381c26070d4eced639cf18ef831c98152f7134a2c58493076ae2ad8fed27
2e2b246103528db3179d2ed64a61718c8202e9afbd644accfb85302fc6f46385
2ef3c331d5dd8cfd7cd4fa8afc1f482b8ba4a8e00a8e110ae7f70e0a6a8e5fe2
2f17ce8bab06450f044c8e5a7867bf0d05ec724fa0bfed2e633488d5633ba9d6
2f7a650bd47fb51257a5212eb8911ccaab4b24885827b5bbcf0dcdf687c51964
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
396f10b8d929eff06781faab324c190674d3429317fd43b5dd2e85865f45e5cc
3b952500941a6e13a5d568af224c0a6f89dd38b51c9a4ee991e00284c8ad83bb
3e50327f98aa82193d5b6217e95ba526c07bbc81ff0dd50a650007cecd23f935
4048c579465fd44176bc73fa0c81f19bbf75eea4c0269bd772db81ca50a2895b
40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573
42434e578691eac8c007f427b49b962990dd16f8a004acda3a7b2621ac5498d2
434ab7929510cf842b41ca73cd3d3aa1386ece90ee900afcd58e824c2afe5cea
54d89ee98004331e32a57c863f687fd488d8afa6b3ea0b4b4d1bfb88b3d7cdc1
55dd134081762cd1177a66a82e74d7fccd238870f486f0a38ef7a4495166ace9
56a8d91fbcfe0f111577df46a645909d545a8d20e702e4f26d5f0a7a8b591cea
5a66a9eb842badbde03b4eea09c267bbacf465b5918ff890a3532a72a29cc41b
5bf4f0187f8b56b1ecd95eb89dc1cd74ce4c54c9abc47899b2eaa0370b5fff19
6d9acbd04979a544c89a678dc91203b4367e21393a0f7c0947c8e2ae34e2c573
6e745ee399c09f38870abb2535b63f337c2730334790b3f0cd71065de66098fb
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
735c7b3ba798e1642fd859791c1a7d36309093657270aa0cc4ca28284d5ecd12
763fd8be27755874d97df36c07a55674d6ff6b14c4f206a281f7a4df597ca5da
77e75934de7a7d9b475ed5205181eed15c424e1ead2039ada5818432e841bc9f
7857372d2cc409977aab9f98daba85e9f79a89813e94669e2fc0df89faaf8c27
78e0412848a676ef0f690b7aa8b47f9ff01d023f0a11a7b6f56a738164399c86
7dfcaa0a93bf7be78f9d9adec993a0e2eb5eb914014b599abfb5ca9351ae16c1
7ee6e85a2f79ff3a3acc9655f71db591b468f6db903542ad66aff7451779f2ff
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fe5a0b02836ac823b358d3dc460a7c133fe356aa3db085d458a64afaf2cefd6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834a44939ada96bbb541032ab6b59aff56d08842786a85c0426337c94e01bb08
87ecb1f5bf30a4f019788a64ac0bc004176a28a539eb37bef3db06e1e44e0351
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bd58e04a6241a4b4e7af76e95b37e5903d0008f80ec81926b907eaa8550e458
8d79566ec34649aec4673d88d03a03528fa9b7378741b1be4ccbc89b7e90a54a
8ed130995eeb31a7d818aa6d143da8ea048b842d99de4c01141e0897ec75f221
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
9754802a20e3f412075abbc5d8f1b794001b0cd8ac87441919231de900d818ea
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
a3ef56776059c63a9cfc3942da96551853ab111d06ddb378a086c1ee77141283
a6e0ab30fa0d04487e9957b63a1aac2ca220131df04e05a646d91ed6a41c7911
a8a7a887757fecf184c23287fee3b0812e4490bf7000359ac4c7ffcc9383564b
a8d61d17162d32a3f60801ee590653dcda65c14e719f203758b8dcd6ee47d958
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ada7247129f48b1409f1bd93168aff2f817bf462dc35640d300a3cd1558c527f
ae3eab02cd1c63cf9f27505e5a1ad885db7f4c8a32b6d52083238e38543314d6
ae8d679563f9dda3e661b8548f5d79ef87157dfbeae8745e9b39dce177832708
af432c0e44760f0066d736ac479cf8c709f6b9cfae7edc955a14edddc3617ad1
b1826a7019dde654654a9df41a108cc9b005cfe74a1f233e5517550e9be78201
b5108bfe33b404ff36897a407d9c0b68b3a9fdd78c66cfc942b720b9935b14ae
b664ef8817f547a6910ae600ea85db4bded2986e4f369f9b7ae5047a0cc81b51
b73d4a41b76b1acc0796331a2630d5eef972a94183744384eb237161136945e9
b93041c86419712e621598adda1d9749ce2855af2fd4d952873ef00905922730
bb2282739e14d89938d9117cd4ab5bc9252e8f303ec91c8682956a72bb1128d7
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c52d8ecaada50da7a9739ca285872b431fad51042eccf398e2c2ecad8013880b
c5c8456a99c9441d6ef615bd9f4bfff03723342de5ab65689b2fdccc0142bd3d
c60536e1387fd63f18755c87e9028bc138c1cb11fc77a64a159777aae49a12b5
cec0576649667442f929687c183661c292799cb7f46b8e846f80ac0aed007d74
cffdcd84f83d2e322a082e2ec4e2325548ec38aaead3e1acbdfe06dca5ef568e
d4fe35ae7cb63b874da447fdf6cc6f9a15d4e4ea1c8709f98c30ec7df7eb8e9a
d9ab4d66d758c1c98f75d9a386e2efea59838d4ea0d6fc956c1bd7a3889159e2
daba16753648681e29c402e97f20613d21bf32b1e929967846f7855e70504f97
db83a8bdb2f19f3abdf194aa026edffd96dcf185bc5cedb958f341b206c8f1ce
dc8d52ba16a8441eeff66731ec05b9f0e3b7c72f323de71ba01af0e85d7360b5
e0a70c5d116d9c823c7d7958ecea2a7926315fac156e390bd7dc8a5fa088cdc3
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cc0e3bd0314aec716ad6f3b87c221329c2abb93257db23d0fe41c0b3b43f4f
e4f827e4cc6cb17fed503066b19e089e5507305d90d5b052a35c299372bf736e
e68b2d2efd1b7f25593795d295dece45a1f403e8768ca22a945114ca940c18e9
e893411e83c7c6f5e7cb56845949c8bfe1b735562c0e3b3ab966bff9178aa5b8
eac5845b74d8c26664e5d47faae073243a5d31196b87d0e0e9ea5130082afefe
ec009135b6b12ed545a33ec38adaee23de8b1eb42e00457fcafa709fb11116a8
ed8af83f56d8304478081a0340f2ec85db45c352aeab39c894270c2009b60a2f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00c9596328ad3cf83c7da4bb46cd2d69098938eae4db128ea8066e1c585daca
f1944dfab895719c05bfa773ae9ffdfb3198a1294d3427b323f983dc14eb3a8e
f4ee009a24925f6617ea25066e34d260d1e5e22352183e261dd36961bb4dd35c
f8cd6c4ea09e9d8839bd7caa16a1176bd5394f39edd7ecaaba2e4b64eeea8d62
f8ea34ebd789e00c1519bcb5ec4cfb074f7fbd9c0fa1f07bef1978e7788d4e45
fd7df62a132da5e5383148c765e1249afa304c9c5a66447cbc7fff9b02f24769

www.orlytaitzesq.com Open in urlscan Pro 67.20.113.97 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

197 Requests

73 %HTTPS

42 %IPv6

28 Domains

42 Subdomains

30 IPs

6 Countries

3713 kBTransfer

6625 kBSize

9 Cookies

52 Outgoing links

Page URL History

Redirected requests

197 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.orlytaitzesq.com Open in urlscan Pro
67.20.113.97 Public Scan

Screenshot
Live screenshot

Full Image

197
Requests

73 %
HTTPS

42 %
IPv6

28
Domains

42
Subdomains

30
IPs

6
Countries

3713 kB
Transfer

6625 kB
Size

9
Cookies

197 HTTP transactions
6 data transactions