asta.ee Open in urlscan Pro
188.92.161.4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://asta.ee/
Effective URL:
http://asta.ee/s/
Submission: On March 11 via api (March 11th 2023, 12:08:03 am UTC) from US — Scanned from US

Summary HTTP 114 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 12 domains to perform 114 HTTP transactions. The main IP is 188.92.161.4, located in Estonia and belongs to COMPIC # uplinks, EE. The main domain is asta.ee.

This is the only time asta.ee was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 22	188.92.161.4 188.92.161.4	39823 (COMPIC # ...) (COMPIC # uplinks)
18	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:e80:0:21... 2a02:e80:0:2102::2	39823 (COMPIC # ...) (COMPIC # uplinks)
9	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:808::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:807::2002	15169 (GOOGLE) (GOOGLE)
6	23.195.100.26 23.195.100.26	16625 (AKAMAI-AS) (AKAMAI-AS)
14	23.52.163.93 23.52.163.93	16625 (AKAMAI-AS) (AKAMAI-AS)
11	2607:f8b0:400... 2607:f8b0:4006:809::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
2	104.117.182.27 104.117.182.27	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5 6	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
2 4	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	68.67.160.114 68.67.160.114	29990 (ASN-APPNEX) (ASN-APPNEX)
17	2607:f8b0:400... 2607:f8b0:4006:80b::2006	15169 (GOOGLE) (GOOGLE)
4	104.117.182.24 104.117.182.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2004	15169 (GOOGLE) (GOOGLE)
114	19

22 188.92.161.4 (Estonia) 2 redirects

ASN39823 (COMPIC # uplinks, EE)
PTR: asta.ee

asta.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4006:80f::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:e80:0:2102::2 (Estonia)

ASN39823 (COMPIC # uplinks, EE)

go.log.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:81f::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:808::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.195.100.26 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-100-26.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 23.52.163.93 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-163-93.deploy.static.akamaitechnologies.com

warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:809::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.117.182.27 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-27.deploy.static.akamaitechnologies.com

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.72.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.40.39.223 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.114 (New York, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:80b::2006 (Nutley, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.117.182.24 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-24.deploy.static.akamaitechnologies.com

res-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 134	314 KB
22	asta.ee 2 redirects asta.ee	239 KB
20	media.net contextual.media.net — Cisco Umbrella Rank: 591 warp.media.net — Cisco Umbrella Rank: 2266 hblg.media.net — Cisco Umbrella Rank: 1853 lg3.media.net — Cisco Umbrella Rank: 4966 cs.media.net — Cisco Umbrella Rank: 1370	290 KB
17	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 272	116 KB
17	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 310	75 KB
6	akamaihd.net qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1866 res-a.akamaihd.net — Cisco Umbrella Rank: 7827	94 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	146 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	600 B
1	log.ee go.log.ee	707 B
114	12

	Domain	Requested by
22	asta.ee	2 redirects asta.ee
18	pagead2.googlesyndication.com	asta.ee pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
17	s0.2mdn.net	asta.ee s0.2mdn.net
11	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
6	contextual.media.net	googleads.g.doubleclick.net contextual.media.net
5	lg3.media.net	googleads.g.doubleclick.net contextual.media.net
5	hblg.media.net	googleads.g.doubleclick.net
4	res-a.akamaihd.net	contextual.media.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	asta.ee
2	cs.media.net	contextual.media.net
2	qsearch-a.akamaihd.net	googleads.g.doubleclick.net
2	warp.media.net	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	go.log.ee	asta.ee
114	21

This site contains links to these domains. Also see Links.

Domain
rus.log.ee
go.log.ee

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh

This page contains 15 frames:

Primary Page: http://asta.ee/s/
Frame ID: B9B767EB15988C94B2CC1778A03EC2A4
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20190131/zrt_lookup.html
Frame ID: 8D3232A90EBEC0E4FDEFC75C2EC87104
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6158005011030073&output=html&adk=1812271804&adf=3025194257&lmt=1678492148&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l&format=0x0&url=http%3A%2F%2Fasta.ee%2Fs%2F&ea=0&pra=5&wgl=1&dt=1678493276236&bpp=5&bdt=889&idt=314&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8614673388004&frm=20&pv=2&ga_vid=1934761258.1678493277&ga_sid=1678493277&ga_hid=668485955&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44777876%2C44759926%2C31071756%2C31072742&oid=2&pvsid=716618282561282&tmod=1626622857&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=338
Frame ID: 0A47B5B40AEF8A900023A75878584D70
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6158005011030073&output=html&h=90&slotname=9892722660&adk=991847123&adf=1958525746&pi=t.ma~as.9892722660&w=728&lmt=1678492148&format=728x90&url=http%3A%2F%2Fasta.ee%2Fs%2F&wgl=1&dt=1678493276241&bpp=2&bdt=895&idt=343&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8614673388004&frm=20&pv=1&ga_vid=1934761258.1678493277&ga_sid=1678493277&ga_hid=668485955&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=258&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44777876%2C44759926%2C31071756%2C31072742&oid=2&pvsid=716618282561282&tmod=1626622857&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XA33ZG9RzY&p=http%3A//asta.ee&dtd=349
Frame ID: 0B9BE1802EAC121AF1339D665E47B4A4
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6158005011030073&output=html&h=600&slotname=0292416714&adk=1849145940&adf=4190953183&pi=t.ma~as.0292416714&w=160&lmt=1678492148&format=160x600&url=http%3A%2F%2Fasta.ee%2Fs%2F&wgl=1&dt=1678493276243&bpp=1&bdt=897&idt=353&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8614673388004&frm=20&pv=1&ga_vid=1934761258.1678493277&ga_sid=1678493277&ga_hid=668485955&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1257&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44777876%2C44759926%2C31071756%2C31072742&oid=2&pvsid=716618282561282&tmod=1626622857&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=ELNS11xaVM&p=http%3A//asta.ee&dtd=358
Frame ID: EB2F83B4FFE8A81D1143211ACEADF906
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6158005011030073&output=html&h=90&slotname=6956419866&adk=801737595&adf=3476139620&pi=t.ma~as.6956419866&w=728&lmt=1678492148&format=728x90&url=http%3A%2F%2Fasta.ee%2Fs%2F&wgl=1&dt=1678493276244&bpp=1&bdt=898&idt=361&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600&nras=1&correlator=8614673388004&frm=20&pv=1&ga_vid=1934761258.1678493277&ga_sid=1678493277&ga_hid=668485955&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=437&ady=1198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44777876%2C44759926%2C31071756%2C31072742&oid=2&pvsid=716618282561282&tmod=1626622857&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=MCVknW0Z6P&p=http%3A//asta.ee&dtd=365
Frame ID: 5ACF383C4BFA931B37CFE566C6428601
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDiLxCBwf-HAhjP8PXiATAB&v=APEucNWF2H0faFt5wNuj-dGmHS2eXGLb6kcwlOo7L5q3tXddLPwO8dwzKH1is7XOp6f4L1VC6vzmXZH5p4ECpdZPOrIJ32h5Wg
Frame ID: B41FB95A7FADA3357E875AED92396652
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=764724967&size=728x90&cc=US&sc=IL&chnm=HARMONY&pid=8POJ4N28G&tpid=TL388V6&https=1&vif=2&requrl=http%3A%2F%2Fasta.ee%2Fs&nse=5&vi=1678493277339808009&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B4xqNa/qx4&bcpf=B4xqNa8fOnRrolnfOur8%2Fqx4&bdrId=294&bid=337997&ntv=0&matchstring=hr%3D0%7C&sff=0&katpre=1&katbid=-102&pgid=p01070296690t202303110007&essld=fF9f%3AkkNW%3A999u%3A9999%3A9999%3A9999%3A9999%3A9999~Pb~_t~Q71kkmLO&htmlsrc=1&isid=294&allsc=IL
Frame ID: 37559C396F343E0E5A19053F2039F340
Requests: 8 HTTP requests in this frame

Frame: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=764724967&size=728x90&cc=US&sc=IL&chnm=HARMONY&pid=8POJ4N28G&tpid=TL388V6&https=1&vif=2&requrl=http%3A%2F%2Fasta.ee%2Fs&nse=5&vi=1678493277350353905&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B4xqNa/qx4&bcpf=8fOnRrolnfOur8B4xqNa%2Fqx4&bdrId=294&bid=337998&ntv=0&matchstring=hr%3D0%7C&sff=0&katpre=1&katbid=-102&pgid=p01070296690t202303110007&essld=fF9f%3AkkNW%3A999u%3A9999%3A9999%3A9999%3A9999%3A9999~Pb~VT~pJQ7n%3Dw8N1ym&htmlsrc=1&isid=294&allsc=IL
Frame ID: EF258331AFACDC745DA93E26D400FE9B
Requests: 8 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: FD4D95709D0D124BD58ADED3FFE81BC1
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 35D87C0CCD417A812392828793F1CE76
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9CE0B2C7A5B38BEE1AB7EF29B1191C36
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/index.html
Frame ID: 5F82D889388C9E10134B2F271945C5BC
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4838DC27139ED7BC68A5DAB66D22C6B4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FC523CBE1C26E26851DB08A4322F3464
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Объявления Эстонии

Page URL History Show full URLs

http://asta.ee/ HTTP 302
http://asta.ee/s HTTP 301
http://asta.ee/s/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

114
Requests

75 %
HTTPS

50 %
IPv6

12
Domains

21
Subdomains

19
IPs

3
Countries

1279 kB
Transfer

3321 kB
Size

12
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://rus.log.ee/
Title: Каталог сайтов

Search URL Search Domain Scan URL

URL: http://rus.log.ee/news/
Title: Новости Эстонии

Search URL Search Domain Scan URL

URL: http://go.log.ee/?fromsite=3

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://asta.ee/ HTTP 302
http://asta.ee/s HTTP 301
http://asta.ee/s/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFia6wgqQg6Z8ImK0El3rzs&google_cver=1

Request Chain 53

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAvGXcRuLx6YdHAzG28s-gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFia6wgqQg6Z8ImK0El3rzs&google_cver=1

Request Chain 54

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEE-xV4-HWpEOp21GoIGP-uE&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEE-xV4-HWpEOp21GoIGP-uE%26google_cver%3D1

Request Chain 55

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyODU2OTQ0MDI3NzY3Mzc4NQ%3D%3D

Request Chain 74

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzIxNDk0ODc3NjQxOTU4MTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESENrZe12dzGa_HisUdLTLRQc&google_cver=1

Request Chain 75

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzIxNDk0ODc3NjQxOTUwMjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESENrZe12dzGa_HisUdLTLRQc&google_cver=1

114 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
asta.ee/s/
Redirect Chain

http://asta.ee/
http://asta.ee/s
http://asta.ee/s/

23 KB
7 KB

1356ms
1355ms

Document
text/html

188.92.161.4
COMPIC # uplinks

General

Check archive.org

Show headers Download Go to

Full URL: http://asta.ee/s/
Protocol: HTTP/1.1
Server: 188.92.161.4 , Estonia, ASN39823 (COMPIC # uplinks, EE),
Reverse DNS: asta.ee
Software: Apache/2.2.22 (Debian) / PHP/5.4.45-0+deb7u14
Resource Hash: e1e961c5757f366976e53c9ef0e05cea36620b33b02ba5acc3afab7c588b2f3a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 6414
Content-Type: text/html; charset=utf-8
Date: Fri, 10 Mar 2023 23:49:07 GMT
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Keep-Alive: timeout=15, max=98
Last-Modified: Fri, 10 Mar 2023 23:49:08 GMT
Pragma: no-cache
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.45-0+deb7u14

Redirect headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 10 Mar 2023 23:49:06 GMT
Keep-Alive: timeout=15, max=99
Location: http://asta.ee/s/
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding

GET
H/1.1 200
OK acss.css
asta.ee/s/ 11 KB
3 KB 158ms
156ms Stylesheet
text/css 188.92.161.4
COMPIC # uplinks

General

Check archive.org

Show headers Download Go to

Full URL: http://asta.ee/s/acss.css
Requested by: Host: asta.ee
URL: http://asta.ee/s/
Protocol: HTTP/1.1
Server: 188.92.161.4 , Estonia, ASN39823 (COMPIC # uplinks, EE),
Reverse DNS: asta.ee
Software: Apache/2.2.22 (Debian) /
Resource Hash: 496a765cec43d0e8abf585c4059324004e992aa8d9ff67ccbe43590c685ba63d

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 23:49:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Feb 2023 19:29:58 GMT
Server: Apache/2.2.22 (Debian)
ETag: "19c004-2cb6-5f56309c49980"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 2557

GET
H/1.1 200
OK template.css
asta.ee/s/templates/ee/css/ 157 KB
25 KB 167ms
163ms Stylesheet
text/css 188.92.161.4
COMPIC # uplinks

General

Check archive.org

Show headers Download Go to

Full URL: http://asta.ee/s/templates/ee/css/template.css?395d4edd093776fbf35f3bceb112c252
Requested by: Host: asta.ee
URL: http://asta.ee/s/
Protocol: HTTP/1.1
Server: 188.92.161.4 , Estonia, ASN39823 (COMPIC # uplinks, EE),
Reverse DNS: asta.ee
Software: Apache/2.2.22 (Debian) /
Resource Hash: fda5fd4eb688a7b39a017ae9d4c595ba1a61097e6be8bcc693a4e709cdd04018

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 23:49:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Feb 2023 20:17:58 GMT
Server: Apache/2.2.22 (Debian)
ETag: "1aa2d8-2733c-5f563b56de980"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 24916

GET
H/1.1 200
OK jquery.min.js Show response
asta.ee/s/media/jui/js/ 95 KB
33 KB 326ms
168ms Script
application/javascript 188.92.161.4
COMPIC # uplinks

General

Check archive.org

Show headers Download Go to

Full URL: http://asta.ee/s/media/jui/js/jquery.min.js
Requested by: Host: asta.ee
URL: http://asta.ee/s/
Protocol: HTTP/1.1
Server: 188.92.161.4 , Estonia, ASN39823 (COMPIC # uplinks, EE),
Reverse DNS: asta.ee
Software: Apache/2.2.22 (Debian) /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 23:49:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Apr 2018 09:00:53 GMT
Server: Apache/2.2.22 (Debian)
ETag: "1a82a2-17b8b-56a1bb1311b40"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96
Content-Length: 33760

GET
H/1.1 200
OK jquery-noconflict.js Show response
asta.ee/s/media/jui/js/ 21 B
391 B 486ms
158ms Script
application/javascript 188.92.161.4
COMPIC # uplinks

General

Check archive.org

Show headers Download Go to

Full URL: http://asta.ee/s/media/jui/js/jquery-noconflict.js
Requested by: Host: asta.ee
URL: http://asta.ee/s/
Protocol: HTTP/1.1
Server: 188.92.161.4 , Estonia, ASN39823 (COMPIC # uplinks, EE),
Reverse DNS: asta.ee
Software: Apache/2.2.22 (Debian) /
Resource Hash: 5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 23:49:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Apr 2018 09:00:53 GMT
Server: Apache/2.2.22 (Debian)
ETag: "1a829e-15-56a1bb1311b40"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 41

GET
H/1.1 200
OK jquery-migrate.min.js Show response
asta.ee/s/media/jui/js/ 10 KB
4 KB 611ms
153ms Script
application/javascript 188.92.161.4
COMPIC # uplinks

General

Check archive.org

Show headers Download Go to

Full URL: http://asta.ee/s/media/jui/js/jquery-migrate.min.js
Requested by: Host: asta.ee
URL: http://asta.ee/s/
Protocol: HTTP/1.1
Server: 188.92.161.4 , Estonia, ASN39823 (COMPIC # uplinks, EE),
Reverse DNS: asta.ee
Software: Apache/2.2.22 (Debian) /
Resource Hash: 01ebeb3fcdc269ef402f29f9fba025d3266fcd5c54ae7bca44aaa7c2cf738d93

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 23:49:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Apr 2018 09:00:53 GMT
Server: Apache/2.2.22 (Debian)
ETag: "1a829d-26e7-56a1bb1311b40"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 3957

GET
H/1.1 200
OK jquery.min.js Show response
asta.ee/s/media/juloalib/js/ 94 KB
33 KB 617ms
159ms Script
application/javascript 188.92.161.4
COMPIC # uplinks

General

Check archive.org

Show headers Download Go to

Full URL: http://asta.ee/s/media/juloalib/js/jquery.min.js
Requested by: Host: asta.ee
URL: http://asta.ee/s/
Protocol: HTTP/1.1
Server: 188.92.161.4 , Estonia, ASN39823 (COMPIC # uplinks, EE),
Reverse DNS: asta.ee
Software: Apache/2.2.22 (Debian) /
Resource Hash: 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 23:49:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Apr 2018 09:00:54 GMT
Server: Apache/2.2.22 (Debian)
ETag: "1a82f1-176bb-56a1bb1405d80"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 33282

GET
H/1.1 200
OK fullnoconflict.js Show response
asta.ee/s/media/juloalib/js/ 29 B
400 B 612ms
154ms Script
application/javascript 188.92.161.4
COMPIC # uplinks

General

Check archive.org

Show headers Download Go to

Full URL: http://asta.ee/s/media/juloalib/js/fullnoconflict.js
Requested by: Host: asta.ee
URL: http://asta.ee/s/
Protocol: HTTP/1.1
Server: 188.92.161.4 , Estonia, ASN39823 (COMPIC # uplinks, EE),
Reverse DNS: asta.ee
Software: Apache/2.2.22 (Debian) /
Resource Hash: 29277744a42bd113d98fe7727596bfee6aa2832362c042ef120483f921f31f07

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 23:49:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Apr 2018 09:00:54 GMT
Server: Apache/2.2.22 (Debian)
ETag: "1a82ef-1d-56a1bb1405d80"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 49

GET
H/1.1 200
OK bootstrap.min.js Show response
asta.ee/s/media/jui/js/ 28 KB
8 KB 618ms
159ms Script
application/javascript 188.92.161.4
COMPIC # uplinks

General

Check archive.org

Show headers Download Go to

Full URL: http://asta.ee/s/media/jui/js/bootstrap.min.js
Requested by: Host: asta.ee
URL: http://asta.ee/s/
Protocol: HTTP/1.1
Server: 188.92.161.4 , Estonia, ASN39823 (COMPIC # uplinks, EE),
Reverse DNS: asta.ee
Software: Apache/2.2.22 (Debian) /
Resource Hash: 4f2fbb4d5bf77845cd4ac6e5864594d60e215aa9442c5f4f30fb52bf2981574f

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 23:49:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Apr 2018 09:00:53 GMT
Server: Apache/2.2.22 (Debian)
ETag: "1a8292-714a-56a1bb1311b40"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 7578

GET
H/1.1 200
OK template.js Show response
asta.ee/s/templates/ee/js/ 1 KB
897 B 643ms
157ms Script
application/javascript 188.92.161.4
COMPIC # uplinks

General

Check archive.org

Show headers Download Go to

Full URL: http://asta.ee/s/templates/ee/js/template.js?395d4edd093776fbf35f3bceb112c252
Requested by: Host: asta.ee
URL: http://asta.ee/s/
Protocol: HTTP/1.1
Server: 188.92.161.4 , Estonia, ASN39823 (COMPIC # uplinks, EE),
Reverse DNS: asta.ee
Software: Apache/2.2.22 (Debian) /
Resource Hash: b95e71c3c698f7df2f2a46176ff66267908b949184453babf44a2c05cd281776

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 23:49:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Apr 2018 09:01:41 GMT
Server: Apache/2.2.22 (Debian)
ETag: "1aa2e6-575-56a1bb40d8740"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 545

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 119ms
73ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: asta.ee
URL: http://asta.ee/s/

Protocol

HTTP/1.1

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4646510ce4f9d852513b50bf48742dcee2049d22a207fc10c493a8a2d2881f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 11 Mar 2023 00:07:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 51443
X-XSS-Protection: 0
Server: cafe
ETag: 5028724519254529303
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Sat, 11 Mar 2023 00:07:56 GMT

GET
H/1.1 200
OK asta.gif
asta.ee/s/img/ 2 KB
2 KB 146ms
146ms Image
image/gif 188.92.161.4
COMPIC # uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://asta.ee/s/img/asta.gif
Requested by: Host: asta.ee
URL: http://asta.ee/s/
Protocol: HTTP/1.1
Server: 188.92.161.4 , Estonia, ASN39823 (COMPIC # uplinks, EE),
Reverse DNS: asta.ee
Software: Apache/2.2.22 (Debian) /
Resource Hash: 82789661281f0ac7e9b88a5b73c0ccdf7b028ba8f21f9c5d8c38794f0ab34bae

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 23:49:09 GMT
Last-Modified: Wed, 18 Apr 2018 09:00:01 GMT
Server: Apache/2.2.22 (Debian)
ETag: "1a62ad-792-56a1bae17a640"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 1938

GET
H/1.1 200
OK ee.gif
asta.ee/s/img/ 71 B
361 B 154ms
153ms Image
image/gif 188.92.161.4
COMPIC # uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://asta.ee/s/img/ee.gif
Requested by: Host: asta.ee
URL: http://asta.ee/s/
Protocol: HTTP/1.1
Server: 188.92.161.4 , Estonia, ASN39823 (COMPIC # uplinks, EE),
Reverse DNS: asta.ee
Software: Apache/2.2.22 (Debian) /
Resource Hash: f26102462c7175b14831e9a7220dd134a2da5a594d567db2b9da943054aae939

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 23:49:09 GMT
Last-Modified: Wed, 18 Apr 2018 09:00:01 GMT
Server: Apache/2.2.22 (Debian)
ETag: "1a62af-47-56a1bae17a640"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 71

GET
H/1.1 200
OK nopic.gif
asta.ee/s/img/ 1 KB
1 KB 154ms
153ms Image
image/gif 188.92.161.4
COMPIC # uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://asta.ee/s/img/nopic.gif
Requested by: Host: asta.ee
URL: http://asta.ee/s/
Protocol: HTTP/1.1
Server: 188.92.161.4 , Estonia, ASN39823 (COMPIC # uplinks, EE),
Reverse DNS: asta.ee
Software: Apache/2.2.22 (Debian) /
Resource Hash: 31e85bf1c658620a43d42c00f5a1e5ba222da3237bda05efb6ecf12555ac032e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 23:49:09 GMT
Last-Modified: Wed, 20 Feb 2019 16:42:05 GMT
Server: Apache/2.2.22 (Debian)
ETag: "1a6c44-42f-5825609b1d140"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=95
Content-Length: 1071

GET
H/1.1 200
OK f-sioterapeut-tartu-fizioterapevt-v-tartu_12923_1_t.jpg
asta.ee/s/images/com_adsmanager/contents/ 11 KB
11 KB 155ms
153ms Image
image/jpeg 188.92.161.4
COMPIC # uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://asta.ee/s/images/com_adsmanager/contents/f-sioterapeut-tartu-fizioterapevt-v-tartu_12923_1_t.jpg
Requested by: Host: asta.ee
URL: http://asta.ee/s/
Protocol: HTTP/1.1
Server: 188.92.161.4 , Estonia, ASN39823 (COMPIC # uplinks, EE),
Reverse DNS: asta.ee
Software: Apache/2.2.22 (Debian) /
Resource Hash: 8cc24c39a93a0f986596a0be4c2445ded12575831c1d373cf5aedcb11c5778d5

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 23:49:09 GMT
Last-Modified: Fri, 10 Mar 2023 09:54:58 GMT
Server: Apache/2.2.22 (Debian)
ETag: "1a7632-2cd1-5f688c1070080"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 11473

GET
H/1.1 200
OK izgotovlenie-i-montazh-metallokonstruktsij-svarochnye-raboty_12915_1_t.jpg
asta.ee/s/images/com_adsmanager/contents/ 13 KB
13 KB 149ms
148ms Image
image/jpeg 188.92.161.4
COMPIC # uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://asta.ee/s/images/com_adsmanager/contents/izgotovlenie-i-montazh-metallokonstruktsij-svarochnye-raboty_12915_1_t.jpg
Requested by: Host: asta.ee
URL: http://asta.ee/s/
Protocol: HTTP/1.1
Server: 188.92.161.4 , Estonia, ASN39823 (COMPIC # uplinks, EE),
Reverse DNS: asta.ee
Software: Apache/2.2.22 (Debian) /
Resource Hash: c2db4cfc1567910a66d4ca3d80eba5e622f7d77b0bdb1fffbf255e125678e3dd

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 23:49:09 GMT
Last-Modified: Wed, 08 Mar 2023 20:31:39 GMT
Server: Apache/2.2.22 (Debian)
ETag: "1a7aab-3305-5f6696a4d40c0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 13061

GET
H/1.1 200
OK otdam-v-khoroshie-ruki-sobaku-griffona-garri_12914_1_t.jpg
asta.ee/s/images/com_adsmanager/contents/ 10 KB
10 KB 148ms
147ms Image
image/jpeg 188.92.161.4
COMPIC # uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://asta.ee/s/images/com_adsmanager/contents/otdam-v-khoroshie-ruki-sobaku-griffona-garri_12914_1_t.jpg
Requested by: Host: asta.ee
URL: http://asta.ee/s/
Protocol: HTTP/1.1
Server: 188.92.161.4 , Estonia, ASN39823 (COMPIC # uplinks, EE),
Reverse DNS: asta.ee
Software: Apache/2.2.22 (Debian) /
Resource Hash: 9ef48f21b13ebd271411b6138a700389582e9b3a61343e69ddd18389ec971d95

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 23:49:09 GMT
Last-Modified: Wed, 08 Mar 2023 11:02:00 GMT
Server: Apache/2.2.22 (Debian)
ETag: "1a7aa1-286b-5f66175131a00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 10347

GET
H/1.1 200
OK poznakomlyus_12911_1_t.jpg
asta.ee/s/images/com_adsmanager/contents/ 39 KB
39 KB 267ms
151ms Image
image/jpeg 188.92.161.4
COMPIC # uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://asta.ee/s/images/com_adsmanager/contents/poznakomlyus_12911_1_t.jpg
Requested by: Host: asta.ee
URL: http://asta.ee/s/
Protocol: HTTP/1.1
Server: 188.92.161.4 , Estonia, ASN39823 (COMPIC # uplinks, EE),
Reverse DNS: asta.ee
Software: Apache/2.2.22 (Debian) /
Resource Hash: 848904993af1ef529cb842da3ca585d4bdd6c36ac07cbb7b66295712a5133eb2

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 23:49:09 GMT
Last-Modified: Wed, 08 Mar 2023 06:11:52 GMT
Server: Apache/2.2.22 (Debian)
ETag: "1a7a9a-9cb9-5f65d677a1a00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 40121

GET
H/1.1 200
OK demontazhnye-raboty_12909_1_t.jpg
asta.ee/s/images/com_adsmanager/contents/ 20 KB
20 KB 283ms
152ms Image
image/jpeg 188.92.161.4
COMPIC # uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://asta.ee/s/images/com_adsmanager/contents/demontazhnye-raboty_12909_1_t.jpg
Requested by: Host: asta.ee
URL: http://asta.ee/s/
Protocol: HTTP/1.1
Server: 188.92.161.4 , Estonia, ASN39823 (COMPIC # uplinks, EE),
Reverse DNS: asta.ee
Software: Apache/2.2.22 (Debian) /
Resource Hash: 17d7f1795a57884d333ae95c1be3da6f0b1a509f919433c5bcb09b3cbdacc3e2

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 23:49:09 GMT
Last-Modified: Tue, 07 Mar 2023 11:06:11 GMT
Server: Apache/2.2.22 (Debian)
ETag: "1a7a93-4f09-5f64d6631aec0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 20233

GET
H/1.1 200
OK prodaetsya-1-komnatnaya-kvartira-v-kokhtla-yarve_12906_1_t.jpg
asta.ee/s/images/com_adsmanager/contents/ 12 KB
13 KB 295ms
158ms Image
image/jpeg 188.92.161.4
COMPIC # uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://asta.ee/s/images/com_adsmanager/contents/prodaetsya-1-komnatnaya-kvartira-v-kokhtla-yarve_12906_1_t.jpg
Requested by: Host: asta.ee
URL: http://asta.ee/s/
Protocol: HTTP/1.1
Server: 188.92.161.4 , Estonia, ASN39823 (COMPIC # uplinks, EE),
Reverse DNS: asta.ee
Software: Apache/2.2.22 (Debian) /
Resource Hash: dab2dd333c0796d438eb9a3c463ad168e8510d001c2a0c72d0f70731baf8cada

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 23:49:09 GMT
Last-Modified: Tue, 07 Mar 2023 13:44:12 GMT
Server: Apache/2.2.22 (Debian)
ETag: "1a7a96-3167-5f64f9b4e4300"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=94
Content-Length: 12647

GET
H/1.1 200
OK scm-formatno-raskroechnyj-stanok-b-u_12905_1_t.jpg
asta.ee/s/images/com_adsmanager/contents/ 13 KB
14 KB 296ms
160ms Image
image/jpeg 188.92.161.4
COMPIC # uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://asta.ee/s/images/com_adsmanager/contents/scm-formatno-raskroechnyj-stanok-b-u_12905_1_t.jpg
Requested by: Host: asta.ee
URL: http://asta.ee/s/
Protocol: HTTP/1.1
Server: 188.92.161.4 , Estonia, ASN39823 (COMPIC # uplinks, EE),
Reverse DNS: asta.ee
Software: Apache/2.2.22 (Debian) /
Resource Hash: a8769406df5cc5a03420f3193d6a31cf5cb465062a91b09ee851b3700c80209b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 23:49:09 GMT
Last-Modified: Tue, 07 Mar 2023 09:05:35 GMT
Server: Apache/2.2.22 (Debian)
ETag: "1a7a8a-35f5-5f64bb6e515c0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96
Content-Length: 13813

GET
H/1.1 200
OK img.php
go.log.ee/ 480 B
707 B 596ms
179ms Image
image/png 2a02:e80:0:2102::2
COMPIC # uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://go.log.ee/img.php?id=3&refer=&page=http%3A//asta.ee/s/&c=yes&java=now&razresh=1600x1200&cvet=24&jscript=1.3&rand=0.15820466980788628&
Requested by: Host: asta.ee
URL: http://asta.ee/s/
Protocol: HTTP/1.1
Server: 2a02:e80:0:2102::2 , Estonia, ASN39823 (COMPIC # uplinks, EE),
Reverse DNS
Software: Apache/2.2.22 (Debian) / PHP/5.4.45-0+deb7u14
Resource Hash: 1ec164e9a4b440ad1e54a882d708a1dde0bad1f55d234bfe44731f33321d8234

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 23:49:09 GMT
Server: Apache/2.2.22 (Debian)
Connection: Keep-Alive
X-Powered-By: PHP/5.4.45-0+deb7u14
Content-Length: 480
Keep-Alive: timeout=15, max=100
Content-Type: image/png

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/ 362 KB
120 KB 183ms
86ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072742

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e2a81185ae29f68ef084db1fef5e4c38d2098ab100f06c03d83f089324accbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 00:07:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121989
x-xss-protection: 0
server: cafe
etag: 16208299682897356309
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Mar 2023 00:07:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230308/r20190131/ Frame 8D32 10 KB
5 KB 174ms
47ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230308/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://asta.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 14154
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 20:12:02 GMT
etag: 2378337311435320485
expires: Fri, 24 Mar 2023 20:12:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
600 B 163ms
60ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=asta.ee&callback=_gfp_s_&client=ca-pub-6158005011030073

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072742

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3910e12a4178a3a926752e3b7a9083bbe87d8ba2de2897e355b790d22f2c208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 00:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 165ms
65ms Script
application/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=asta.ee

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072742

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 00:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0A47 4 KB
791 B 218ms
217ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6158005011030073&output=html&adk=1812271804&adf=3025194257&lmt=1678492148&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l&format=0x0&url=http%3A%2F%2Fasta.ee%2Fs%2F&ea=0&pra=5&wgl=1&dt=1678493276236&bpp=5&bdt=889&idt=314&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8614673388004&frm=20&pv=2&ga_vid=1934761258.1678493277&ga_sid=1678493277&ga_hid=668485955&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44777876%2C44759926%2C31071756%2C31072742&oid=2&pvsid=716618282561282&tmod=1626622857&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=338

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072742

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c7d7d245d69bce2978dc3429d91a452136f85bec04fb5f645aa5c08168d77d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://asta.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 591
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 00:07:56 GMT
expires: Sat, 11 Mar 2023 00:07:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0B9B 31 KB
14 KB 515ms
515ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6158005011030073&output=html&h=90&slotname=9892722660&adk=991847123&adf=1958525746&pi=t.ma~as.9892722660&w=728&lmt=1678492148&format=728x90&url=http%3A%2F%2Fasta.ee%2Fs%2F&wgl=1&dt=1678493276241&bpp=2&bdt=895&idt=343&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8614673388004&frm=20&pv=1&ga_vid=1934761258.1678493277&ga_sid=1678493277&ga_hid=668485955&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=258&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44777876%2C44759926%2C31071756%2C31072742&oid=2&pvsid=716618282561282&tmod=1626622857&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XA33ZG9RzY&p=http%3A//asta.ee&dtd=349

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072742

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d336ad93b1479b85d6613b0ece6a0af749c40d4622250ea33717b88b41c43336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://asta.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13731
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 00:07:57 GMT
expires: Sat, 11 Mar 2023 00:07:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EB2F 14 KB
6 KB 679ms
678ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6158005011030073&output=html&h=600&slotname=0292416714&adk=1849145940&adf=4190953183&pi=t.ma~as.0292416714&w=160&lmt=1678492148&format=160x600&url=http%3A%2F%2Fasta.ee%2Fs%2F&wgl=1&dt=1678493276243&bpp=1&bdt=897&idt=353&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8614673388004&frm=20&pv=1&ga_vid=1934761258.1678493277&ga_sid=1678493277&ga_hid=668485955&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1257&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44777876%2C44759926%2C31071756%2C31072742&oid=2&pvsid=716618282561282&tmod=1626622857&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=ELNS11xaVM&p=http%3A//asta.ee&dtd=358

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072742

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e293e3f90b8c46528d8a2462a9547b02b87802c6bdc46fd6b51abe2793974c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://asta.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 6290
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 00:07:57 GMT
expires: Sat, 11 Mar 2023 00:07:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5ACF 31 KB
14 KB 486ms
485ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6158005011030073&output=html&h=90&slotname=6956419866&adk=801737595&adf=3476139620&pi=t.ma~as.6956419866&w=728&lmt=1678492148&format=728x90&url=http%3A%2F%2Fasta.ee%2Fs%2F&wgl=1&dt=1678493276244&bpp=1&bdt=898&idt=361&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600&nras=1&correlator=8614673388004&frm=20&pv=1&ga_vid=1934761258.1678493277&ga_sid=1678493277&ga_hid=668485955&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=437&ady=1198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44777876%2C44759926%2C31071756%2C31072742&oid=2&pvsid=716618282561282&tmod=1626622857&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=MCVknW0Z6P&p=http%3A//asta.ee&dtd=365

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072742

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d568c3031c070a98e51eb1221cafe6bae9205056e593101afb4c8e2cab5eab75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://asta.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13737
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 00:07:57 GMT
expires: Sat, 11 Mar 2023 00:07:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 5ACF 244 KB
82 KB 200ms
84ms Script
text/javascript 23.195.100.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6158005011030073&output=html&h=90&slotname=6956419866&adk=801737595&adf=3476139620&pi=t.ma~as.6956419866&w=728&lmt=1678492148&format=728x90&url=http%3A%2F%2Fasta.ee%2Fs%2F&wgl=1&dt=1678493276244&bpp=1&bdt=898&idt=361&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600&nras=1&correlator=8614673388004&frm=20&pv=1&ga_vid=1934761258.1678493277&ga_sid=1678493277&ga_hid=668485955&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=437&ady=1198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44777876%2C44759926%2C31071756%2C31072742&oid=2&pvsid=716618282561282&tmod=1626622857&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=MCVknW0Z6P&p=http%3A//asta.ee&dtd=365

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-100-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1ac2ccb9d3e2cdc5c2603ce859e1bb643625c2645aed0f68e39d800733fa7476

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-mnt-h: 21-m355
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 11 Mar 2023 00:07:57 GMT
server: Apache
etag: "018ab4376f673296332fee327e8f41d9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-1qcd
timing-allow-origin: *
expires: Sat, 11 Mar 2023 00:12:57 GMT

GET
H2 200 release-20230309-85-adperformance.js Show response
warp.media.net/rtb/resources/ Frame 5ACF 71 KB
25 KB 192ms
60ms Script
application/javascript 23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resources/release-20230309-85-adperformance.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-163-93.deploy.static.akamaitechnologies.com

Software

UploadServer /

Resource Hash

b8efe4a0e6a6754322fe6c09529fab576b5fbfb7ea28c17fe3fac6ee8de5e155

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Sat, 11 Mar 2023 00:07:57 GMT
x-guploader-uploadid: ADPycdsvjV2rUx2Ep24B6MrVqhcyQBJnfRtxSHDKuAyiY6bBv4hDrbrGR9w-ktfB__HLOJ8wjMTrgHDk7_NGxjFWMgtJZw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25043
server: UploadServer
etag: "8b46dc3324670db478550a2f61df9038"
vary: Accept-Encoding
x-goog-hash: md5=i0bcMyRnDbR4VQovYd+QOA==, crc32c=066A6Q==
content-type: application/javascript
x-goog-generation: 1678368838889315
cache-control: max-age=3600
x-goog-stored-content-length: 73000
expires: Sat, 11 Mar 2023 01:07:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 5ACF 3 KB
1 KB 156ms
60ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 18:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Mar 2023 18:11:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 5ACF 20 KB
9 KB 142ms
45ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 18:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Mar 2023 18:11:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5ACF 158 KB
49 KB 481ms
384ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 00:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Mar 2023 00:07:57 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5ACF 0
0 77ms
77ms Fetch
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRQHGXMYLZJz5KoOEwuIP--yFkA6-laSvbPfa0tOsDMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTYxNTgwMDUwMTEwMzAwNzPIAQmoAwGqBKkBT9D8qMlXi1-5-lp0UHMH_VSxJqlswV0zPQrIE_HVfzGRSPX8lL8dsQYfu37wQw9xr5dxDnbN2oRRKFDxrpYk8ZeZ3m7oZad1T6pzu8R5NaMBJhVc794rCTmHT8EPsCRlFRQCU28MumTRNKeF--Gq4J86iUsFT59tb-KzsC7ZJTQyiqDLUSnXXJQcfBfSd6CPkL-RNCPpVoeSn43gyEbLkr8dN1NNwL-ploAGup_lzJD1zdg2oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjE1ODAwNTAxMTAzMDA3MxgA&sigh=xGQPIyLrwfw&uach_m=[UACH]&cid=CAQSGwDUE5ymksBH7UUjHpwx1uDJslk0ZyuzoGr_PxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6158005011030073&output=html&h=90&slotname=6956419866&adk=801737595&adf=3476139620&pi=t.ma~as.6956419866&w=728&lmt=1678492148&format=728x90&url=http%3A%2F%2Fasta.ee%2Fs%2F&wgl=1&dt=1678493276244&bpp=1&bdt=898&idt=361&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600&nras=1&correlator=8614673388004&frm=20&pv=1&ga_vid=1934761258.1678493277&ga_sid=1678493277&ga_hid=668485955&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=437&ady=1198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44777876%2C44759926%2C31071756%2C31072742&oid=2&pvsid=716618282561282&tmod=1626622857&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=MCVknW0Z6P&p=http%3A//asta.ee&dtd=365
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 11 Mar 2023 00:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 11 Mar 2023 00:07:57 GMT

GET
H2 200 log
hblg.media.net/ Frame 5ACF 35 B
0 165ms
54ms Fetch
image/gif 23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hblg.media.net/log?logid=kfk&evtid=l1log&acid=c60abdf9776e4aceb675092d29c4b448&bidrestime=1678493276924&cbdp=0.354&ogbdp=0.68&prvReqId=49149579605061_1336732352_11621109112941&pvid=294&scrid=8032948058501&size=728x90&slotVisibility=2&viewability=53&app=0&cc=US&cid=8CUU9JF8H&csip=rtb-appnexus-6f84788487-bqtwj.SC&device_id=4&dn=asta.ee&itype=ADX&mang=1&requrl=http%3A%2F%2Fasta.ee%2Fs&dtc=east_sc&zone=d&commit_id=bd539c93&ugd=4&sc_pvid=313&ctr=-1.0&rme=nurl

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-163-93.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Mar 2023 00:07:57 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sat, 11 Mar 2023 00:07:57 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 5ACF 35 B
0 150ms
48ms Fetch
image/gif 104.117.182.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.6800&ss_d2=0&stid=&other_prv=313%7C294&jar_err=raven_schema&current_day=6.0&adtyp=0&ecp_status=Success&req_id=62sHQ1LElUbLX4vpix94tg&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=64.7243&exp=&deal_id=&fdbk_id=&second_bidder=313&search_res=48&floor_bucket=0.00&gpid_format=&seat=BID_API&rc=-1&size=728x90&url_l1=s&ecp_rtime=2634&f_seg=&prdp=0.3536&ecp_used=q50&ecp_p75=1.07253&ogcbdp=0.6800&dfpbd=0.3536&server=1&ogerpm_wd_bkt=0-1&model_version=202303101233_generic_adx_1-cid_0&viewability=0.5300&dmm_r=0.0000&cut=48&dmm_l=0.0000&as_cache=1&tcyerpm=&sc=TX&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.60&ugd_ver=&requrl=asta.ee%2Fs%2F&bidrestime=1678493276924&cc=US&strg=harmony&ss=&current_hour=0&time_stamp=2023-03-11+00%3A07%3A56&model_key=generic_adx_1-cid_0&rvshhon=&mul_ratio=0.0000&bdp=0.6800&ct=stafford&akey=&mnckfl=0&asn=713&bdp_bucket=0.60&algo=&dc=east_sc&splid=&erpm_mult=1.000000&dn=asta.ee&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F111.0.5563.64+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=c60abdf9776e4aceb675092d29c4b448&zone=d&infl=&o_ver=NT+10.0&br_ver=111.0.5563.64&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=9.2.4&totalTimeBucket=6&visibility=2&totalTime=6893670&dmm_m1=2023-03-11+00%3A07%3A56.927602522&e_rpm=0.0000&dmm_m22=0.6800&gdpr=&vsid=&log_less=false&ecp_avg=1.64489&gpid_sent=false&ogerpm_used=false&sfm_key=&bdmm_m12=0.0000&cid=8CUU9JF8H&bcrid=8032948058501&ecp_p50=0.25795&rawbid=0.6800&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=0.0000&o_id=101&clisp=rtb-appnexus-6f84788487-bqtwj.SC&dfp_bucket=0.3&adblk=801737595&itype=adx&pvid_seat=294_BID_API&cliIP=0&advurl=search.yahoo.com%2F&level_base=0&crid=116211091&sat=1&br_id=265&cut_bkt=50&gpid=&iwb=1&second_bid=0.210000&sc_pvid=294&capd=0&other_bids=0.21%7C0.68
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6158005011030073&output=html&h=90&slotname=6956419866&adk=801737595&adf=3476139620&pi=t.ma~as.6956419866&w=728&lmt=1678492148&format=728x90&url=http%3A%2F%2Fasta.ee%2Fs%2F&wgl=1&dt=1678493276244&bpp=1&bdt=898&idt=361&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600&nras=1&correlator=8614673388004&frm=20&pv=1&ga_vid=1934761258.1678493277&ga_sid=1678493277&ga_hid=668485955&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=437&ady=1198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44777876%2C44759926%2C31071756%2C31072742&oid=2&pvsid=716618282561282&tmod=1626622857&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=MCVknW0Z6P&p=http%3A//asta.ee&dtd=365
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.117.182.27 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-117-182-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Mar 2023 00:07:57 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sat, 11 Mar 2023 00:07:57 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 0B9B 244 KB
82 KB 250ms
146ms Script
text/javascript 23.195.100.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6158005011030073&output=html&h=90&slotname=9892722660&adk=991847123&adf=1958525746&pi=t.ma~as.9892722660&w=728&lmt=1678492148&format=728x90&url=http%3A%2F%2Fasta.ee%2Fs%2F&wgl=1&dt=1678493276241&bpp=2&bdt=895&idt=343&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8614673388004&frm=20&pv=1&ga_vid=1934761258.1678493277&ga_sid=1678493277&ga_hid=668485955&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=258&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44777876%2C44759926%2C31071756%2C31072742&oid=2&pvsid=716618282561282&tmod=1626622857&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XA33ZG9RzY&p=http%3A//asta.ee&dtd=349

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-100-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a38ac0b9fd0550032cb1f53c26c67de49f256fa484ee57879e5f28a85561fd39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-mnt-h: 21-m355
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 11 Mar 2023 00:07:57 GMT
server: Apache
etag: "018ab4376f673296332fee327e8f41d9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-1qcd
timing-allow-origin: *
expires: Sat, 11 Mar 2023 00:12:57 GMT

GET
H2 200 release-20230309-85-adperformance.js Show response
warp.media.net/rtb/resources/ Frame 0B9B 71 KB
25 KB 226ms
106ms Script
application/javascript 23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resources/release-20230309-85-adperformance.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-163-93.deploy.static.akamaitechnologies.com

Software

UploadServer /

Resource Hash

b8efe4a0e6a6754322fe6c09529fab576b5fbfb7ea28c17fe3fac6ee8de5e155

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Sat, 11 Mar 2023 00:07:57 GMT
x-guploader-uploadid: ADPycdsvjV2rUx2Ep24B6MrVqhcyQBJnfRtxSHDKuAyiY6bBv4hDrbrGR9w-ktfB__HLOJ8wjMTrgHDk7_NGxjFWMgtJZw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25043
server: UploadServer
etag: "8b46dc3324670db478550a2f61df9038"
vary: Accept-Encoding
x-goog-hash: md5=i0bcMyRnDbR4VQovYd+QOA==, crc32c=066A6Q==
content-type: application/javascript
x-goog-generation: 1678368838889315
cache-control: max-age=3600
x-goog-stored-content-length: 73000
expires: Sat, 11 Mar 2023 01:07:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 0B9B 3 KB
1 KB 145ms
62ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 18:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Mar 2023 18:11:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 0B9B 20 KB
8 KB 136ms
51ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 18:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Mar 2023 18:11:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0B9B 158 KB
49 KB 408ms
324ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 00:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Mar 2023 00:07:57 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0B9B 0
0 76ms
75ms Fetch
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C70tyXMYLZO_tKbCFwuIPhvC_2Am-laSvbPfa0tOsDMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTYxNTgwMDUwMTEwMzAwNzPIAQmoAwGqBKMBT9B6isUUxGzE2KY8bMrF-EzvuRDSRRS00fMdLfw5YslyPJSfkuZuQZagvxSoxETui7L8b6i5_eHQxK3kFaYMOfV9s2xlHDiDpmaKuXAFuRaV7m6wwb1Ke1SnLGUHk7wRXjzKjfeD2uQJ9RI9ZCCXyAd3Wt_8LGQxk49s3C_G3K-ylAJegfg9_uz1QmE6NXSPntINlTxL--UXReBYbyI-sUxyOoAGup_lzJD1zdg2oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjE1ODAwNTAxMTAzMDA3MxgA&sigh=EQudqJA4yGI&uach_m=[UACH]&cid=CAQSGwDUE5ymghNYzbjorwa2bmGUDnPZwWgYdT4QORgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6158005011030073&output=html&h=90&slotname=9892722660&adk=991847123&adf=1958525746&pi=t.ma~as.9892722660&w=728&lmt=1678492148&format=728x90&url=http%3A%2F%2Fasta.ee%2Fs%2F&wgl=1&dt=1678493276241&bpp=2&bdt=895&idt=343&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8614673388004&frm=20&pv=1&ga_vid=1934761258.1678493277&ga_sid=1678493277&ga_hid=668485955&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=258&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44777876%2C44759926%2C31071756%2C31072742&oid=2&pvsid=716618282561282&tmod=1626622857&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XA33ZG9RzY&p=http%3A//asta.ee&dtd=349
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 11 Mar 2023 00:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 11 Mar 2023 00:07:57 GMT

GET
H2 200 log
hblg.media.net/ Frame 0B9B 35 B
0 155ms
55ms Fetch
image/gif 23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hblg.media.net/log?logid=kfk&evtid=l1log&acid=8f76c5cfbb334ac4ae39617e0823a48d&bidrestime=1678493276930&cbdp=0.213&ogbdp=0.41&prvReqId=117847720092318_25075585_11621109112941&pvid=294&scrid=8032948058501&size=728x90&slotVisibility=1&viewability=82&app=0&cc=US&cid=8CUU9JF8H&csip=rtb-appnexus-6f84788487-wc4rx.SC&device_id=4&dn=asta.ee&itype=ADX&mang=1&requrl=http%3A%2F%2Fasta.ee%2Fs&dtc=east_sc&zone=d&commit_id=bd539c93&ugd=4&sc_pvid=319&ctr=-1.0&rme=nurl

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-163-93.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Mar 2023 00:07:57 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sat, 11 Mar 2023 00:07:57 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 0B9B 35 B
0 140ms
49ms Fetch
image/gif 104.117.182.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.4100&ss_d2=0&stid=&other_prv=319%7C294&jar_err=raven_schema&current_day=5.0&adtyp=0&ecp_status=Success&req_id=CLZDRXi7dUAN4pZfyBpNeA&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=65.6997&exp=&deal_id=&fdbk_id=&second_bidder=319&search_res=48&floor_bucket=0.00&gpid_format=&seat=BID_API&rc=-1&size=728x90&url_l1=s&ecp_rtime=1896&f_seg=&prdp=0.2132&ecp_p75=2.62247&ogcbdp=0.4100&dfpbd=0.2132&server=1&ogerpm_wd_bkt=0-1&model_version=202303101233_generic_adx_1-cid_0&viewability=0.8200&dmm_r=0.0000&cut=48&dmm_l=0.0000&as_cache=1&tcyerpm=&sc=IL&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.40&ugd_ver=&requrl=asta.ee%2Fs%2F&bidrestime=1678493276930&cc=US&strg=harmony&ss=&current_hour=23&time_stamp=2023-03-11+00%3A07%3A56&model_key=generic_adx_1-cid_0&rvshhon=&mul_ratio=0.0000&bdp=0.4100&ct=West+Chicago&akey=&mnckfl=0&asn=713&bdp_bucket=0.40&algo=&dc=east_sc&splid=&erpm_mult=1.000000&dn=asta.ee&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F111.0.5563.64+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=8f76c5cfbb334ac4ae39617e0823a48d&zone=d&infl=&o_ver=NT+10.0&br_ver=111.0.5563.64&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=9.2.4&totalTimeBucket=4&visibility=1&totalTime=4632822&dmm_m1=2023-03-11+00%3A07%3A56.932183193&e_rpm=0.0000&dmm_m22=0.4100&gdpr=&vsid=&log_less=false&ecp_avg=7.56933&gpid_sent=false&ogerpm_used=false&sfm_key=&bdmm_m12=0.0000&cid=8CUU9JF8H&bcrid=8032948058501&ecp_p50=0.50145&rawbid=0.4100&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=0.0000&o_id=101&clisp=rtb-appnexus-6f84788487-wc4rx.SC&dfp_bucket=0.2&adblk=991847123&itype=adx&pvid_seat=294_BID_API&cliIP=0&advurl=search.yahoo.com%2F&level_base=0&crid=116211091&sat=1&br_id=265&cut_bkt=50&gpid=&iwb=1&second_bid=0.210000&sc_pvid=294&capd=0&other_bids=0.21%7C0.41
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6158005011030073&output=html&h=90&slotname=9892722660&adk=991847123&adf=1958525746&pi=t.ma~as.9892722660&w=728&lmt=1678492148&format=728x90&url=http%3A%2F%2Fasta.ee%2Fs%2F&wgl=1&dt=1678493276241&bpp=2&bdt=895&idt=343&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8614673388004&frm=20&pv=1&ga_vid=1934761258.1678493277&ga_sid=1678493277&ga_hid=668485955&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=258&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44777876%2C44759926%2C31071756%2C31072742&oid=2&pvsid=716618282561282&tmod=1626622857&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XA33ZG9RzY&p=http%3A//asta.ee&dtd=349
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.117.182.27 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-117-182-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Mar 2023 00:07:57 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sat, 11 Mar 2023 00:07:57 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EB2F 42 B
173 B 66ms
64ms Image
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cm6MGYtxmwr6JIHWqe6q7khGBRqzoHKD7HfLfLyfRPj9JrRDYdwh7RmfDHTMNXjyqOt80h3lISPokJTPOoj-H0K48-aWPyvGWGm13kZsS1dTDFiOs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6158005011030073&output=html&h=600&slotname=0292416714&adk=1849145940&adf=4190953183&pi=t.ma~as.0292416714&w=160&lmt=1678492148&format=160x600&url=http%3A%2F%2Fasta.ee%2Fs%2F&wgl=1&dt=1678493276243&bpp=1&bdt=897&idt=353&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8614673388004&frm=20&pv=1&ga_vid=1934761258.1678493277&ga_sid=1678493277&ga_hid=668485955&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1257&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44777876%2C44759926%2C31071756%2C31072742&oid=2&pvsid=716618282561282&tmod=1626622857&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=ELNS11xaVM&p=http%3A//asta.ee&dtd=358

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Mar 2023 00:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EB2F 0
58 B 66ms
65ms Image
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=18440867543141276148&x=1&ct=76

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Mar 2023 00:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame EB2F 78 KB
27 KB 85ms
82ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 00:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 11 Mar 2023 00:07:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame EB2F 3 KB
1 KB 53ms
50ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 18:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Mar 2023 18:11:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame EB2F 20 KB
8 KB 48ms
45ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 18:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Mar 2023 18:11:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB2F 158 KB
49 KB 330ms
326ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 00:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Mar 2023 00:07:57 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B41F 624 B
245 B 62ms
60ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDiLxCBwf-HAhjP8PXiATAB&v=APEucNWF2H0faFt5wNuj-dGmHS2eXGLb6kcwlOo7L5q3tXddLPwO8dwzKH1is7XOp6f4L1VC6vzmXZH5p4ECpdZPOrIJ32h5Wg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6158005011030073&output=html&h=600&slotname=0292416714&adk=1849145940&adf=4190953183&pi=t.ma~as.0292416714&w=160&lmt=1678492148&format=160x600&url=http%3A%2F%2Fasta.ee%2Fs%2F&wgl=1&dt=1678493276243&bpp=1&bdt=897&idt=353&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8614673388004&frm=20&pv=1&ga_vid=1934761258.1678493277&ga_sid=1678493277&ga_hid=668485955&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1257&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44777876%2C44759926%2C31071756%2C31072742&oid=2&pvsid=716618282561282&tmod=1626622857&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=ELNS11xaVM&p=http%3A//asta.ee&dtd=358
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 00:07:57 GMT
expires: Sat, 11 Mar 2023 00:07:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B41F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFia6wgqQg6Z8ImK0El3rzs&google_cver=1

43 B
766 B

67ms
46ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFia6wgqQg6Z8ImK0El3rzs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDiLxCBwf-HAhjP8PXiATAB&v=APEucNWF2H0faFt5wNuj-dGmHS2eXGLb6kcwlOo7L5q3tXddLPwO8dwzKH1is7XOp6f4L1VC6vzmXZH5p4ECpdZPOrIJ32h5Wg
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Mar 2023 00:07:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 11 Mar 2023 00:07:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFia6wgqQg6Z8ImK0El3rzs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B41F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAvGXcRuLx6YdHAzG28s-gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFia6wgqQg6Z8ImK0El3rzs&google_cver=1

43 B
766 B

46ms
46ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFia6wgqQg6Z8ImK0El3rzs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDiLxCBwf-HAhjP8PXiATAB&v=APEucNWF2H0faFt5wNuj-dGmHS2eXGLb6kcwlOo7L5q3tXddLPwO8dwzKH1is7XOp6f4L1VC6vzmXZH5p4ECpdZPOrIJ32h5Wg
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Mar 2023 00:07:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 11 Mar 2023 00:07:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFia6wgqQg6Z8ImK0El3rzs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame B41F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEE-xV4-HWpEOp21GoIGP-uE&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEE-xV4-HWpEOp21GoIGP-uE%26google_cver%3D1

43 B
1 KB

46ms
46ms

Image
image/gif

68.67.160.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEE-xV4-HWpEOp21GoIGP-uE%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDiLxCBwf-HAhjP8PXiATAB&v=APEucNWF2H0faFt5wNuj-dGmHS2eXGLb6kcwlOo7L5q3tXddLPwO8dwzKH1is7XOp6f4L1VC6vzmXZH5p4ECpdZPOrIJ32h5Wg

Protocol

HTTP/1.1

Server

68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Mar 2023 00:07:57 GMT
AN-X-Request-Uuid: 84641ece-980d-4720-b859-91aa6d4aaa58
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 167.88.7.163; 167.88.7.163; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 11 Mar 2023 00:07:57 GMT
AN-X-Request-Uuid: f620f14a-785a-4f0e-914c-8174b090c479
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEE-xV4-HWpEOp21GoIGP-uE%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 167.88.7.163; 167.88.7.163; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B41F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyODU2OTQ0MDI3NzY3Mzc4NQ%3D%3D

170 B
188 B

58ms
57ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyODU2OTQ0MDI3NzY3Mzc4NQ%3D%3D

Requested by

Protocol

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Mar 2023 00:07:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 11 Mar 2023 00:07:57 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 167.88.7.163; 167.88.7.163; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2eb693dd-0c45-4d6a-8652-77a76fd889c9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyODU2OTQ0MDI3NzY3Mzc4NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EB2F 0
20 B 63ms
63ms Ping
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2860193738506&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Mar 2023 00:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EB2F 0
20 B 61ms
61ms Ping
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2860193738506&version=m202301230201&ct=76&x=1&cor=18440867543141276000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Mar 2023 00:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame EB2F 84 KB
35 KB 85ms
84ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BtpfbroFNvryG880KwWVkN2FmUdUx0Khaq8bYt0liKoo8uUfMs3bXTKcr5ZloUDXoTw45ev4cOUj69gO6_3CXbzFlqjw&cry=1&dbm_d=AKAmf-CB4UHoXE9kH8BT1dAIwNoljqQhrDS863QxNJD3oame9C0fP88aZYQ67D-BJvK_TZTWM5wSp9rHfbstZuVB04gtos8IiMEUW3KKVbuolgp4OGcFzNLEVQoqTLL8GlO1ElnFqcBS8MbArlVnmSUWdd5kfqLEMij-YYdlPRKwB2IEBR2nC7IA5wlkCQJwF9Fu0ySo9y1NN1NicmhWcqKFt_jQJRGZjqtbzy4y_GC8kUpTnUp_AdPpYZzj6om6iGbOrqNFRNRQMN5NhT47-BqcCykVFsMUc8ndlk3bBGJms0cBgPcCUd5pJ_VuECwi7MWX4zVazQ6-xYyE332fR6E_8iFiqsNnQNxsK-aPXdKijxaSElDamuumvo2bK00mMzb4gSUkpTVDMWpnaqjihsgccgLLEPuZ_IzGaEPq9zMhpET11OtO9cADLGpYhnG8nCYzboFyVatEBkStQm8vZF_T8yUgChGWFYV3JZVXc3T_N5QZk7otQpi2ALwo6d4c-kG10gQdEVtyXSM3jJpK_z8tm7G8cahg9YwNpmUnSucncLZRLzNOKFhT9mzTsL2lW17o2BPamPUO3G1Z-ixwLlEvCmy1r_IAtoEQPMhVNEd4kbl7NF7Hk-VZo4EqZ91SsNNP0BzAmA0YkGI3_YfJXLY7Y6NwOsAOYi_xd8xvEy9LTvYIFYPm4rmSmznw_pvEParsoySbFj2XrqmGDbpokUdpcB-SBznX3l3sQG00dKjVegCJC_4vuy9Q96BOIKxyQzWao9tx2Dsw7SftQB-Mh_fazPvOMnd3H6i9BPUxy31yywExD-noj09Zoubeakfrc8m3JaAFQ3-7TOdXI0BAIIrKNuXFNlWvYRmQViW-zngUFjUP7RvicvFDNjLkdZwR-7Cpt2ozLjD21_LC8I53pIh054i52NzdDzvu3pJWuBm7u-O9ULsW4pxTb4VzzLgvsdzXja9HLOVYnLsVEv-qGjTpOoB7MuVsM_sXaN06DlOVgz152bI_3gdYDPVmCY-zQ_Cq4pcVyTEOec5_0Yc9BspZ08dvgkoYWNAeb-qh1N7MKQhDwPkv8eWwzdqS6lUCkNeoQNsR97-W3f6RW-I6oF259FxdxGQGU_l3SnunJYDvwWWAi29xo1X923UHosGDHyGy9iHy4_O21hmuixLF1NgmTgGd78Nbj4MN9rEgcHRWjbRMTBujImCHvB--zZ6lNOWiNRztv0a86_OA42VCz4Rdq27lDfSGSmN_AAeNRscuE3Y73-i4rXI8fho4KAmgXt8KQr3VDSOx-ilYuhNng4XujKlOw4yQhHXuD6Ly_GHVva_-tEi75uVjQq_jhHZIN0tQGBF2vBwVDK1Phsu9vYbdMMunmt8KVSXht03Yf3k0rCtVkU8LgObVnWqktbaUopPMzGiEHdHABO6xxuSxN6qhYb_drkMfpzxnfSIGQ_tJBfc2F8G5k6gbXt-owDG2_V2JnMzWLIrxSfh9ir-tv0mhLUQ1xrPL-kLgymAdiaEwz6udVEYMnW4KP-08k4IoPUXGn_9jjAwEgmVCyQFHv-Ys-CGvj8n1IOAbiR5hPMYQdWZH_pucr684usvIUAVDKdtk2FIeUrmStplBHUAj2Hpzi_NB6Tq98rmPiPlsFk7JhauDQU31i8oimOVVB47iFTZDObJ6zDvxWi5uNXFsrayKx0DGG0IILfLpzrmubRfoJMV3S_OD2z8zOYI3RLrxBGKp9VxTQ322tL4ST7zXdW84dDSfrUNjLG96CLg-yVv1uC8kTt4YUYKCiYPyoypmKaIv1AmI_gjzNMgCJvVvxHORKCVhZtYCBxsl7m5XSzWPju_5LdDdCANEDFeURjvliYZOW_mr6Rsaf9eVYC9Gu_QhZ-xYARRS8TRvTkzb_Cd3543FrG2uV6B7WC0Hv3GrKpz0w_qV0diUeZLOR26sJm7HBX3BkCoGXqYFID6gC2bAxdjU0VDoAMoQkTZygXyZj0PynMJVLSy_1QzyiGLCymp_TZeZUPhXGurSdELki2ARNJ_C6C-jUiX-NDOkIEcKAnh_z-x7Vl9PMIOy-qnemX-q_m4w2r6UzUnkfob5-5FtbvQueEft4mIvs2B8lEIDhhxpYBFuA3_wqtZqytlWMyVYghmr3KnkVo4283e8m8Nb2HVoED7fMUiXpw5-jsJ1kze78BPr3DzBwuQc-lTpyodI5Ps48Y1u2JLGFxpwrzbSsGL9br-0rgVgz3kRuMtvWAnbDTHY-pCWfQtIVsLC4Z7KQjMIJY9kiT2Qs3KCswV3XxIQnbKez_vzuCl1e1_VdKfAqCSXHjJ1O_QxYtSvSIZRKyroBuOrGiiot5Dqcb2LnO16IeJdZsoPFommRdeMovY75BApTLoksjYtqN9c4xUOAvksVvHfBEUX5wLtVTAJhKvwzXdE3BJvGfUjpW9f-TdybhAOfv6uiDfTt7GF66TUy88KNxfzdb7VGvMQB0g6joOXlen50diLxi_niQXvOTuN3Sou3XIQHH5BXU9RvPCtLtZPCsHymQ_soeZhLzZVa-nT7oMWsJVSZeIx5s_8yi1ceDQMV9MmKMvsd92xVoyyZEwXLk92z5SUsSDRfCQw-XRRWATNwx7gsQkCOawHGqEF0fepVTqreYD31XrE6XYUnEgOIfoWP8J_yqEPSfqd4dCt_7SklHJ_nyV75BQA2LP2xAvL2lHmJqrD8knLoaD8SdHMmkm9gS0Powl2sbPPlAOZCR6gYO-C9fJq3Tt26Z09z6i0WrEIV4zYo7UwVi-9c0M-TGKK2xGXfMo3DpwTj6pDoAkrJbxk2LFJOxsF5vBnoW15g0WH5nsq0BKIsUpspcH7EyaCNxZy6H3UbZqK2sCArM8Nblc4SMSES54cXMBFQxj9lKwI_WdZSo-NDgXGGQl7dM1n65TiEM9vOKfyhvsuwDpkmiv_LY_wvvGJQ6hWXShmxv22ynPaeejgA1bOQGIXgeanWFXlLArfh9Ztr9gnqXhizCbjcbkGaC27F1by_biljs_VAghDrUY6lZ4m42APjn2hsIn5jRTTb1_Ifz2RLneNdYCNonNC-Fig1r9V-_mmSrw0ylXJ4kXK3OhlF9UYCPyR6IxKih5bgYH-Tztx0K8t_xnXUS7bweprYgZKrm-I0hpZ0bNC_DEHq_Cu6QLkvHZRl0jH1ncD_jk8UPGjWLCStF6xWdKZgzU3NyaDYcJKgUTW_8YEcjdS8jujaTzwmu4XKQ2e5cdev4VssmvFjtyFLxb6iDxGMEaTIr6QdKGorMIKVi-Okg7mDFngBqUQ8d73Kg&cid=CAQSGwDUE5ymY8qmitk2htG1hg-8_zbQKtbsPyBbexgB&dv3_ver=m202301230201&rfl=http%3A%2F%2Fasta.ee%2F&ds=l&xdt=1&iif=1&cor=18440867543141276000&adk=250412560&idt=96&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30ff0b04567a261bcef13ebf1c68a8156cae29760a7c1a865febfd4dada5007c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6158005011030073&output=html&h=600&slotname=0292416714&adk=1849145940&adf=4190953183&pi=t.ma~as.0292416714&w=160&lmt=1678492148&format=160x600&url=http%3A%2F%2Fasta.ee%2Fs%2F&wgl=1&dt=1678493276243&bpp=1&bdt=897&idt=353&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8614673388004&frm=20&pv=1&ga_vid=1934761258.1678493277&ga_sid=1678493277&ga_hid=668485955&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1257&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44777876%2C44759926%2C31071756%2C31072742&oid=2&pvsid=716618282561282&tmod=1626622857&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=ELNS11xaVM&p=http%3A//asta.ee&dtd=358
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Mar 2023 00:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35374
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 smtr Show response
contextual.media.net/ Frame 3755 68 KB
28 KB 221ms
220ms Document
text/html 23.195.100.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=764724967&size=728x90&cc=US&sc=IL&chnm=HARMONY&pid=8POJ4N28G&tpid=TL388V6&https=1&vif=2&requrl=http%3A%2F%2Fasta.ee%2Fs&nse=5&vi=1678493277339808009&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B4xqNa/qx4&bcpf=B4xqNa8fOnRrolnfOur8%2Fqx4&bdrId=294&bid=337997&ntv=0&matchstring=hr%3D0%7C&sff=0&katpre=1&katbid=-102&pgid=p01070296690t202303110007&essld=fF9f%3AkkNW%3A999u%3A9999%3A9999%3A9999%3A9999%3A9999~Pb~_t~Q71kkmLO&htmlsrc=1&isid=294&allsc=IL

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-100-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

544e62e649c5d63a8713e2cc0c95d47285d4294c4abb7460679fcfbb01803507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 27878
content-type: text/html
date: Sat, 11 Mar 2023 00:07:57 GMT
expires: Sat, 11 Mar 2023 00:07:57 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-sc-h: 22-nj9q

GET
H2 200 bping.php
lg3.media.net/ Frame 5ACF 35 B
185 B 69ms
42ms Image
image/gif 23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=728&&vgd_cdv=891&vgd_cage=1&gdpr=0&prid=8PRVCXX19&cid=8CU5RJ1PV&crid=764724967&vi=1678493277339808009&ugd=4&lf=6&cc=US&sc=IL&lper=100&wsip=170785070&r=1678493277453&requrl=http%3A%2F%2Fasta.ee%2Fs&ssld=%7B%22QQ8E%22%3A%22fF9f%3AkkNW%3A999u%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22_t%22%2C%22QQN75%22%3A%22Q71kkmLO%22%7D&vgd_bid=337997&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=20278&vgd_rakh=1678493277127779133&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_itype_id=17&vgd_pgid=p01070296690t202303110007&vgd_pgids=1&vgd_uspa=0&hvsid=00001678493277450028075641951221&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-163-93.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
date: Sat, 11 Mar 2023 00:07:57 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sat, 11 Mar 2023 00:07:57 GMT

GET
H2 200 smtr Show response
contextual.media.net/ Frame EF25 68 KB
27 KB 156ms
155ms Document
text/html 23.195.100.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=764724967&size=728x90&cc=US&sc=IL&chnm=HARMONY&pid=8POJ4N28G&tpid=TL388V6&https=1&vif=2&requrl=http%3A%2F%2Fasta.ee%2Fs&nse=5&vi=1678493277350353905&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B4xqNa/qx4&bcpf=8fOnRrolnfOur8B4xqNa%2Fqx4&bdrId=294&bid=337998&ntv=0&matchstring=hr%3D0%7C&sff=0&katpre=1&katbid=-102&pgid=p01070296690t202303110007&essld=fF9f%3AkkNW%3A999u%3A9999%3A9999%3A9999%3A9999%3A9999~Pb~VT~pJQ7n%3Dw8N1ym&htmlsrc=1&isid=294&allsc=IL

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-100-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

63cdb77fa5679b0dea0c648fd025b561f15c975ffa32d3d2daf9a19a24b68657

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 27801
content-type: text/html
date: Sat, 11 Mar 2023 00:07:57 GMT
expires: Sat, 11 Mar 2023 00:07:57 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-sc-h: 22-ntdz

GET
H2 200 bping.php
lg3.media.net/ Frame 0B9B 35 B
185 B 42ms
41ms Image
image/gif 23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=734&&vgd_cdv=891&vgd_cage=1&gdpr=0&prid=8PRVCXX19&cid=8CU5RJ1PV&crid=764724967&vi=1678493277350353905&ugd=4&lf=6&cc=US&sc=IL&lper=100&wsip=170785070&r=1678493277494&requrl=http%3A%2F%2Fasta.ee%2Fs&ssld=%7B%22QQ8E%22%3A%22fF9f%3AkkNW%3A999u%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22VT%22%2C%22QQN75%22%3A%22pJQ7n%3Dw8N1ym%22%7D&vgd_bid=337998&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=20278&vgd_rakh=1678493277141286671&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_itype_id=17&vgd_pgid=p01070296690t202303110007&vgd_pgids=1&vgd_uspa=0&hvsid=00001678493277491028075641952655&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-163-93.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
date: Sat, 11 Mar 2023 00:07:57 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sat, 11 Mar 2023 00:07:57 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame FD4D 26 KB
9 KB 103ms
102ms Document
text/html 23.195.100.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-100-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

af59827163444d99f2ff3854bb07efda404c0a101dcfae119cf0fe44957c882d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9324
content-type: text/html; charset=UTF-8
date: Sat, 11 Mar 2023 00:07:57 GMT
expires: Mon, 13 Mar 2023 00:07:57 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 5ACF 35 B
199 B 42ms
41ms Image
image/gif 23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4890&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUU9JF8H&reqid=62sHQ1LElUbLX4vpix94tg&vid=62sHQ1LElUbLX4vpix94tg&dn=asta.ee&rawDn=asta.ee&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=http%3A%2F%2Fasta.ee%2Fs&cliIPV6=2602%3Affc8%3A0001%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=TX&ct=stafford&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-appnexus-6f84788487-bqtwj.SC&dtc=east_sc&zone=d&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=713&sckfl=0&smbrid=adx-1&usp_status=0&usp_enf=1&gqid=AGJvddeGRQB6LYRk3WHcq1ev8fA3SJE3Edb6jVoRZOkAvgNWuG-twXMPB4HxXBGccoBXWmcZ&pexid=ADX-pub-6158005011030073&geoll=false&is_ortb=false&s_ip=74.125.92.98&s_city=morganton&commit_id=bd539c93&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-03-10+00%3A00%3A00&schain_cmpl=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&rtttime=84&pvid=294&prvAccId=764724967&prvApiId=8CU5RJ1PV&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=116211091&prspt=headerBid&prvReqId=49149579605061_1336732352_11621109112941&reqsize=728x90&size=728x90&chnl=HARMONY&bdp=0.680&cbdp=0.354&og_cbdp=0.680&ogbdp=0.68&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Fsearch.yahoo.com&dfpBd=0.354&dt=O&dbf=1&epc=764724967&s=1&snm=SUCCESS&pcrid=8CU5RJ1PV-764724967-10-23&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=53&slotVisibility=2&adpos=3&iframingState=0&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1678493276924&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.68&dmm_erpm=true&dmm_ogerpm=false&bcrid=8032948058501&strg=HARMONY&vls=0&scrid=8032948058501&mang=1&pvdTmax=215&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CU5RJ1PV&mx_SPRIG=2&mx_bsBucket=1&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=1&mx_sid=8CUU9JF8H&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_tgs=728x90&mx_bsProfileRa=-1&mx_IAB2=2&mx_bss_algos%3C%3E=0%23%233&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsProfile=-1&mx_ssBucket=0&mx_TAF=3&mx_nids%3C%3E=xX8QddE_thUL&mx_gpid_sent=false&mx_commit_id=ddc45ef88c&acid=c60abdf9776e4aceb675092d29c4b448&rtime=23.0&wsip=mowx-lite-6c456f48f8-5p597&ltime=36.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D1&adtypes=0&adblk=801737595&impId=1&reftime=0&reftype=0&keywordSellerId=false&psrc=fail&mowxReqId=c60abdf9776e4aceb675092d29c4b448_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=-1.0&rfc=-1&feedback_id=62sHQ1LElUbLX4vpix94tg&supplyTagId=801737595&mnrfc=-1&viewability_vendor=EXCHANGE&actltime=37&debug_ts=2023-03-11+00%3A07%3A56&__expireat=1678493877182&mview=1&sc_pvid=313&sc_ogbdp=0.21&sc_adj0=0.0&sc_adj1=0.0&sc_adj2=0.0&sc_prspt=headerBid&sc_bdp=0.210&sc_cbdp=0.210&sc_cat=IAB-3&sc_advUrl=https%3A%2F%2Fsearch.yahoo.com&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.68~vw_exc%3D0.53~vis_sd%3D251~url_rps_b%3D9.37~dom_b%3D1.26~dc2%3D1~scd%3Dtx~v_asn%3D20278~dom_l%3D20~vl2r_sd%3D2023031011~iurl_b%3D834.38~url_tkc%3D0~url_r2a_b%3D0~std%3D~last%3D~cvog%3D2.84~vis_url_b%3D0.56~vl2r_i_sd%3D2023031011~ip%3D19J4TPabjzC4sVTIyGktGw~fbb%3D0~vis_url_l%3D0~riipua%3D18%2C18~et%3D21~rc%3D1~vl2r_i_b%3D0.03~rps_sd%3D2023031018~vis_b%3D533.12~radv%3D0.000%2C0~url_b%3D1.2~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D10~gcat%3D-1~bb%3D196~vv%3D0~cvl2r_sd%3D251~l2r_b%3D1000~erpm%3D0.68~vl2r_url_kc%3D0E0~bm%3D1~sid%3D764724967~sd%3D0~uid%3D2IaGlxWolU5l5ope7i~url_rps_kc%3D0~cvl2r_b%3D2.84~btd%3D68618593809874083959111173605478779861537797605827253089661259350894840169580967958196888503058432~d2p_l%3D10~cvl2%3D2.84~3pcf%3D999.46~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D0.99~ogd2p_b%3D0.98~ss%3DNA~cc%3DUS~uiw%3D-1~ce%3D0~rps_b%3D149.98~url_srps_b%3D9.37~CI%3D2870~nts%3D1~tb%3D-1~bss_RVP%3DMB%2CNED~ct%3Dstafford~bss_KTW%3DMB%2CNED~rkwd%3D0.000%2C0~basis2%3D196~basis1%3D196~isRef%3D0~isif%3D0~lc%3D1~url_rpc_b%3D0~bid%3D0.68~dc%3D8~url_rps_rv%3D0~vl2r_b%3D8.54~supply_tag_id%3D%7Eviewability%3D0.53%7Eamp%3D1%7Ecbdp%3D0.680%7Edmm%3Dharmony%7Esuid%3D%7Edtc%3Deast_sc%7Exid%3DADX-pub-6158005011030073%7Edalg%3D%7Ehtml%3D1%7Eadblk%3D801737595%7Esobp%3D0.21%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.680%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D50%7Edogb%3D0-1%7Eecp_used%3Dq50~ibc%3D1~nsz%3D1~tgs%3D728x90~bsb%3D1~bsp%3D-1~tmx%3D215&utime=575&sf=0&cpr=0.8620436150555524

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-163-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: max-age=3600
date: Sat, 11 Mar 2023 00:07:57 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=21600
content-length: 35
expires: Sat, 11 Mar 2023 06:07:57 GMT

GET
DATA 200
OK truncated
/ Frame 5ACF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 823920bb903424fa8c52bac52fa31109cd9e80c8c20f65ceecef86729e6dc80f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 35D8 26 KB
9 KB 99ms
99ms Document
text/html 23.195.100.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-100-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

af59827163444d99f2ff3854bb07efda404c0a101dcfae119cf0fe44957c882d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9324
content-type: text/html; charset=UTF-8
date: Sat, 11 Mar 2023 00:07:57 GMT
expires: Mon, 13 Mar 2023 00:07:57 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 0B9B 35 B
199 B 65ms
64ms Image
image/gif 23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4854&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUU9JF8H&reqid=CLZDRXi7dUAN4pZfyBpNeA&vid=CLZDRXi7dUAN4pZfyBpNeA&dn=asta.ee&rawDn=asta.ee&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=http%3A%2F%2Fasta.ee%2Fs&cliIPV6=2602%3Affc8%3A0001%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=IL&ct=West+Chicago&zip=60185&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-appnexus-6f84788487-wc4rx.SC&dtc=east_sc&zone=d&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=713&sckfl=0&smbrid=adx-1&usp_status=0&usp_enf=1&gqid=AGJvddfPEmdqHdrCfkbpOYkvmoAqJ8ZAz7d6s-dCmcDWUlldBfkgzi4b9KBbnCfSDvn3tHfd&pexid=ADX-pub-6158005011030073&geoll=false&is_ortb=false&s_ip=74.125.40.13&s_city=morganton&commit_id=bd539c93&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-03-10+00%3A00%3A00&schain_cmpl=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&rtttime=124&pvid=294&prvAccId=764724967&prvApiId=8CU5RJ1PV&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=116211091&prspt=headerBid&prvReqId=117847720092318_25075585_11621109112941&reqsize=728x90&size=728x90&chnl=HARMONY&bdp=0.410&cbdp=0.213&og_cbdp=0.410&ogbdp=0.41&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Fsearch.yahoo.com&dfpBd=0.213&dt=O&dbf=1&epc=764724967&s=1&snm=SUCCESS&pcrid=8CU5RJ1PV-764724967-10-4&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=82&slotVisibility=1&adpos=1&iframingState=0&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1678493276930&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.41&dmm_erpm=true&dmm_ogerpm=false&bcrid=8032948058501&strg=HARMONY&vls=0&scrid=8032948058501&mang=1&pvdTmax=177&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CU5RJ1PV&mx_SPRIG=2&mx_bsBucket=1&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=1&mx_sid=8CUU9JF8H&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_tgs=728x90&mx_bsProfileRa=-1&mx_IAB2=2&mx_bss_algos%3C%3E=0%23%233&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsProfile=-1&mx_ssBucket=0&mx_TAF=3&mx_nids%3C%3E=xX8QddE_thUL&mx_gpid_sent=false&mx_commit_id=ddc45ef88c&acid=8f76c5cfbb334ac4ae39617e0823a48d&rtime=25.0&wsip=mowx-lite-6c456f48f8-r8wpn&ltime=41.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D0&adtypes=0&adblk=991847123&impId=1&reftime=0&reftype=0&keywordSellerId=false&psrc=fail&mowxReqId=8f76c5cfbb334ac4ae39617e0823a48d_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=-1.0&rfc=-1&feedback_id=CLZDRXi7dUAN4pZfyBpNeA&supplyTagId=991847123&mnrfc=-1&viewability_vendor=EXCHANGE&actltime=41&debug_ts=2023-03-11+00%3A07%3A56&__expireat=1678493877185&mview=1&sc_pvid=319&sc_ogbdp=0.21&sc_adj0=0.0&sc_adj1=0.0&sc_adj2=0.0&sc_prspt=headerBid&sc_bdp=0.210&sc_cbdp=0.210&sc_cat=IAB-3&sc_advUrl=https%3A%2F%2Fsearch.yahoo.com&rme=adm&bdata=sd2%3Dnull~tt%3D0~iurl_l%3D10~ogerpm%3D0.41~vw_exc%3D0.82~vis_sd%3D251~url_rps_b%3D9.37~dom_b%3D1.26~dc2%3D1~scd%3Dtx~v_asn%3D20278~dom_l%3D20~vl2r_sd%3D2023031011~iurl_b%3D834.38~url_tkc%3D0~url_r2a_b%3D0~std%3D~last%3D~cvog%3D2.6~vis_url_b%3D0.56~ip%3D19J4TPabjzC4sVTIyGktGw~fbb%3D0~vis_url_l%3D0~riipua%3D18%2C18~et%3D23~rc%3D2%2C0~rps_sd%3D2023031018~vis_b%3D788.71~radv%3D0.000%2C0~url_b%3D1.2~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D10~gcat%3D-1~bb%3D196~vv%3D0~cvl2r_sd%3D251~l2r_b%3D1000~erpm%3D0.41~vl2r_url_kc%3D0E0~bm%3D1~sid%3D764724967~sd%3D0~uid%3D2IaGmMOgUlaUKIkVyh~url_rps_kc%3D0~cvl2r_b%3D2.6~btd%3D68618593809874083944289786181376870260623070506020783440784904382725554885588089358313215430754304~d2p_l%3D10~cvl2%3D2.6~3pcf%3D999.46~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D0.99~ogd2p_b%3D0.98~ss%3DNA~cc%3DUS~uiw%3D-1~ce%3D0~rps_b%3D134.98~url_srps_b%3D9.37~CI%3D2870~nts%3D1~tb%3D-1~bss_RVP%3DMB%2CNED~ct%3Dstafford~bss_KTW%3DMB%2CNED~rkwd%3D0.000%2C0~basis2%3D196~basis1%3D196~isRef%3D0~isif%3D0~lc%3D1~url_rpc_b%3D0~bid%3D0.41~dc%3D8~url_rps_rv%3D0~vl2r_b%3D3.86~supply_tag_id%3D%7Eviewability%3D0.82%7Eamp%3D1%7Ecbdp%3D0.410%7Edmm%3Dharmony%7Esuid%3D%7Edtc%3Deast_sc%7Exid%3DADX-pub-6158005011030073%7Edalg%3D%7Ehtml%3D1%7Eadblk%3D991847123%7Esobp%3D0.21%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.410%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D50%7Edogb%3D0-1~ibc%3D1~nsz%3D1~tgs%3D728x90~bsb%3D1~bsp%3D-1~tmx%3D177&utime=591&sf=0&cpr=0.6873993798622342

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-163-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: max-age=3600
date: Sat, 11 Mar 2023 00:07:57 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=21600
content-length: 35
expires: Sat, 11 Mar 2023 06:07:57 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame EB2F 106 KB
37 KB 140ms
47ms Script
text/javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: asta.ee
URL: http://asta.ee/s/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 11:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Mar 2023 11:53:57 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/ Frame EB2F 8 KB
3 KB 40ms
39ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BtpfbroFNvryG880KwWVkN2FmUdUx0Khaq8bYt0liKoo8uUfMs3bXTKcr5ZloUDXoTw45ev4cOUj69gO6_3CXbzFlqjw&cry=1&dbm_d=AKAmf-CB4UHoXE9kH8BT1dAIwNoljqQhrDS863QxNJD3oame9C0fP88aZYQ67D-BJvK_TZTWM5wSp9rHfbstZuVB04gtos8IiMEUW3KKVbuolgp4OGcFzNLEVQoqTLL8GlO1ElnFqcBS8MbArlVnmSUWdd5kfqLEMij-YYdlPRKwB2IEBR2nC7IA5wlkCQJwF9Fu0ySo9y1NN1NicmhWcqKFt_jQJRGZjqtbzy4y_GC8kUpTnUp_AdPpYZzj6om6iGbOrqNFRNRQMN5NhT47-BqcCykVFsMUc8ndlk3bBGJms0cBgPcCUd5pJ_VuECwi7MWX4zVazQ6-xYyE332fR6E_8iFiqsNnQNxsK-aPXdKijxaSElDamuumvo2bK00mMzb4gSUkpTVDMWpnaqjihsgccgLLEPuZ_IzGaEPq9zMhpET11OtO9cADLGpYhnG8nCYzboFyVatEBkStQm8vZF_T8yUgChGWFYV3JZVXc3T_N5QZk7otQpi2ALwo6d4c-kG10gQdEVtyXSM3jJpK_z8tm7G8cahg9YwNpmUnSucncLZRLzNOKFhT9mzTsL2lW17o2BPamPUO3G1Z-ixwLlEvCmy1r_IAtoEQPMhVNEd4kbl7NF7Hk-VZo4EqZ91SsNNP0BzAmA0YkGI3_YfJXLY7Y6NwOsAOYi_xd8xvEy9LTvYIFYPm4rmSmznw_pvEParsoySbFj2XrqmGDbpokUdpcB-SBznX3l3sQG00dKjVegCJC_4vuy9Q96BOIKxyQzWao9tx2Dsw7SftQB-Mh_fazPvOMnd3H6i9BPUxy31yywExD-noj09Zoubeakfrc8m3JaAFQ3-7TOdXI0BAIIrKNuXFNlWvYRmQViW-zngUFjUP7RvicvFDNjLkdZwR-7Cpt2ozLjD21_LC8I53pIh054i52NzdDzvu3pJWuBm7u-O9ULsW4pxTb4VzzLgvsdzXja9HLOVYnLsVEv-qGjTpOoB7MuVsM_sXaN06DlOVgz152bI_3gdYDPVmCY-zQ_Cq4pcVyTEOec5_0Yc9BspZ08dvgkoYWNAeb-qh1N7MKQhDwPkv8eWwzdqS6lUCkNeoQNsR97-W3f6RW-I6oF259FxdxGQGU_l3SnunJYDvwWWAi29xo1X923UHosGDHyGy9iHy4_O21hmuixLF1NgmTgGd78Nbj4MN9rEgcHRWjbRMTBujImCHvB--zZ6lNOWiNRztv0a86_OA42VCz4Rdq27lDfSGSmN_AAeNRscuE3Y73-i4rXI8fho4KAmgXt8KQr3VDSOx-ilYuhNng4XujKlOw4yQhHXuD6Ly_GHVva_-tEi75uVjQq_jhHZIN0tQGBF2vBwVDK1Phsu9vYbdMMunmt8KVSXht03Yf3k0rCtVkU8LgObVnWqktbaUopPMzGiEHdHABO6xxuSxN6qhYb_drkMfpzxnfSIGQ_tJBfc2F8G5k6gbXt-owDG2_V2JnMzWLIrxSfh9ir-tv0mhLUQ1xrPL-kLgymAdiaEwz6udVEYMnW4KP-08k4IoPUXGn_9jjAwEgmVCyQFHv-Ys-CGvj8n1IOAbiR5hPMYQdWZH_pucr684usvIUAVDKdtk2FIeUrmStplBHUAj2Hpzi_NB6Tq98rmPiPlsFk7JhauDQU31i8oimOVVB47iFTZDObJ6zDvxWi5uNXFsrayKx0DGG0IILfLpzrmubRfoJMV3S_OD2z8zOYI3RLrxBGKp9VxTQ322tL4ST7zXdW84dDSfrUNjLG96CLg-yVv1uC8kTt4YUYKCiYPyoypmKaIv1AmI_gjzNMgCJvVvxHORKCVhZtYCBxsl7m5XSzWPju_5LdDdCANEDFeURjvliYZOW_mr6Rsaf9eVYC9Gu_QhZ-xYARRS8TRvTkzb_Cd3543FrG2uV6B7WC0Hv3GrKpz0w_qV0diUeZLOR26sJm7HBX3BkCoGXqYFID6gC2bAxdjU0VDoAMoQkTZygXyZj0PynMJVLSy_1QzyiGLCymp_TZeZUPhXGurSdELki2ARNJ_C6C-jUiX-NDOkIEcKAnh_z-x7Vl9PMIOy-qnemX-q_m4w2r6UzUnkfob5-5FtbvQueEft4mIvs2B8lEIDhhxpYBFuA3_wqtZqytlWMyVYghmr3KnkVo4283e8m8Nb2HVoED7fMUiXpw5-jsJ1kze78BPr3DzBwuQc-lTpyodI5Ps48Y1u2JLGFxpwrzbSsGL9br-0rgVgz3kRuMtvWAnbDTHY-pCWfQtIVsLC4Z7KQjMIJY9kiT2Qs3KCswV3XxIQnbKez_vzuCl1e1_VdKfAqCSXHjJ1O_QxYtSvSIZRKyroBuOrGiiot5Dqcb2LnO16IeJdZsoPFommRdeMovY75BApTLoksjYtqN9c4xUOAvksVvHfBEUX5wLtVTAJhKvwzXdE3BJvGfUjpW9f-TdybhAOfv6uiDfTt7GF66TUy88KNxfzdb7VGvMQB0g6joOXlen50diLxi_niQXvOTuN3Sou3XIQHH5BXU9RvPCtLtZPCsHymQ_soeZhLzZVa-nT7oMWsJVSZeIx5s_8yi1ceDQMV9MmKMvsd92xVoyyZEwXLk92z5SUsSDRfCQw-XRRWATNwx7gsQkCOawHGqEF0fepVTqreYD31XrE6XYUnEgOIfoWP8J_yqEPSfqd4dCt_7SklHJ_nyV75BQA2LP2xAvL2lHmJqrD8knLoaD8SdHMmkm9gS0Powl2sbPPlAOZCR6gYO-C9fJq3Tt26Z09z6i0WrEIV4zYo7UwVi-9c0M-TGKK2xGXfMo3DpwTj6pDoAkrJbxk2LFJOxsF5vBnoW15g0WH5nsq0BKIsUpspcH7EyaCNxZy6H3UbZqK2sCArM8Nblc4SMSES54cXMBFQxj9lKwI_WdZSo-NDgXGGQl7dM1n65TiEM9vOKfyhvsuwDpkmiv_LY_wvvGJQ6hWXShmxv22ynPaeejgA1bOQGIXgeanWFXlLArfh9Ztr9gnqXhizCbjcbkGaC27F1by_biljs_VAghDrUY6lZ4m42APjn2hsIn5jRTTb1_Ifz2RLneNdYCNonNC-Fig1r9V-_mmSrw0ylXJ4kXK3OhlF9UYCPyR6IxKih5bgYH-Tztx0K8t_xnXUS7bweprYgZKrm-I0hpZ0bNC_DEHq_Cu6QLkvHZRl0jH1ncD_jk8UPGjWLCStF6xWdKZgzU3NyaDYcJKgUTW_8YEcjdS8jujaTzwmu4XKQ2e5cdev4VssmvFjtyFLxb6iDxGMEaTIr6QdKGorMIKVi-Okg7mDFngBqUQ8d73Kg&cid=CAQSGwDUE5ymY8qmitk2htG1hg-8_zbQKtbsPyBbexgB&dv3_ver=m202301230201&rfl=http%3A%2F%2Fasta.ee%2F&ds=l&xdt=1&iif=1&cor=18440867543141276000&adk=250412560&idt=96&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 13:01:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39993
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Mar 2023 13:01:24 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame EB2F 28 KB
11 KB 40ms
40ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 13:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10962
x-xss-protection: 0
server: cafe
etag: 11760670070698444384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Mar 2023 13:01:23 GMT

GET
DATA 200
OK truncated
/ Frame 0B9B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b3731b9185d19fd73f6f4166520a59bddec9197ebdb0c94ec036053e3ade9cc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame EB2F 41 KB
15 KB 48ms
47ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 05:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68726
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 05:02:31 GMT

GET
DATA 200
OK truncated
/ Frame EB2F 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59a9589683a37a346459b98aaeabf83e1d022a66d02e7ea6722418ab5daa8de4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

cksync
cs.media.net/ Frame FD4D
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzIxNDk0ODc3NjQxOTU4MTAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESENrZe12dzGa_HisUdLTLRQc&google_cver=1

237 B
638 B

114ms
94ms

Image
image/gif

23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESENrZe12dzGa_HisUdLTLRQc&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-93.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Mar 2023 00:07:57 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 237
x-mnet-hl2: E
expires: Sat, 11 Mar 2023 00:07:57 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Mar 2023 00:07:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESENrZe12dzGa_HisUdLTLRQc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync
cs.media.net/ Frame 35D8
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzIxNDk0ODc3NjQxOTUwMjAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESENrZe12dzGa_HisUdLTLRQc&google_cver=1

237 B
638 B

105ms
104ms

Image
image/gif

23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESENrZe12dzGa_HisUdLTLRQc&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-93.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Mar 2023 00:07:57 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 237
x-mnet-hl2: E
expires: Sat, 11 Mar 2023 00:07:57 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Mar 2023 00:07:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESENrZe12dzGa_HisUdLTLRQc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame EF25 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EF25 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EF25 231 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6c1f8a31c1ffac719a6930db183e077fce4b40877d67aeabef1f2532bc04bb6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EF25 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK OpenSans_Bold.woff
res-a.akamaihd.net/__media__/fonts/OpenSans_Bold/ Frame EF25 25 KB
25 KB 167ms
44ms Font
font/woff 104.117.182.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/OpenSans_Bold/OpenSans_Bold.woff
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=764724967&size=728x90&cc=US&sc=IL&chnm=HARMONY&pid=8POJ4N28G&tpid=TL388V6&https=1&vif=2&requrl=http%3A%2F%2Fasta.ee%2Fs&nse=5&vi=1678493277350353905&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B4xqNa/qx4&bcpf=8fOnRrolnfOur8B4xqNa%2Fqx4&bdrId=294&bid=337998&ntv=0&matchstring=hr%3D0%7C&sff=0&katpre=1&katbid=-102&pgid=p01070296690t202303110007&essld=fF9f%3AkkNW%3A999u%3A9999%3A9999%3A9999%3A9999%3A9999~Pb~VT~pJQ7n%3Dw8N1ym&htmlsrc=1&isid=294&allsc=IL
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.117.182.24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-117-182-24.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07

Request headers

Referer: https://contextual.media.net/
Origin: https://contextual.media.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 11 Mar 2023 00:07:57 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: Apache
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25720
Expires: Sun, 12 Mar 2023 00:07:57 GMT

GET
H/1.1 200
OK OpenSans_Semibold.woff
res-a.akamaihd.net/__media__/fonts/OpenSans_Semibold/ Frame EF25 21 KB
22 KB 164ms
42ms Font
font/woff 104.117.182.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/OpenSans_Semibold/OpenSans_Semibold.woff
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=764724967&size=728x90&cc=US&sc=IL&chnm=HARMONY&pid=8POJ4N28G&tpid=TL388V6&https=1&vif=2&requrl=http%3A%2F%2Fasta.ee%2Fs&nse=5&vi=1678493277350353905&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B4xqNa/qx4&bcpf=8fOnRrolnfOur8B4xqNa%2Fqx4&bdrId=294&bid=337998&ntv=0&matchstring=hr%3D0%7C&sff=0&katpre=1&katbid=-102&pgid=p01070296690t202303110007&essld=fF9f%3AkkNW%3A999u%3A9999%3A9999%3A9999%3A9999%3A9999~Pb~VT~pJQ7n%3Dw8N1ym&htmlsrc=1&isid=294&allsc=IL
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.117.182.24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-117-182-24.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135

Request headers

Referer: https://contextual.media.net/
Origin: https://contextual.media.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 11 Mar 2023 00:07:57 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: Apache
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21704
Expires: Sun, 12 Mar 2023 00:07:57 GMT

GET
DATA 200
OK truncated
/ Frame 3755 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3755 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3755 231 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6c1f8a31c1ffac719a6930db183e077fce4b40877d67aeabef1f2532bc04bb6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3755 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK OpenSans_Bold.woff
res-a.akamaihd.net/__media__/fonts/OpenSans_Bold/ Frame 3755 25 KB
25 KB 146ms
43ms Font
font/woff 104.117.182.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/OpenSans_Bold/OpenSans_Bold.woff
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=764724967&size=728x90&cc=US&sc=IL&chnm=HARMONY&pid=8POJ4N28G&tpid=TL388V6&https=1&vif=2&requrl=http%3A%2F%2Fasta.ee%2Fs&nse=5&vi=1678493277339808009&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B4xqNa/qx4&bcpf=B4xqNa8fOnRrolnfOur8%2Fqx4&bdrId=294&bid=337997&ntv=0&matchstring=hr%3D0%7C&sff=0&katpre=1&katbid=-102&pgid=p01070296690t202303110007&essld=fF9f%3AkkNW%3A999u%3A9999%3A9999%3A9999%3A9999%3A9999~Pb~_t~Q71kkmLO&htmlsrc=1&isid=294&allsc=IL
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.117.182.24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-117-182-24.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07

Request headers

Referer: https://contextual.media.net/
Origin: https://contextual.media.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 11 Mar 2023 00:07:57 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: Apache
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25720
Expires: Sun, 12 Mar 2023 00:07:57 GMT

GET
H/1.1 200
OK OpenSans_Semibold.woff
res-a.akamaihd.net/__media__/fonts/OpenSans_Semibold/ Frame 3755 21 KB
22 KB 147ms
44ms Font
font/woff 104.117.182.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/OpenSans_Semibold/OpenSans_Semibold.woff
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=764724967&size=728x90&cc=US&sc=IL&chnm=HARMONY&pid=8POJ4N28G&tpid=TL388V6&https=1&vif=2&requrl=http%3A%2F%2Fasta.ee%2Fs&nse=5&vi=1678493277339808009&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B4xqNa/qx4&bcpf=B4xqNa8fOnRrolnfOur8%2Fqx4&bdrId=294&bid=337997&ntv=0&matchstring=hr%3D0%7C&sff=0&katpre=1&katbid=-102&pgid=p01070296690t202303110007&essld=fF9f%3AkkNW%3A999u%3A9999%3A9999%3A9999%3A9999%3A9999~Pb~_t~Q71kkmLO&htmlsrc=1&isid=294&allsc=IL
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.117.182.24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-117-182-24.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135

Request headers

Referer: https://contextual.media.net/
Origin: https://contextual.media.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 11 Mar 2023 00:07:57 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: Apache
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21704
Expires: Sun, 12 Mar 2023 00:07:57 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9CE0 22 KB
8 KB 41ms
39ms Document
text/html 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 68725
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 05:02:32 GMT
expires: Sat, 09 Mar 2024 05:02:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/ Frame 5F82 124 KB
23 KB 119ms
39ms Document
text/html 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

167811d5e5e8f68668b6dc7b2dcc06bd400c4affb5ab7f9ea768e9b9a3a6c609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 291468
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 23924
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 15:10:09 GMT
expires: Wed, 06 Mar 2024 15:10:09 GMT
last-modified: Mon, 06 Mar 2023 17:06:36 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EB2F 0
0 184ms
75ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyLAcFvrbqyxK6CmbjewYoxiizXDR2vdpxklj4q1yvNsn_w4D3_f8oYeNX3sRNioCPxOtIk3vVdWdQEJIa0ctAjK385NGU4bjuUisBGFDikUeSxQkPw-8TvAhnSC0891DBjLtV2mNkmKzlvEYuy3Q8ym9QOGNI3t5e1HnHdUrsPTnJ9PM3l2h5tmniTf8QDO35QZkBT6yu3oLsrYrT4GwX0mkteRTCtY7er98-7u-eT63DE19dXZTYftOxfN7aGv9HHmPA-SQe1uesa4RQse6iFz0LT0mUaULwRf4j7yqopHB6kNigtY659NC9u5roFHSB-LIcXnPf47LVAJY7iw6KbRKSx9kZyXdmd2mjyETJtWd6uYBuC72amMKFakMezDgL2kIAvoyITC7vXTXFlb2siPB69tn8sskAL7Hf7Nvgv9X9sCtfP3bxljn_EMpxQVbFszr4u57MWIH0YCLg0k4G58X1NOFm0fPW3pOfyCUgp26LiuGwV-fiFrdphxZuvwfD2bOhhjwO7ydtYBgmtrpW1t4tAzVNByUHslPYs3DZdIoAynLCltbRyTFrl2ScuM7V6FLnaCVerI1HFM1U3aY6uuR9yIA4t7CKi5TELluiipYHqtfHXBRzhdgcnp1ERQG0LN4WV-t_TcI5YCNZKayWSrVO_w0Pwunn713YP8cKmmZ7jcDoykODurpfuczr6XkBpRd1SoW1OMYKiaHCPhKGPiontHQaxEA0qDsBn1JjLIYDbViWLvqgW0u9kr-0f4CQSVNHPQJG1a1zHEMAYVUNP5gx-Vrm479esxDDFma5HFjhPxpln9B3fmOG7UJGoBaH_l_woC8r40qOo4iEyae4v465xiUjpq5UIXyUOLDz2R2y5ATA6cc_vkDcAt7-s0RvSop5hVmrOnd90093S6wkeOZuzHu0sji8yq4p-z48oDiH2UFXBDRBAjNc60qMtrBi_mh6X55OVrCcIUm6FrSrj-zDypJNo4vnHgv7l8yx5ZmyLpXdPZVZlHANwOFI1WbMNu41vCkp5wmWXKMqPP7stJTlYUZtqnPEcuX3KI_0NB18gZov2SkPieXiSqsOiIf_eiFN7kBEdTC4FsWwYXkyYSK-CvmGTR2mbB04WA&sai=AMfl-YQv5K4XAhoi6NO8tNyxqvfSgNUAVZaw5LsBIh05Jop72vVMJUnGG3e5Gc40KTw12lApECfJiFqQd3VCmSz3n4IChA_GrALvQsc6kw-otzQ2XlFTXjQ405aYlNUQvmwzWsP20KBxiKjn5dIE5yJwJOTe1J_kcn2lmMmAn2_ckvEFDLQOqGU&sig=Cg0ArKJSzMFtl4ZaLN_oEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=260&cbvp=1&cstd=256&cisv=r20230308.34416&arae=0&ftch=1&adurl=

Requested by

Host: asta.ee
URL: http://asta.ee/s/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 11 Mar 2023 00:07:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 11 Mar 2023 00:07:57 GMT

GET
H3 200 haezTdMeijvNpzpe-iMvzf0waJjhxHRsaf2aRdVkA3o.js Show response
pagead2.googlesyndication.com/bg/ Frame 9CE0 36 KB
14 KB 40ms
40ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/haezTdMeijvNpzpe-iMvzf0waJjhxHRsaf2aRdVkA3o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85a7b34dd31e8a3bcda73a5efa232fcdfd306898e1c4746c69fd9a45d564037a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 16:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14212
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Mar 2024 16:37:28 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame EF25 15 B
169 B 46ms
46ms Script
text/javascript 23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=4591&&vgd_canary=0&vgd_l2type=scs_newfl&fp=9qGfjelL8ZzKXp_2lOYP7lakfwDD_eyictd47dEf8V2wqOBkyKoWQmpxNJkBsCcQezNgGQ61qBvDdxT8ndKUUv8x0jzoC8kYtTbE1wRcsuNDVDFnaIuXA-v6BPH2-uvYBsUJH4g8zYE%3D&cme=95pc8pqgnfaH8LZs_F5GZZQuaj-ImXcL1yjotdP7r-x9BcFiHy3YxtXub8bFBcojG2wBNNqhXKtHQ65rRpqUAB0ONmCrXco9ppT_2dwcaW5BuoSEDz4w8aUr6yDWyaBrzoiyXLipIfsXJ9MO9MHudNIwSZVz4YYJ92gv7rGkrgy9kan9TpAvzcWMzSUQGc1cy17YIKhfrAkGSCh2LiAkAT-4mh97CWZNszqISgvUSRAZkkiZr8LKWA%3D%3D%7C%7CxDcVMoSqRIS-64dMiPYyy9Uc_YdFubp_IUCCuQ6A3po%3D%7Cf_0zR8V6BlCT8Fjfs_C2wsqLAGfm9I1bkD4IkBwbYq2N_OdYnoYBagMfiUdDniYoUdQdMh87URYxjLsbBlCQKWtJmqEPxIV2A5raMnsxRe8nrHEyLv9G1UiBjN0PdGONQYGFCY0O0-Ljy9SUWYS2CwI3tLZuiUQ2gvzfA2fAG7tln9b_6ILy52_7wQ_UX0JdBHVs4Uoy9cm0eqcNTdngfHJ81foP2hOw6yNywtyAchk%3D%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CJwgYdc1KQkFA0AkMtcoUY9olDV92JfOo%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7C&subBdr=196&bdrid=294&ksu=355&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Mobile+App+Developers&kwt[]=391&kbc[]=1262905965&kwp[]=1&kid[]=316624966&kbc2[]=pmb%3D1%7C1%3D0.63%7C2%3D5.92%7C3%3D1.19%7C4%3D4.77&ktd[]=274911526912&ktrkt[]=Mobile+App+Developers&kwd[]=Best+Priced+Car+Insurance&kwt[]=391&kbc[]=1262905965&kwp[]=2&kid[]=48970281&kbc2[]=pmb%3D1%7C1%3D0.76%7C2%3D6.93%7C3%3D1.22%7C4%3D4.76&ktd[]=274894749696&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Immediate+Driver+Jobs&kwt[]=391&kbc[]=1262905965&kwp[]=3&kid[]=321454930&kbc2[]=pmb%3D1%7C1%3D1.02%7C2%3D7.06%7C3%3D0.62%7C4%3D4.79&ktd[]=274894749696&ktrkt[]=Immediate+Driver+Jobs&kwd[]=Best+Nutritious+Dog+Foods&kwt[]=391&kbc[]=1262905965&kwp[]=4&kid[]=350406945&kbc2[]=pmb%3D1%7C1%3D0.84%7C2%3D8.60%7C3%3D0.76%7C4%3D4.48&ktd[]=274894749696&ktrkt[]=Best+Nutritious+Dog+Foods&v=1&geo=41.89%7C-88.2&dlper=20&lper=100&lpid=&tsid=4&hint=&cc=US&wsip=170774562&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQ8E%22%3A%22fF9f%3AkkNW%3A999u%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22VT%22%2C%22QQN75%22%3A%22pJQ7n%3Dw8N1ym%22%7D&cid=8CU5RJ1PV&vi=1678493277350353905&vsid=3214948776419505&tdAdd[]=asnum%3D20278&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=010&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=1&vgd_l3_sc=IL&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=8251&vgd_nrrmf=1001c80a&vgd_nrrsf=scrr&vgd_cty=west+chicago&vgd_ifrmode=14&vgd_l1rakh=1678493277141286671&tsrc=entity&sttm=1678493277491&upk=1678493277.451&hvsid=00001678493277491028075641952655&verid=3111299&vgd_matchstr=hr%3D0%7C&sbdrId=196&vgd_ecrid=8032948058501&vgd_isiolc=1&vgd_fcm_enc_mis=1&kbbq=%26asn%3D20278&vgd_vstrid=3214948776419505&vgde_bdata=QOfvzxjj~77v9~8xLjMjvu9~myJLEYv9.Hu~eBMJ-Nv9.Wf~e8QMQOvfXu~xLjMLEQMGvi.Ah~OmYMGvu.fF~ONfvu~QNOv7-~eM1Qzvf9fhW~OmYMjvf9~ejfLMQOvf9fA9Au9uu~8xLjMGvWAH.AW~xLjM7UNv9~xLjMLf1MGv9~Q7Ov~j1Q7v~Nemyvf.F~e8QMxLjMGv9.XF~8Evui6H_01Gdl%3DHQ%2F_V5ZU7ZB~kGGv9~e8QMxLjMjv9~L88Ex1vuW%2CuW~J7vfA~LNvf%2C9~LEQMQOvf9fA9Au9uW~e8QMGvhWW.hu~L1Oev9.999%2C9~xLjMGvu.f~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvu9~yN17vou~GGvuiF~eev9~NejfLMQOvfXu~jfLMGvu999~JLEYv9.Hu~ejfLMxLjMUNv949~GYvu~Q8OvhFHhfHiFh~QOv9~x8OvfV1ZYcayPj1PCVU%2F5w~xLjMLEQMUNv9~NejfLMGvf.F~G7OvFWFuWXiAW9iWhH9WAiHHfWihWFuWuAhFWh9fF9FfA9h9X9F9f9hWAHH9hWHi9HAWfhfXXXHWWXXWW9WiAXWAuAfuXHA9hXHA9H~OfEMjvu9~Nejfvf.F~AENkviii.HF~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.ii~myOfEMGv9.iW~QQvIK~NNvPb~x8Bvou~NJv9~LEQMGvuAH.iW~xLjMQLEQMGvi.Ah~%3DVvfWh9~z7Qvu~7Gvou~GQQMD%2F0vcR%2CI4r~N7vQ71kkmLO~GQQMC_pvcR%2CI4r~LUBOv9.999%2C9~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8Q8kv9~jNvu~xLjMLENMGv9~G8Ov9.Hu~ONvW~xLjMLEQMLev9~ejfLMGvA.WF~QxEEj5M71yM8Ov~e8JB1G8j875v9.Wf~1YEvu~NGOEv9.Hu9~OYYvw1LYmz5~Qx8Ov~O7NvJ1Q7MQN~-8OvKrtoExGoFuXW99X9uu9A99hA~O1jyv~w7Yjvu~1OGjUviiuWHhufA~QmGEv9.fu~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.Hu9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vX9~OmyGv9ou~8GNvu~zQlvu~7yQvhfW-i9~GQGvu~GQEvou~7Y-vuhh&vgd_bhv_kbb=1&vgd_cfud=220914&vgd_scsver=418&vgd_optout=0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=602&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A728%3Brend_h%3A90&vgd_uspa=0&vgd_sc=IL&vgd_l1rhst=contextual.media.net&hvsid=00001678493277491028075641952655&rc=0&rand=1678493277753&acid=8f76c5cfbb334ac4ae39617e0823a48d&matm=1678493277753&vgd_ltimesrc=1&vgd_ltime=806&vgd_rtime=636&vgd_etm=9&vgd_l1hcsd=Om355%7C1514&vgd_l1ch=1&vgd_lhl=2842&vgd_pgid=p01070296690t202303110007&vgd_csip=rtb-appnexus-6f84788487-wc4rx.SC&vgd_sbSup=1&vgd_nrrs=8251&vgd_cdv=891&vgd_cntrdt=SF%7Cgoogleads.g.doubleclick.net&vgd_eadm=1&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=764724967&size=728x90&cc=US&sc=IL&chnm=HARMONY&pid=8POJ4N28G&tpid=TL388V6&https=1&vif=2&requrl=http%3A%2F%2Fasta.ee%2Fs&nse=5&vi=1678493277350353905&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B4xqNa/qx4&bcpf=8fOnRrolnfOur8B4xqNa%2Fqx4&bdrId=294&bid=337998&ntv=0&matchstring=hr%3D0%7C&sff=0&katpre=1&katbid=-102&pgid=p01070296690t202303110007&essld=fF9f%3AkkNW%3A999u%3A9999%3A9999%3A9999%3A9999%3A9999~Pb~VT~pJQ7n%3Dw8N1ym&htmlsrc=1&isid=294&allsc=IL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-163-93.deploy.static.akamaitechnologies.com

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
date: Sat, 11 Mar 2023 00:07:57 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Sat, 11 Mar 2023 00:07:57 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 3755 15 B
169 B 47ms
46ms Script
text/javascript 23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=4849&&vgd_canary=0&vgd_l2type=scs_newfl&fp=9qGfjelL8ZzKXp_2lOYP7lakfwDD_eyictd47dEf8V2wqOBkyKoWQmpxNJkBsCcQezNgGQ61qBvDdxT8ndKUUv8x0jzoC8kYtTbE1wRcsuNDVDFnaIuXA9Cdo42NFHR-KPRqTnFrciM%3D&cme=a84aO7JSSmBS-XEU6TTgLDb_6FvoN8HBOjzAw86e9SS0QhGfdM0HTQlPqBGNZT5SitA-7Wvk66Rag32xxzVHzsIo94B5yBB9y_ot00ZrTm1hbIlob8WBrMeBpkRNqnmviINuML0VZXwZz0LhBM91XDPKvVtMfwnmc1A813sNd7rsUUbsEID3LgqyLwe_n-LwGZavCTGLB00dvThm0S5otm3e01-GevFYNyMMHB3UTDu93sQoqgNE8A%3D%3D%7C%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CxDcVMoSqRIS-64dMiPYyy9Uc_YdFubp_IUCCuQ6A3po%3D%7CT3_8cNxsNpYG2yguca1DV7WULfYOdxQtquyTABYDbj31EqDPO7gupt749xN8sScy-nWafonZtT-cikoYh_HS9KxHwbZuOTq0ohXBSphboKGzCa-_Hje211tFFSHnZHsNhvHKX84bOcG7B1pnFLEkubEqdOHoaiVbwo3TwV5w6jo_625Hvze_fRrdKCnjY6PHg0NXLlgCEWyjXsGzLgbxSXK4WUVVAUlecD7vC-6bq5XpHalIXK125MqCubq93Hpx0W_ruIFmTHY%3D%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CJwgYdc1KQkFA0AkMtcoUY9olDV92JfOo%7C&subBdr=196&bdrid=294&ksu=355&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Best+Live+TV+Streaming+Services&kwt[]=391&kbc[]=1262905965&kwp[]=1&kid[]=329864655&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.69%7C2%3D8.30%7Cps%3D0.235%7C3%3D0.62%7C4%3D4.39&ktd[]=274894881024&ktrkt[]=Best+Live+TV+Streaming+Services&kwd[]=How+to+Burn+Stomach+Fat+Fast&kwt[]=391&kbc[]=1262905965&kwp[]=2&kid[]=98297313&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D1.06%7C2%3D12.74%7Cps%3D0.235%7C3%3D1.09%7C4%3D4.45&ktd[]=274911658240&ktrkt[]=How+to+Burn+Stomach+Fat+Fast&kwd[]=Best+Nutritious+Dog+Foods&kwt[]=391&kbc[]=1262905965&kwp[]=3&kid[]=350406945&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.84%7C2%3D8.60%7Cps%3D0.235%7C3%3D0.75%7C4%3D4.48&ktd[]=274894881024&ktrkt[]=Best+Nutritious+Dog+Foods&kwd[]=Local+Cleaning+Jobs&kwt[]=391&kbc[]=1262905965&kwp[]=4&kid[]=115301344&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.57%7C2%3D7.20%7Cps%3D0.235%7C3%3D0.61%7C4%3D4.48&ktd[]=274894881024&ktrkt[]=Local+Cleaning+Jobs&v=1&geo=41.89%7C-88.2&dlper=20&lper=100&lpid=&tsid=4&hint=&cc=US&wsip=170774818&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQ8E%22%3A%22fF9f%3AkkNW%3A999u%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22_t%22%2C%22QQN75%22%3A%22Q71kkmLO%22%7D&cid=8CU5RJ1PV&vi=1678493277339808009&vsid=3214948776419502&tdAdd[]=asnum%3D20278&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=010&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=1&vgd_l3_sc=IL&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=8251&vgd_nrrmf=1001c80a&vgd_nrrsf=scrr&vgd_cty=west+chicago&vgd_ifrmode=14&vgd_l1rakh=1678493277127779133&tsrc=entity&sttm=1678493277450&upk=1678493277.17728&hvsid=00001678493277450028075641951221&verid=3111299&vgd_matchstr=hr%3D0%7C&sbdrId=196&vgd_ecrid=8032948058501&vgd_isiolc=1&vgd_fcm_enc_mis=1&kbbq=%26asn%3D20278&vgd_vstrid=3214948776419502&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.FW~eBMJ-Nv9.XA~e8QMQOvfXu~xLjMLEQMGvi.Ah~OmYMGvu.fF~ONfvu~QNOv7-~eM1Qzvf9fhW~OmYMjvf9~ejfLMQOvf9fA9Au9uu~8xLjMGvWAH.AW~xLjM7UNv9~xLjMLf1MGv9~Q7Ov~j1Q7v~Nemyvf.WH~e8QMxLjMGv9.XF~ejfLM8MQOvf9fA9Au9uu~8Evui6H_01Gdl%3DHQ%2F_V5ZU7ZB~kGGv9~e8QMxLjMjv9~L88Ex1vuW%2CuW~J7vfu~LNvu~ejfLM8MGv9.9A~LEQMQOvf9fA9Au9uW~e8QMGvXAA.uf~L1Oev9.999%2C9~xLjMGvu.f~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvu9~yN17vou~GGvuiF~eev9~NejfLMQOvfXu~jfLMGvu999~JLEYv9.FW~ejfLMxLjMUNv949~GYvu~Q8OvhFHhfHiFh~QOv9~x8OvfV1Zj-pmjPXjXmEJh8~xLjMLEQMUNv9~NejfLMGvf.WH~G7OvFWFuWXiAW9iWhH9WAiXiuuuuhAF9XHhWhhiWFuXAhhihF9XWfhfXA9WiFFufXiAX9WiHWH9uFiXW9iFhiXWuiFWWWX9A9XWHAf~OfEMjvu9~Nejfvf.WH~AENkviii.HF~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.ii~myOfEMGv9.iW~QQvIK~NNvPb~x8Bvou~NJv9~LEQMGvuHi.iW~xLjMQLEQMGvi.Ah~%3DVvfWh9~z7Qvu~7Gvou~GQQMD%2F0vcR%2CI4r~N7vQ71kkmLO~GQQMC_pvcR%2CI4r~LUBOv9.999%2C9~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8Q8kv9~jNvu~xLjMLENMGv9~G8Ov9.FW~ONvW~xLjMLEQMLev9~ejfLMGvW.XH~QxEEj5M71yM8Ov~e8JB1G8j875v9.XA~1YEvu~NGOEv9.FW9~OYYvw1LYmz5~Qx8Ov~O7NvJ1Q7MQN~-8OvKrtoExGoFuXW99X9uu9A99hA~O1jyv~w7Yjvu~1OGjUvW9uhAhXiX~QmGEv9.fu~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.FW9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vX9~OmyGv9ou~JNEMxQJOv%20X9~8GNvu~zQlvu~7yQvhfW-i9~GQGvu~GQEvou~7Y-vfuX&vgd_bhv_kbb=1&vgd_cfud=220914&vgd_scsver=418&vgd_optout=0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=602&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A728%3Brend_h%3A90&vgd_uspa=0&vgd_sc=IL&vgd_l1rhst=contextual.media.net&hvsid=00001678493277450028075641951221&rc=0&rand=1678493277773&acid=c60abdf9776e4aceb675092d29c4b448&matm=1678493277773&vgd_ltimesrc=1&vgd_ltime=825&vgd_rtime=667&vgd_etm=8&vgd_l1hcsd=Om355%7C1514&vgd_l1ch=1&vgd_lhl=2897&vgd_pgid=p01070296690t202303110007&vgd_csip=rtb-appnexus-6f84788487-bqtwj.SC&vgd_sbSup=1&vgd_nrrs=8251&vgd_cdv=891&vgd_cntrdt=SF%7Cgoogleads.g.doubleclick.net&vgd_eadm=1&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=764724967&size=728x90&cc=US&sc=IL&chnm=HARMONY&pid=8POJ4N28G&tpid=TL388V6&https=1&vif=2&requrl=http%3A%2F%2Fasta.ee%2Fs&nse=5&vi=1678493277339808009&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B4xqNa/qx4&bcpf=B4xqNa8fOnRrolnfOur8%2Fqx4&bdrId=294&bid=337997&ntv=0&matchstring=hr%3D0%7C&sff=0&katpre=1&katbid=-102&pgid=p01070296690t202303110007&essld=fF9f%3AkkNW%3A999u%3A9999%3A9999%3A9999%3A9999%3A9999~Pb~_t~Q71kkmLO&htmlsrc=1&isid=294&allsc=IL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-163-93.deploy.static.akamaitechnologies.com

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
date: Sat, 11 Mar 2023 00:07:57 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Sat, 11 Mar 2023 00:07:57 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 5F82 29 KB
10 KB 41ms
40ms Script
text/javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 13:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Mar 2023 13:49:57 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EB2F 0
0 65ms
64ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyLAcFvrbqyxK6CmbjewYoxiizXDR2vdpxklj4q1yvNsn_w4D3_f8oYeNX3sRNioCPxOtIk3vVdWdQEJIa0ctAjK385NGU4bjuUisBGFDikUeSxQkPw-8TvAhnSC0891DBjLtV2mNkmKzlvEYuy3Q8ym9QOGNI3t5e1HnHdUrsPTnJ9PM3l2h5tmniTf8QDO35QZkBT6yu3oLsrYrT4GwX0mkteRTCtY7er98-7u-eT63DE19dXZTYftOxfN7aGv9HHmPA-SQe1uesa4RQse6iFz0LT0mUaULwRf4j7yqopHB6kNigtY659NC9u5roFHSB-LIcXnPf47LVAJY7iw6KbRKSx9kZyXdmd2mjyETJtWd6uYBuC72amMKFakMezDgL2kIAvoyITC7vXTXFlb2siPB69tn8sskAL7Hf7Nvgv9X9sCtfP3bxljn_EMpxQVbFszr4u57MWIH0YCLg0k4G58X1NOFm0fPW3pOfyCUgp26LiuGwV-fiFrdphxZuvwfD2bOhhjwO7ydtYBgmtrpW1t4tAzVNByUHslPYs3DZdIoAynLCltbRyTFrl2ScuM7V6FLnaCVerI1HFM1U3aY6uuR9yIA4t7CKi5TELluiipYHqtfHXBRzhdgcnp1ERQG0LN4WV-t_TcI5YCNZKayWSrVO_w0Pwunn713YP8cKmmZ7jcDoykODurpfuczr6XkBpRd1SoW1OMYKiaHCPhKGPiontHQaxEA0qDsBn1JjLIYDbViWLvqgW0u9kr-0f4CQSVNHPQJG1a1zHEMAYVUNP5gx-Vrm479esxDDFma5HFjhPxpln9B3fmOG7UJGoBaH_l_woC8r40qOo4iEyae4v465xiUjpq5UIXyUOLDz2R2y5ATA6cc_vkDcAt7-s0RvSop5hVmrOnd90093S6wkeOZuzHu0sji8yq4p-z48oDiH2UFXBDRBAjNc60qMtrBi_mh6X55OVrCcIUm6FrSrj-zDypJNo4vnHgv7l8yx5ZmyLpXdPZVZlHANwOFI1WbMNu41vCkp5wmWXKMqPP7stJTlYUZtqnPEcuX3KI_0NB18gZov2SkPieXiSqsOiIf_eiFN7kBEdTC4FsWwYXkyYSK-CvmGTR2mbB04WA&sai=AMfl-YQv5K4XAhoi6NO8tNyxqvfSgNUAVZaw5LsBIh05Jop72vVMJUnGG3e5Gc40KTw12lApECfJiFqQd3VCmSz3n4IChA_GrALvQsc6kw-otzQ2XlFTXjQ405aYlNUQvmwzWsP20KBxiKjn5dIE5yJwJOTe1J_kcn2lmMmAn2_ckvEFDLQOqGU&sig=Cg0ArKJSzMFtl4ZaLN_oEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=487&vt=11&dtpt=227&dett=3&cstd=256&cisv=r20230308.34416&arae=0&ftch=1&adurl=

Requested by

Host: asta.ee
URL: http://asta.ee/s/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 00:07:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 11 Mar 2023 00:07:58 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 141ms
61ms XHR
application/json 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230308&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072742

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

467f3e82a8adada04892c4b9a2d67d3091c4926701336d904e64957ae80b3e80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 00:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11253
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CE0 0
20 B 63ms
62ms Image
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnzmsXcYLZJH4GpvY1wXd4pjgDQAAAAA4AeAEAg&bg=!AgGlAVXNAAZKh9k7aoc7ADkAdvg8Wo8wuaUbWox9mbPgWBr7fY1vSuFFJNKUQBLQesm-cwMDdTAyZUcq7nJThCOhLW9vkQU24UYCAAAAd1IAAAADaAEHCgBgLcjaVADshWMXX1WnYj7CpeDdTuohNclaVei4DsgmoxepdkNfitY5LWMinQheMs6YOlOk8MvOL-tUKgjTsUnWDfSbQxbEGFb5e8Kcy801xXcGYms88V4SwwL9YsKWkETSmQL2E3D0ofaSIknXR5HF6m_46H2SVA02LelET-66-71RJ3flc0Y1pFbRCFYxnN24zzK1V4IhFW3nnfLqFrHK_EODyCQip63SNnXjaVdVQhqoefmdD-eB9naF7O_DtiW1sx1UfPyl6ZUYc_SlU9CP8FI5sQ3Htr8E4kETHIGJWMnXHLVHgLhun9ZMZl-X3RQeO-Hg2C3j_pSp4fD9FNuX08JbXJJEp_MAPkgdeDwr2mS9wQpd7jcAG696f1AlMGJjSljPBDUsL6d4MV0fl0W5lTrLCf1MSxGiLjg726owUchwVIQBZ45mbR4ypGYHCh6bg6s6IyBvJcoayXHsCUTSWqr2ruafz14NeryQvcMGPiOVyxVZhb3f12jKk_-0e1vYlv-5mVL2ZGBOeSRmN3wXl1AMpsl3Jh7T2CiJMgdA4Y6voIf1f3rbQdkgeJjlq3qdYqZ_FvpwrnYz6eUq4rhMw8roYoayj1JgExSlE7cJMhf1ZP1vppiB9O4c7x3MjdYi1G4RsxjiIsO26E6EpqLjQjrjRmD3k8_DHyowzgw8KnCXZtX9yi0HyWGUMMDJgA6CIcetpI1fOT7X5TQ6Qjd8VFtzSkQ4QUaXorWwVjOkyIYyDE1WDKWq8fainCIEBsrw8-77ft4airLX1FZO1ieNDPuEZC28JLlyfFnLmArAlIb1orUNx0eGav2vIx9U4sDfVsMTbnLM43aKXEcRKsabuBi0wiHcnt8wVuqDbxIyjtLPt6Gb23WhlhN2aX3ymIgNB2R5VfMWfnVZgspzj7k3ZkKOolmTRJWSOgMI4K6r5_uhv-aVINW0G48FKnoCeqoCm6pJi3QqVrT_sXa5hG-IPkWx-vt_f9JgOcw6hO1_V2eugksRdv9Q9ZiAENKdDYOPRzyBxx66K-ZmY5ilEY4RwftuyBrhuRyEnf9P9mBmJH2katAAghQ_TUm8i3KkZYv6MMtrnuqhxJ6CBlkGTs7YtVibNBFY22qGOfH1hX0lbh8qMQDxOmxl-nU

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Mar 2023 00:07:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 btn-legales.svg
s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/ Frame 5F82 1 KB
734 B 41ms
40ms Image
image/svg+xml 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/btn-legales.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

169a7f3f578c6fdac28ae763e2c90582bf1b54f6016fa47dd989e926269ffae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 705
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 17:06:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Mar 2024 15:10:35 GMT

GET
H3 200 logo-citibanamex.svg
s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/ Frame 5F82 16 KB
4 KB 45ms
43ms Image
image/svg+xml 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/logo-citibanamex.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27994036ea842835f35e2ad13ab764fdbea347f3e63a3979b7827fdbdb460fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3895
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 17:06:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Mar 2024 15:10:35 GMT

GET
H3 200 CTA.svg
s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/ Frame 5F82 3 KB
1 KB 47ms
44ms Image
image/svg+xml 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/CTA.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16c85bc55f5af6570e981b33e4cbbc02cfa223b09c246ee00d1a6d71b0ba98d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1244
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 17:06:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Mar 2024 15:10:35 GMT

GET
H3 200 E3T3.svg
s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/ Frame 5F82 3 KB
1 KB 51ms
48ms Image
image/svg+xml 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/E3T3.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bd122f971b6310bdf95bf4ad0f98d88d86500cfcb51373ee34bd200fc28e37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1121
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 17:06:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Mar 2024 15:10:35 GMT

GET
H3 200 E3T2.svg
s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/ Frame 5F82 3 KB
1 KB 50ms
48ms Image
image/svg+xml 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/E3T2.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

718d0e3cf2098a5b14031679985c400d9f04a1f818d67fb701644b2775a8dfb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1193
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 17:06:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Mar 2024 15:10:35 GMT

GET
H3 200 E3T1.svg
s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/ Frame 5F82 3 KB
1 KB 51ms
49ms Image
image/svg+xml 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/E3T1.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfd5672cf4abfc1d289403761bafbb7aa4817254e03681717afcd71e29723da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1117
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 17:06:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Mar 2024 15:10:35 GMT

GET
H3 200 imagen3.jpg
s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/ Frame 5F82 9 KB
9 KB 73ms
71ms Image
image/jpeg 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/imagen3.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d08651804845fcf038b3d3b5e9f0b03b5f3645a388b9832ce05a18086fcef74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:10:35 GMT
x-content-type-options: nosniff
age: 291443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9317
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 17:06:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Mar 2024 15:10:35 GMT

GET
H3 200 E2T3.svg
s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/ Frame 5F82 3 KB
1 KB 45ms
44ms Image
image/svg+xml 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/E2T3.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd28d527aa6817aaea4bbfd70a4aa684919eee3c5a21af1b97734c7a812bbe4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1210
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 17:06:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Mar 2024 15:10:35 GMT

GET
H3 200 E2T2.svg
s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/ Frame 5F82 4 KB
1 KB 51ms
49ms Image
image/svg+xml 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/E2T2.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ff790769fad2e3e875014cba5bee941541b2766db22b62d2354bef67584ce76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291442
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1323
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 17:06:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Mar 2024 15:10:36 GMT

GET
H3 200 E2T1.svg
s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/ Frame 5F82 3 KB
1 KB 72ms
70ms Image
image/svg+xml 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/E2T1.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7129fc72cdd9bc4d4f7bd726cd9986962541bdc79ab089dd4b32b817b5454721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291442
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1150
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 17:06:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Mar 2024 15:10:36 GMT

GET
H3 200 imagen2.jpg
s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/ Frame 5F82 10 KB
10 KB 52ms
51ms Image
image/jpeg 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/imagen2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e396923529407827119d29944032ce1dd4e752be271315c4c750513fa24328a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:10:36 GMT
x-content-type-options: nosniff
age: 291442
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10583
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 17:06:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Mar 2024 15:10:36 GMT

GET
H3 200 E1T2.svg
s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/ Frame 5F82 3 KB
1 KB 71ms
69ms Image
image/svg+xml 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/E1T2.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee0a73baf25999a370abe105e110a752dfcb32a08c8bd191fe5f131fe755de32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291442
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1262
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 17:06:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Mar 2024 15:10:36 GMT

GET
H3 200 E1T1.svg
s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/ Frame 5F82 2 KB
972 B 70ms
68ms Image
image/svg+xml 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/E1T1.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bd9743c0c30d1a4f49b2d0ee1e875aada5dacb6dfe2d30d90a21f4326670f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291442
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 943
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 17:06:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Mar 2024 15:10:36 GMT

GET
H3 200 imagen1.jpg
s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/ Frame 5F82 11 KB
11 KB 61ms
60ms Image
image/jpeg 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/imagen1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed7e64e1d9b0a383edf1884664e2bc85ecea1d6dc93ac75bc7128b0dbd86d609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14593609062821989707/BNR_CITI_EquityDigital2_160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:10:36 GMT
x-content-type-options: nosniff
age: 291442
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11250
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 17:06:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Mar 2024 15:10:36 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072742

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 00:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Mar 2023 00:07:58 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4838 13 KB
5 KB 42ms
40ms Document
text/html 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://asta.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 14152
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 20:12:06 GMT
expires: Sat, 09 Mar 2024 20:12:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FC52 783 B
1 KB 151ms
60ms Document
text/html 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3be6e1b2ec1532fbe2e4c2dda851d7f61b1740fd2d6465afa9b978daf56660da

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uEiZ3Z9JU-6iJPAGVBECEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://asta.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-uEiZ3Z9JU-6iJPAGVBECEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 00:07:58 GMT
expires: Sat, 11 Mar 2023 00:07:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 haezTdMeijvNpzpe-iMvzf0waJjhxHRsaf2aRdVkA3o.js Show response
pagead2.googlesyndication.com/bg/ Frame 4838 36 KB
14 KB 40ms
39ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/haezTdMeijvNpzpe-iMvzf0waJjhxHRsaf2aRdVkA3o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85a7b34dd31e8a3bcda73a5efa232fcdfd306898e1c4746c69fd9a45d564037a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 16:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14212
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Mar 2024 16:37:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FC52 0
0 60ms
59ms Image
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230308&jk=716618282561282&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4838 0
10 B 40ms
39ms Image
text/plain 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?i7NIsw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 00:07:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 log
hblg.media.net/ Frame 0B9B 35 B
200 B 43ms
42ms Image
image/gif 23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?log=kfk&evtid=adplog&&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUU9JF8H&reqid=CLZDRXi7dUAN4pZfyBpNeA&vid=CLZDRXi7dUAN4pZfyBpNeA&dn=asta.ee&rawDn=asta.ee&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=http%3A%2F%2Fasta.ee%2Fs&cliIPV6=2602%3Affc8%3A0001%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=IL&ct=West+Chicago&zip=60185&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-appnexus-6f84788487-wc4rx.SC&dtc=east_sc&zone=d&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=713&sckfl=0&smbrid=adx-1&usp_status=0&usp_enf=1&gqid=AGJvddfPEmdqHdrCfkbpOYkvmoAqJ8ZAz7d6s-dCmcDWUlldBfkgzi4b9KBbnCfSDvn3tHfd&pexid=ADX-pub-6158005011030073&geoll=false&is_ortb=false&s_ip=74.125.40.13&s_city=morganton&commit_id=bd539c93&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-03-10+00%3A00%3A00&schain_cmpl=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&rtttime=124&pvid=294&prvAccId=764724967&prvApiId=8CU5RJ1PV&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=116211091&prspt=headerBid&prvReqId=117847720092318_25075585_11621109112941&reqsize=728x90&size=728x90&chnl=HARMONY&bdp=0.410&cbdp=0.213&og_cbdp=0.410&ogbdp=0.41&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Fsearch.yahoo.com&dfpBd=0.213&dt=O&dbf=1&epc=764724967&s=1&snm=SUCCESS&pcrid=8CU5RJ1PV-764724967-10-4&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=82&slotVisibility=1&adpos=1&iframingState=0&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1678493276930&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.41&dmm_erpm=true&dmm_ogerpm=false&bcrid=8032948058501&strg=HARMONY&vls=0&scrid=8032948058501&mang=1&pvdTmax=177&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CU5RJ1PV&mx_SPRIG=2&mx_bsBucket=1&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=1&mx_sid=8CUU9JF8H&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_tgs=728x90&mx_bsProfileRa=-1&mx_IAB2=2&mx_bss_algos%3C%3E=0%23%233&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsProfile=-1&mx_ssBucket=0&mx_TAF=3&mx_nids%3C%3E=xX8QddE_thUL&mx_gpid_sent=false&mx_commit_id=ddc45ef88c&acid=8f76c5cfbb334ac4ae39617e0823a48d&rtime=25.0&wsip=mowx-lite-6c456f48f8-r8wpn&ltime=41.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D0&adtypes=0&adblk=991847123&impId=1&reftime=0&reftype=0&keywordSellerId=false&psrc=fail&mowxReqId=8f76c5cfbb334ac4ae39617e0823a48d_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=-1.0&rfc=-1&feedback_id=CLZDRXi7dUAN4pZfyBpNeA&supplyTagId=991847123&mnrfc=-1&viewability_vendor=EXCHANGE&actltime=41&debug_ts=2023-03-11+00%3A07%3A56&__expireat=1678493877185&mview=1&sc_pvid=319&sc_ogbdp=0.21&sc_adj0=0.0&sc_adj1=0.0&sc_adj2=0.0&sc_prspt=headerBid&sc_bdp=0.210&sc_cbdp=0.210&sc_cat=IAB-3&sc_advUrl=https%3A%2F%2Fsearch.yahoo.com&rme=adm&bdata=sd2%3Dnull~tt%3D0~iurl_l%3D10~ogerpm%3D0.41~vw_exc%3D0.82~vis_sd%3D251~url_rps_b%3D9.37~dom_b%3D1.26~dc2%3D1~scd%3Dtx~v_asn%3D20278~dom_l%3D20~vl2r_sd%3D2023031011~iurl_b%3D834.38~url_tkc%3D0~url_r2a_b%3D0~std%3D~last%3D~cvog%3D2.6~vis_url_b%3D0.56~ip%3D19J4TPabjzC4sVTIyGktGw~fbb%3D0~vis_url_l%3D0~riipua%3D18%2C18~et%3D23~rc%3D2%2C0~rps_sd%3D2023031018~vis_b%3D788.71~radv%3D0.000%2C0~url_b%3D1.2~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D10~gcat%3D-1~bb%3D196~vv%3D0~cvl2r_sd%3D251~l2r_b%3D1000~erpm%3D0.41~vl2r_url_kc%3D0E0~bm%3D1~sid%3D764724967~sd%3D0~uid%3D2IaGmMOgUlaUKIkVyh~url_rps_kc%3D0~cvl2r_b%3D2.6~btd%3D68618593809874083944289786181376870260623070506020783440784904382725554885588089358313215430754304~d2p_l%3D10~cvl2%3D2.6~3pcf%3D999.46~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D0.99~ogd2p_b%3D0.98~ss%3DNA~cc%3DUS~uiw%3D-1~ce%3D0~rps_b%3D134.98~url_srps_b%3D9.37~CI%3D2870~nts%3D1~tb%3D-1~bss_RVP%3DMB%2CNED~ct%3Dstafford~bss_KTW%3DMB%2CNED~rkwd%3D0.000%2C0~basis2%3D196~basis1%3D196~isRef%3D0~isif%3D0~lc%3D1~url_rpc_b%3D0~bid%3D0.41~dc%3D8~url_rps_rv%3D0~vl2r_b%3D3.86~supply_tag_id%3D%7Eviewability%3D0.82%7Eamp%3D1%7Ecbdp%3D0.410%7Edmm%3Dharmony%7Esuid%3D%7Edtc%3Deast_sc%7Exid%3DADX-pub-6158005011030073%7Edalg%3D%7Ehtml%3D1%7Eadblk%3D991847123%7Esobp%3D0.21%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.410%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D50%7Edogb%3D0-1~ibc%3D1~nsz%3D1~tgs%3D728x90~bsb%3D1~bsp%3D-1~tmx%3D177&utime=591&sf=0&cpr=0.6873993798622342&evttyp=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-163-93.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Mar 2023 00:07:58 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sat, 11 Mar 2023 00:07:58 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0B9B 42 B
64 B 61ms
61ms Fetch
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttlNg8t0jnaicf51IGC1CnSPdG_qhtz84Y2Kn4R_18x0Ji-hazFJlA4U4nE_vdQYKSTOREYzQ5hCIMIZ0Tmi1i-BgS&sig=Cg0ArKJSzDud2oB0zWFFEAE&id=lidar2&mcvt=1000&p=0,0,94,728&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=991847123&rs=2&la=0&cr=0&vs=4&r=v&rst=1678493276592&rpt=1101&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Mar 2023 00:07:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EB2F 42 B
64 B 62ms
62ms Fetch
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7VLgFaDDV72N-aiqqiOVcqjl6AqFtDmXxXQyGcvS4GzbN-j-3ZAKSET5AeRkQtCE6XrL8fbhuUL6W68RuZnjkionVWobKcMELqlRCsb87qnK-R8GYeC1FDw&sai=AMfl-YQnN3L7yaYGAIOOy02lUcIrAEGIIfxCKAT8yrsVbsnrF3Pd-CsTAcHHwQxj3kM3oJY4QLknZRr4txc_&sig=Cg0ArKJSzMJdwtRzf02hEAE&cid=CAQSGwDUE5ymY8qmitk2htG1hg-8_zbQKtbsPyBbexgB&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1849145940&rs=2&la=0&cr=0&vs=4&r=v&rst=1678493276602&rpt=1213&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Mar 2023 00:07:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bqi.php
lg3.media.net/ Frame 0B9B 15 B
15 B 71ms
70ms Image
text/javascript 23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=2403&lf=3&&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_itype_id=17&vgd_l2type=scs_newfl&vgd_bid=337998&vgd_cdv=891&vgd_cage=1&gdpr=0&prid=8PRVCXX19&cid=8CU5RJ1PV&crid=764724967&requrl=http%3A%2F%2Fasta.ee%2Fs&vi=1678493277350353905&ugd=4&cc=US&sc=IL&bdrid=294&subBdr=196&startTime=1678493277482&vgd_l1rakh=1678493277141286671&l1ch=1&buid=337998&tsrc=entity&sttm=1678493277491&upk=1678493277.451&hvsid=00001678493277491028075641952655&acid=8f76c5cfbb334ac4ae39617e0823a48d&verid=3111299&vgd_bdata=sd2%3Dnull~tt%3D0~iurl_l%3D10~ogerpm%3D0.41~vw_exc%3D0.82~vis_sd%3D251~url_rps_b%3D9.37~dom_b%3D1.26~dc2%3D1~scd%3Dtx~v_asn%3D20278~dom_l%3D20~vl2r_sd%3D2023031011~iurl_b%3D834.38~url_tkc%3D0~url_r2a_b%3D0~std%3D~last%3D~cvog%3D2.6~vis_url_b%3D0.56~ip%3D19J4TPabjzC4sVTIyGktGw~fbb%3D0~vis_url_l%3D0~riipua%3D18%2C18~et%3D23~rc%3D2%2C0~rps_sd%3D2023031018~vis_b%3D788.71~radv%3D0.000%2C0~url_b%3D1.2~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D10~gcat%3D-1~bb%3D196~vv%3D0~cvl2r_sd%3D251~l2r_b%3D1000~erpm%3D0.41~vl2r_url_kc%3D0E0~bm%3D1~sid%3D764724967~sd%3D0~uid%3D2IaGmMOgUlaUKIkVyh~url_rps_kc%3D0~cvl2r_b%3D2.6~btd%3D68618593809874083944289786181376870260623070506020783440784904382725554885588089358313215430754304~d2p_l%3D10~cvl2%3D2.6~3pcf%3D999.46~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D0.99~ogd2p_b%3D0.98~ss%3DNA~cc%3DUS~uiw%3D-1~ce%3D0~rps_b%3D134.98~url_srps_b%3D9.37~CI%3D2870~nts%3D1~tb%3D-1~bss_RVP%3DMB%2CNED~ct%3Dstafford~bss_KTW%3DMB%2CNED~rkwd%3D0.000%2C0~basis2%3D196~basis1%3D196~isRef%3D0~isif%3D0~lc%3D1~url_rpc_b%3D0~bid%3D0.41~dc%3D8~url_rps_rv%3D0~vl2r_b%3D3.86~supply_tag_id%3D%7Eviewability%3D0.82%7Eamp%3D1%7Ecbdp%3D0.410%7Edmm%3Dharmony%7Esuid%3D%7Edtc%3Deast_sc%7Exid%3DADX-pub-6158005011030073%7Edalg%3D%7Ehtml%3D1%7Eadblk%3D991847123%7Esobp%3D0.21%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.410%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D50%7Edogb%3D0-1~ibc%3D1~nsz%3D1~tgs%3D728x90~bsb%3D1~bsp%3D-1~tmx%3D177&matchstring=hr%3D0%7C&vgd_matchstr=hr%3D0%7C&vgd_sc=IL&infr=1&twna=1&dma=602&stime=1678493277127&vgd_ecrid=8032948058501&l1hcsd=l1!Om355|1514&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22east_sc%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&vgd_pgid=p01070296690t202303110007&vgd_pgids=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-163-93.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
date: Sat, 11 Mar 2023 00:07:59 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Sat, 11 Mar 2023 00:07:59 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EB2F 0
20 B 61ms
61ms Ping
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2860193738506&version=m202301230201&ct=76&x=1&cor=18440867543141276000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Mar 2023 00:07:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 64ms
63ms Image
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230308&jk=716618282561282&bg=!zs2lzZnNAAZKh9k7aoc7ADkAdvg8WgJdg9uH-VOB4SGY9x1f8nsJvupK-iAzm-ySrE6bqG92VqIw-0UnP-7bq6nlqumrIPcJAkoCAAAAs1IAAAACaAEHCgA5f2boVYQ3loPmSLySg8JnDAOXJJycFHBMMinbpcEh_WmZLH4khw9ZSaVKDy5Rkx9cbOw6ecRj1sQzmQLZ5AcYhRCwlUV-ZiLqBFuyhYMW3ISdQqsDB5HdohwnVw_OW_Z6ZdvYZPNrUTj6U2piFS_9vlApmAmAH5TlwZshR4Bn6MzmuTC2xVmjXnJMx_lZcQYcLntf38ZsB4nNONmWv0mdfCr71RPMli8-Nny33tZf3wuYX-qdcPs6Ms7vSU1Kakq04yvDc-FG_zs4RtfcmY2KXeP7KT4iEvzUpV1glc3l2cDUguequHTMXUFerkcunhnShQorI2eH0A3iN13RMUazrlrdK4lhJtHS80dWXzxM1AtshIl-IANPpygmK6KCeTocaJ8GUrHg8cblFz67dfPkHPLS-VTslIYQx66dDsa_CbfuV1f8-uocBV9HF5DbXl68pSQ4ea3hnAHu9YoXJpPkcZhpiZYaQH7heQaQW0niBtrUArgywU7nPGxccGLPuuuMiSpQYRcRUBn_flrSxe8Uhc8NVkZrdP7mX0jM2O0ERMxs7TevfJqFR3MOVecWsBDO_cXYsu5RNIF-u60Y6te8eYC0sRRY-1MEGhnSfsp4anFGLDUhXdqgzoOWfrFdp7nVUgHk_f5RPuanyGgMm9x-dMtf-A_uy2UUgFK5RAX-E6QXBT38vLDyDD9oANh71cO0xEvZ8O1_GloYF3xxba9Z7c7EQTG5OcWeWzjCQ1kNWGQymxNi6C6yzIjeOGzRVwLbdRYflCA4qhAZoNWwHmnjKIghQ3lRLWhmptRsiGaCF682fdtOWIjfOvz5NttkMZh6lM-8LOtbVykIVb_I2-ePNWOU6-XXKzBPPOjjRwAGKbEMQaVYZNgPztNaxkmQYY9i_HokflYMhTJbJbIM_t-ulRXW163NLdtcd5fbQ2ZjmHwA6VFFkHIDHLRZUV1W_ASFuk_TwLnXq84NoT2SzWrzaSHjiNOXdAU8-yCUxS7gOiyEL2ugNr9WQHXxBK633E135VYCWkaco6UexOCjryxg2ja3_gZS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://asta.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
asta.ee/	1969-12-31 23:59:59	Name: 07d38b9efe09302caf6b8a33dfe4a76c Value: 3fvfajl5hn6dmep7e4q6quleo1
asta.ee/	1969-12-31 23:59:59	Name: astratop Value: 1
.asta.ee/	1970-01-20 19:36:29	Name: __gads Value: ID=81b3da955d8e4235-229c0af8bbde001c:T=1678493276:RT=1678493276:S=ALNI_MZ725D91ApLERzr2fSffDxZIKPF_g
.asta.ee/	1970-01-20 19:36:29	Name: __gpi Value: UID=000009dfec8783e6:T=1678493276:RT=1678493276:S=ALNI_MbxfJrewnWWXc9mS91C9Vsz8XC2lw
.doubleclick.net/	1970-01-20 19:50:53	Name: IDE Value: AHWqTUmKSlSe0TkQLSpe4vspQX3wvVl4PNk121I7NjaDn4t07mFxDxqFlr-y1Ha51Po
.casalemedia.com/	1970-01-20 19:00:29	Name: CMID Value: ZAvGXcRuLx6YdHAzG28s-gAA
.casalemedia.com/	1970-01-20 12:24:29	Name: CMPS Value: 1345
.casalemedia.com/	1970-01-20 12:24:29	Name: CMPRO Value: 1345
.media.net/	1970-01-20 19:00:29	Name: visitor-id Value: 3214948776419502000V10
.adnxs.com/	1970-01-20 12:24:29	Name: uuid2 Value: 8528569440277673785
.adnxs.com/	1970-01-20 12:24:29	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU$p1Po_!]tbPl1M>e)ZlrFUfJ+tGXxpCHJOvP^#-dk]./adXrSQSL`u#8]5-TdtfFGybpRzqF1`*b^sQ)mjX0
.media.net/	1970-01-20 10:35:02	Name: data-g Value: CAESENrZe12dzGa_HisUdLTLRQc~~6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
asta.ee
cm.g.doubleclick.net
contextual.media.net
cs.media.net
dsum-sec.casalemedia.com
go.log.ee
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hblg.media.net
ib.adnxs.com
lg3.media.net
pagead2.googlesyndication.com
partner.googleadservices.com
qsearch-a.akamaihd.net
res-a.akamaihd.net
s0.2mdn.net
tpc.googlesyndication.com
warp.media.net
www.google.com
www.googletagservices.com
104.117.182.24
104.117.182.27
142.250.65.194
142.250.72.98
188.92.161.4
192.40.39.223
23.195.100.26
23.52.163.93
2607:f8b0:4006:807::2002
2607:f8b0:4006:808::2002
2607:f8b0:4006:809::2001
2607:f8b0:4006:80b::2006
2607:f8b0:4006:80f::2002
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81f::2002
2607:f8b0:4006:821::2002
2a02:e80:0:2102::2
68.67.160.114
01ebeb3fcdc269ef402f29f9fba025d3266fcd5c54ae7bca44aaa7c2cf738d93
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
167811d5e5e8f68668b6dc7b2dcc06bd400c4affb5ab7f9ea768e9b9a3a6c609
169a7f3f578c6fdac28ae763e2c90582bf1b54f6016fa47dd989e926269ffae8
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
16c85bc55f5af6570e981b33e4cbbc02cfa223b09c246ee00d1a6d71b0ba98d9
17d7f1795a57884d333ae95c1be3da6f0b1a509f919433c5bcb09b3cbdacc3e2
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07
1ac2ccb9d3e2cdc5c2603ce859e1bb643625c2645aed0f68e39d800733fa7476
1d08651804845fcf038b3d3b5e9f0b03b5f3645a388b9832ce05a18086fcef74
1ec164e9a4b440ad1e54a882d708a1dde0bad1f55d234bfe44731f33321d8234
27994036ea842835f35e2ad13ab764fdbea347f3e63a3979b7827fdbdb460fdf
29277744a42bd113d98fe7727596bfee6aa2832362c042ef120483f921f31f07
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
2b3731b9185d19fd73f6f4166520a59bddec9197ebdb0c94ec036053e3ade9cc
2bd9743c0c30d1a4f49b2d0ee1e875aada5dacb6dfe2d30d90a21f4326670f8d
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
30ff0b04567a261bcef13ebf1c68a8156cae29760a7c1a865febfd4dada5007c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31e85bf1c658620a43d42c00f5a1e5ba222da3237bda05efb6ecf12555ac032e
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
3be6e1b2ec1532fbe2e4c2dda851d7f61b1740fd2d6465afa9b978daf56660da
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
4646510ce4f9d852513b50bf48742dcee2049d22a207fc10c493a8a2d2881f2b
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
467f3e82a8adada04892c4b9a2d67d3091c4926701336d904e64957ae80b3e80
496a765cec43d0e8abf585c4059324004e992aa8d9ff67ccbe43590c685ba63d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd122f971b6310bdf95bf4ad0f98d88d86500cfcb51373ee34bd200fc28e37b
4f2fbb4d5bf77845cd4ac6e5864594d60e215aa9442c5f4f30fb52bf2981574f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
544e62e649c5d63a8713e2cc0c95d47285d4294c4abb7460679fcfbb01803507
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59a9589683a37a346459b98aaeabf83e1d022a66d02e7ea6722418ab5daa8de4
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
5c7d7d245d69bce2978dc3429d91a452136f85bec04fb5f645aa5c08168d77d7
5ff790769fad2e3e875014cba5bee941541b2766db22b62d2354bef67584ce76
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63cdb77fa5679b0dea0c648fd025b561f15c975ffa32d3d2daf9a19a24b68657
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
7129fc72cdd9bc4d4f7bd726cd9986962541bdc79ab089dd4b32b817b5454721
718d0e3cf2098a5b14031679985c400d9f04a1f818d67fb701644b2775a8dfb4
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
823920bb903424fa8c52bac52fa31109cd9e80c8c20f65ceecef86729e6dc80f
82789661281f0ac7e9b88a5b73c0ccdf7b028ba8f21f9c5d8c38794f0ab34bae
848904993af1ef529cb842da3ca585d4bdd6c36ac07cbb7b66295712a5133eb2
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
85a7b34dd31e8a3bcda73a5efa232fcdfd306898e1c4746c69fd9a45d564037a
8cc24c39a93a0f986596a0be4c2445ded12575831c1d373cf5aedcb11c5778d5
9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df
9e2a81185ae29f68ef084db1fef5e4c38d2098ab100f06c03d83f089324accbc
9ef48f21b13ebd271411b6138a700389582e9b3a61343e69ddd18389ec971d95
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a38ac0b9fd0550032cb1f53c26c67de49f256fa484ee57879e5f28a85561fd39
a3910e12a4178a3a926752e3b7a9083bbe87d8ba2de2897e355b790d22f2c208
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c1f8a31c1ffac719a6930db183e077fce4b40877d67aeabef1f2532bc04bb6
a8769406df5cc5a03420f3193d6a31cf5cb465062a91b09ee851b3700c80209b
af59827163444d99f2ff3854bb07efda404c0a101dcfae119cf0fe44957c882d
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8efe4a0e6a6754322fe6c09529fab576b5fbfb7ea28c17fe3fac6ee8de5e155
b95e71c3c698f7df2f2a46176ff66267908b949184453babf44a2c05cd281776
c2db4cfc1567910a66d4ca3d80eba5e622f7d77b0bdb1fffbf255e125678e3dd
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d336ad93b1479b85d6613b0ece6a0af749c40d4622250ea33717b88b41c43336
d568c3031c070a98e51eb1221cafe6bae9205056e593101afb4c8e2cab5eab75
dab2dd333c0796d438eb9a3c463ad168e8510d001c2a0c72d0f70731baf8cada
dd28d527aa6817aaea4bbfd70a4aa684919eee3c5a21af1b97734c7a812bbe4a
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dfd5672cf4abfc1d289403761bafbb7aa4817254e03681717afcd71e29723da6
e1e961c5757f366976e53c9ef0e05cea36620b33b02ba5acc3afab7c588b2f3a
e293e3f90b8c46528d8a2462a9547b02b87802c6bdc46fd6b51abe2793974c26
e396923529407827119d29944032ce1dd4e752be271315c4c750513fa24328a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
ed7e64e1d9b0a383edf1884664e2bc85ecea1d6dc93ac75bc7128b0dbd86d609
ee0a73baf25999a370abe105e110a752dfcb32a08c8bd191fe5f131fe755de32
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f26102462c7175b14831e9a7220dd134a2da5a594d567db2b9da943054aae939
fda5fd4eb688a7b39a017ae9d4c595ba1a61097e6be8bcc693a4e709cdd04018

asta.ee Open in urlscan Pro 188.92.161.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

114 Requests

75 %HTTPS

50 %IPv6

12 Domains

21 Subdomains

19 IPs

3 Countries

1279 kBTransfer

3321 kBSize

12 Cookies

3 Outgoing links

Page URL History

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

asta.ee Open in urlscan Pro
188.92.161.4 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

75 %
HTTPS

50 %
IPv6

12
Domains

21
Subdomains

19
IPs

3
Countries

1279 kB
Transfer

3321 kB
Size

12
Cookies

114 HTTP transactions
11 data transactions