garydemar.com Open in urlscan Pro
2606:4700:3035::ac43:c906 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://garydemar.com/
Effective URL:
https://garydemar.com/
Submission Tags: falconsandbox
Submission: On May 12 via api (May 12th 2021, 11:21:24 am UTC) from US

Summary HTTP 438 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 100 IPs in 11 countries across 84 domains to perform 438 HTTP transactions. The main IP is 2606:4700:3035::ac43:c906, located in United States and belongs to CLOUDFLARENET, US. The main domain is garydemar.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 29th 2020. Valid for: a year.

This is the only time garydemar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 51	2606:4700:303... 2606:4700:3035::ac43:c906	13335 (CLOUDFLAR...) (CLOUDFLARENET)
41	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
5	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	13.224.95.103 13.224.95.103	16509 (AMAZON-02) (AMAZON-02)
2 5	13.224.95.70 13.224.95.70	16509 (AMAZON-02) (AMAZON-02)
1 7	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
12	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
38 38	185.59.220.198 185.59.220.198	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:9f11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	35.201.96.133 35.201.96.133	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::6815:40f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2600:9000:219... 2600:9000:2190:5a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
18	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
4	150.136.26.45 150.136.26.45	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
4	13.224.103.105 13.224.103.105	16509 (AMAZON-02) (AMAZON-02)
2	37.252.161.190 37.252.161.190	29990 (ASN-APPNEX) (ASN-APPNEX)
6	52.22.66.224 52.22.66.224	14618 (AMAZON-AES) (AMAZON-AES)
2	52.208.100.147 52.208.100.147	16509 (AMAZON-02) (AMAZON-02)
5 11	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
4	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	213.19.162.61 213.19.162.61	3356 (LEVEL3) (LEVEL3)
7	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
11	169.63.109.126 169.63.109.126	36351 (SOFTLAYER) (SOFTLAYER)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	52.203.101.119 52.203.101.119	14618 (AMAZON-AES) (AMAZON-AES)
2 15	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
8 15	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
3 6	18.197.99.6 18.197.99.6	16509 (AMAZON-02) (AMAZON-02)
4 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
7 10	3.124.251.221 3.124.251.221	16509 (AMAZON-02) (AMAZON-02)
3 3	23.79.143.124 23.79.143.124	16625 (AKAMAI-AS) (AKAMAI-AS)
8	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
5 12	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
12 27	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
3 3	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
2 3	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
5 9	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
7	99.81.79.244 99.81.79.244	16509 (AMAZON-02) (AMAZON-02)
2 3	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
3 3	185.29.133.52 185.29.133.52	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2	34.246.207.243 34.246.207.243	16509 (AMAZON-02) (AMAZON-02)
5 5	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	18.158.81.184 18.158.81.184	16509 (AMAZON-02) (AMAZON-02)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	18.159.8.206 18.159.8.206	16509 (AMAZON-02) (AMAZON-02)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
3 4	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
15	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	185.86.137.133 185.86.137.133	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
2 2	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	139.162.78.222 139.162.78.222	63949 (LINODE-AP...) (LINODE-AP Linode)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	141.226.124.206 141.226.124.206	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.124.221 141.226.124.221	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.124.227 141.226.124.227	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.124.216 141.226.124.216	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.124.210 141.226.124.210	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.124.196 141.226.124.196	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.124.208 141.226.124.208	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.124.218 141.226.124.218	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a04:4e42:3::300 2a04:4e42:3::300	54113 (FASTLY) (FASTLY)
1	3.216.40.132 3.216.40.132	14618 (AMAZON-AES) (AMAZON-AES)
2	152.199.22.191 152.199.22.191	15133 (EDGECAST) (EDGECAST)
2	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
4	3.228.45.187 3.228.45.187	14618 (AMAZON-AES) (AMAZON-AES)
2 9	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	216.52.2.39 216.52.2.39	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
7	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.164 213.155.156.164	1299 (TELIANET ...) (TELIANET Telia Carrier)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4 4	52.49.40.147 52.49.40.147	16509 (AMAZON-02) (AMAZON-02)
1	173.231.181.122 173.231.181.122	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	162.55.6.210 162.55.6.210	24940 (HETZNER-AS) (HETZNER-AS)
3 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
1 1	188.165.137.78 188.165.137.78	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3039::6815:c038	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	38.91.45.7 38.91.45.7	398989 (DEEPINTENT) (DEEPINTENT)
1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.249 185.64.189.249	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
2 2	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	34.240.2.137 34.240.2.137	16509 (AMAZON-02) (AMAZON-02)
1 1	159.65.197.210 159.65.197.210	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	34.98.107.212 34.98.107.212	15169 (GOOGLE) (GOOGLE)
1 1	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	54.77.19.59 54.77.19.59	16509 (AMAZON-02) (AMAZON-02)
2	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
438	100

51 2606:4700:3035::ac43:c906 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

garydemar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.95.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-103.zrh50.r.cloudfront.net

s.206ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.95.70 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-70.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:116:800d:21:f916:5049:f87f:108e (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent-frt3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 185.59.220.198 (Frankfurt am Main, Germany) 38 redirects

ASN60068 (CDN77 (^_^)/, GB)

cdn.shortpixel.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:9f11 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.engine.4dsply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
engine.4dsply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.201.96.133 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 133.96.201.35.bc.googleusercontent.com

fadedsnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:40f1 (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:ba13 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.tpdads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2190:5a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 150.136.26.45 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

thepublisherdesk.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.103.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-105.zrh50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.161.190 (Bethnal Green, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.22.66.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

mantodea.mantisadnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ecs.mantisadnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.100.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.33.221.53 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.162.61 (United Kingdom)

ASN3356 (LEVEL3, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 169.63.109.126 (United States)

ASN36351 (SOFTLAYER, US)

in-appadvertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frx5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.101.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

display.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 13.248.242.197 (United States) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.197.99.6 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (United States) 4 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.124.251.221 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.79.143.124 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 69.173.144.138 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.186.130 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.49 (Frankfurt am Main, Germany) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:110:c305::8000 (United Kingdom) 2 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.18.234.21 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 99.81.79.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.133.52 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.246.207.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 66.155.71.149 (Portsmouth, United Kingdom) 5 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.81.184 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.8.206 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.148.27.140 (New York, United States) 3 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.151 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.78.222 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.206 (Israel)

ASN200478 (TABOOLA-AS, IL)

t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.221 (Israel)

ASN200478 (TABOOLA-AS, IL)

t2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.227 (Israel)

ASN200478 (TABOOLA-AS, IL)

t3.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.216 (Israel)

ASN200478 (TABOOLA-AS, IL)

t4.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.210 (Israel)

ASN200478 (TABOOLA-AS, IL)

t5.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.196 (Israel)

ASN200478 (TABOOLA-AS, IL)

t6.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.208 (Israel)

ASN200478 (TABOOLA-AS, IL)

t7.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.218 (Israel)

ASN200478 (TABOOLA-AS, IL)

t8.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.216.40.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ri.vompatle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.22.191 (United States)

ASN15133 (EDGECAST, US)

ad-cdn.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.228.45.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.164 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.49.40.147 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.181.122 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.6.210 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.210.6.55.162.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.137.78 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip78.ip-188-165-137.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c038 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Hjørring, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.40 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.240.2.137 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-2-137.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.197.210 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.107.212 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.37 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.19.59 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	taboola.com 2 redirects cdn.taboola.com trc.taboola.com 15.taboola.com images.taboola.com vidstat.taboola.com imprammp.taboola.com am-match.taboola.com wf.taboola.com am-vid-events.taboola.com sync-t1.taboola.com sync.taboola.com match.taboola.com t1.taboola.com t2.taboola.com t3.taboola.com t4.taboola.com t5.taboola.com t6.taboola.com t7.taboola.com t8.taboola.com pips.taboola.com cds.taboola.com am-wf.taboola.com	2 MB
51	garydemar.com 2 redirects garydemar.com	2 MB
42	doubleclick.net 12 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net ad.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	195 KB
38	shortpixel.ai 38 redirects cdn.shortpixel.ai	25 KB
35	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com	183 KB
34	pubmatic.com 2 redirects simage2.pubmatic.com image2.pubmatic.com ads.pubmatic.com image6.pubmatic.com aud.pubmatic.com image4.pubmatic.com	241 KB
25	rubiconproject.com 8 redirects fastlane.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com	51 KB
16	adnxs.com 6 redirects prebid.adnxs.com ib.adnxs.com acdn.adnxs.com secure.adnxs.com	47 KB
15	adsrvr.org 8 redirects match.adsrvr.org	6 KB
12	gstatic.com fonts.gstatic.com	263 KB
11	fbcdn.net static.xx.fbcdn.net scontent-frt3-2.xx.fbcdn.net scontent-frx5-1.xx.fbcdn.net	172 KB
11	in-appadvertising.com in-appadvertising.com	8 KB
10	criteo.com 4 redirects dis.criteo.com gum.criteo.com mug.criteo.com	4 KB
10	revcontent.com assets.revcontent.com trends.revcontent.com cdn.revcontent.com images.revcontent.com	117 KB
10	bidswitch.net 7 redirects x.bidswitch.net	3 KB
9	casalemedia.com 5 redirects dsum-sec.casalemedia.com ssum.casalemedia.com	9 KB
7	yahoo.com 5 redirects ads.yahoo.com pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	5 KB
7	a-mo.net prebid.a-mo.net	2 KB
7	quantserve.com 1 redirects secure.quantserve.com pixel.quantserve.com	28 KB
6	advertising.com 3 redirects pixel.advertising.com	2 KB
6	mantisadnetwork.com mantodea.mantisadnetwork.com ecs.mantisadnetwork.com	2 KB
6	technoratimedia.com thepublisherdesk.technoratimedia.com ad-cdn.technoratimedia.com	11 KB
5	sitescout.com 5 redirects pixel-sync.sitescout.com	3 KB
5	krxd.net cdn.krxd.net beacon.krxd.net consumer.krxd.net	88 KB
5	bfmio.com display.bfmio.com Failed sync.bfmio.com	3 KB
5	fadedsnow.com fadedsnow.com	31 KB
5	scorecardresearch.com 2 redirects sb.scorecardresearch.com	3 KB
4	bidr.io 4 redirects match.prod.bidr.io	2 KB
4	contextweb.com 3 redirects bh.contextweb.com	2 KB
4	googletagservices.com www.googletagservices.com	134 KB
4	openx.net 3 redirects us-u.openx.net rtb.openx.net u.openx.net	1 KB
4	spotxchange.com 4 redirects sync.search.spotxchange.com	3 KB
4	districtm.io dmx.districtm.io cdn.districtm.io	400 B
4	amazon-adsystem.com c.amazon-adsystem.com	37 KB
4	googleapis.com ajax.googleapis.com www.googleapis.com fonts.googleapis.com	9 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	turn.com 2 redirects ad.turn.com r.turn.com	1 KB
3	2mdn.net s0.2mdn.net	206 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net	855 B
3	rlcdn.com id.rlcdn.com api.rlcdn.com	442 B
3	quantcount.com rules.quantcount.com	2 KB
3	tpdads.com cdn.tpdads.com	93 KB
3	4dsply.com cdn.engine.4dsply.com engine.4dsply.com	124 KB
2	avct.cloud 2 redirects ads.avct.cloud	894 B
2	adform.net 2 redirects c1.adform.net	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com	996 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	smartadserver.com rtb-csync.smartadserver.com	860 B
2	lijit.com ce.lijit.com Failed ap.lijit.com	1 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	3lift.com 2 redirects eb2.3lift.com	930 B
2	google.com www.google.com adservice.google.com	666 B
2	yieldmo.com ads.yieldmo.com	705 B
2	facebook.com www.facebook.com	17 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	rddywd.com rddywd.com	1 KB
2	facebook.net connect.facebook.net	65 KB
1	gumgum.com 1 redirects rtb.gumgum.com	228 B
1	playground.xyz 1 redirects ads.playground.xyz	485 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	simpli.fi um.simpli.fi	609 B
1	zeotap.com mwzeom.zeotap.com	305 B
1	deepintent.com match.deepintent.com	44 B
1	ad4m.at ad4m.at	992 B
1	erne.co 1 redirects green.erne.co	326 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	535 B
1	loopme.me 1 redirects csync.loopme.me	211 B
1	adgrx.com cm.adgrx.com	408 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	vompatle.com ri.vompatle.com	38 B
1	bttrack.com bttrack.com	380 B
1	appier.net 1 redirects s.c.appier.net	362 B
1	emxdgt.com e1.emxdgt.com	59 B
1	adkernel.com dsp.adkernel.com	233 B
1	google.co.uk adservice.google.co.uk	799 B
1	google.de www.google.de	107 B
1	onesignal.com cdn.onesignal.com	3 KB
1	206ads.com s.206ads.com	3 KB
0	exelator.com Failed loadus.exelator.com Failed
0	wbtrk.net Failed um.wbtrk.net Failed
438	84

	Domain	Requested by
51	garydemar.com	2 redirects garydemar.com
38	cdn.shortpixel.ai	38 redirects
27	cm.g.doubleclick.net	12 redirects googleads.g.doubleclick.net d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
24	images.taboola.com	garydemar.com
19	pagead2.googlesyndication.com	garydemar.com securepubads.g.doubleclick.net d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
15	simage2.pubmatic.com	ads.pubmatic.com
15	match.adsrvr.org	8 redirects imprammp.taboola.com am-match.taboola.com d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com ads.pubmatic.com
13	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
13	tpc.googlesyndication.com	fadedsnow.com securepubads.g.doubleclick.net d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com garydemar.com googleads.g.doubleclick.net tpc.googlesyndication.com
12	fonts.gstatic.com	fonts.googleapis.com
12	cdn.taboola.com	garydemar.com cdn.taboola.com
11	in-appadvertising.com	cdn.tpdads.com in-appadvertising.com ads.pubmatic.com
11	ib.adnxs.com	5 redirects cdn.tpdads.com acdn.adnxs.com
10	x.bidswitch.net	7 redirects imprammp.taboola.com am-match.taboola.com
9	image2.pubmatic.com	2 redirects ads.pubmatic.com
9	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	pixel.rubiconproject.com	1 redirects eus.rubiconproject.com
8	eus.rubiconproject.com	imprammp.taboola.com am-match.taboola.com eus.rubiconproject.com cdn.tpdads.com
7	ads.pubmatic.com	in-appadvertising.com ads.pubmatic.com
7	trends.revcontent.com	assets.revcontent.com
7	prebid.a-mo.net	cdn.tpdads.com
6	pixel.advertising.com	3 redirects imprammp.taboola.com am-match.taboola.com
5	sync.taboola.com	2 redirects
5	pixel-sync.sitescout.com	5 redirects
5	sync-t1.taboola.com	imprammp.taboola.com am-match.taboola.com
5	trc.taboola.com	cdn.taboola.com
5	fadedsnow.com	garydemar.com fadedsnow.com
5	sb.scorecardresearch.com	2 redirects garydemar.com
5	securepubads.g.doubleclick.net	garydemar.com securepubads.g.doubleclick.net www.googletagservices.com
4	match.prod.bidr.io	4 redirects
4	mug.criteo.com	in-appadvertising.com
4	gum.criteo.com	2 redirects
4	sync.bfmio.com	cdn.tpdads.com sync.bfmio.com
4	bh.contextweb.com	3 redirects
4	googleads4.g.doubleclick.net	garydemar.com googleads.g.doubleclick.net
4	www.googletagservices.com	securepubads.g.doubleclick.net garydemar.com d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
4	token.rubiconproject.com	4 redirects
4	sync.search.spotxchange.com	4 redirects
4	mantodea.mantisadnetwork.com	cdn.tpdads.com
4	c.amazon-adsystem.com	cdn.tpdads.com c.amazon-adsystem.com
4	thepublisherdesk.technoratimedia.com	cdn.tpdads.com
4	pixel.quantserve.com	1 redirects garydemar.com mantodea.mantisadnetwork.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com garydemar.com
3	ups.analytics.yahoo.com	3 redirects
3	sync.mathtag.com	3 redirects
3	s0.2mdn.net	garydemar.com d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
3	pr-bh.ybp.yahoo.com	2 redirects ads.pubmatic.com
3	sync-tm.everesttech.net	3 redirects
3	d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	secure-assets.rubiconproject.com	3 redirects
3	rules.quantcount.com	secure.quantserve.com
3	cdn.tpdads.com	s.206ads.com
3	secure.quantserve.com	garydemar.com mantodea.mantisadnetwork.com
2	api.rlcdn.com	ads.pubmatic.com
2	ads.avct.cloud	2 redirects
2	c1.adform.net	2 redirects
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	sync.1rx.io	2 redirects
2	d5p.de17a.com	2 redirects
2	ecs.mantisadnetwork.com	mantodea.mantisadnetwork.com
2	ap.lijit.com	2 redirects
2	acdn.adnxs.com	cdn.tpdads.com
2	cdn.districtm.io	cdn.tpdads.com
2	ad-cdn.technoratimedia.com	cdn.tpdads.com
2	dis.criteo.com	2 redirects
2	rtb-csync.smartadserver.com	ads.pubmatic.com
2	rtb.mfadsrvr.com	2 redirects
2	eb2.3lift.com	2 redirects
2	beacon.krxd.net	d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com cdn.krxd.net
2	ad.turn.com	2 redirects
2	cdn.krxd.net	googleads.g.doubleclick.net cdn.krxd.net
2	us-u.openx.net	2 redirects
2	am-vid-events.taboola.com
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	fastlane.rubiconproject.com	cdn.tpdads.com
2	dmx.districtm.io	cdn.tpdads.com
2	ads.yieldmo.com	cdn.tpdads.com
2	prebid.adnxs.com	cdn.tpdads.com
2	www.facebook.com	garydemar.com connect.facebook.net
2	fonts.googleapis.com	ajax.googleapis.com garydemar.com
2	www.google-analytics.com	garydemar.com www.google-analytics.com
2	rddywd.com	garydemar.com
2	cdn.engine.4dsply.com	garydemar.com cdn.engine.4dsply.com
2	connect.facebook.net	garydemar.com connect.facebook.net
1	am-wf.taboola.com	vidstat.taboola.com
1	cds.taboola.com	cdn.taboola.com
1	rtb.gumgum.com	1 redirects
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	match.adsby.bidtheatre.com	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	match.deepintent.com	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	ad4m.at	ads.pubmatic.com
1	green.erne.co	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	csync.loopme.me	1 redirects
1	cm.adgrx.com	ads.pubmatic.com
1	dsp.adfarm1.adition.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	ssum.casalemedia.com	1 redirects
1	images.revcontent.com
1	cdn.revcontent.com
1	ri.vompatle.com
1	pips.taboola.com	cdn.taboola.com
1	t8.taboola.com	cdn.taboola.com
1	t7.taboola.com	cdn.taboola.com
1	t6.taboola.com	cdn.taboola.com
1	t5.taboola.com	cdn.taboola.com
1	t4.taboola.com	cdn.taboola.com
1	t3.taboola.com	cdn.taboola.com
1	t2.taboola.com	cdn.taboola.com
1	t1.taboola.com	cdn.taboola.com
1	bttrack.com
1	s.c.appier.net	1 redirects
1	e1.emxdgt.com
1	dsp.adkernel.com
1	u.openx.net
1	match.taboola.com
1	consumer.krxd.net	cdn.krxd.net
1	rtb.openx.net	1 redirects
1	r.turn.com	d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
1	assets.revcontent.com	garydemar.com
1	ads.yahoo.com
1	id.rlcdn.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	imprammp.taboola.com	vidstat.taboola.com
1	15.taboola.com	cdn.taboola.com
1	scontent-frx5-1.xx.fbcdn.net	www.facebook.com
1	scontent-frt3-2.xx.fbcdn.net	www.facebook.com
1	www.google.de	garydemar.com
1	www.google.com	garydemar.com
1	display.bfmio.com	cdn.tpdads.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ad.doubleclick.net	fadedsnow.com
1	engine.4dsply.com	cdn.engine.4dsply.com
1	www.googleapis.com	garydemar.com
1	cdn.onesignal.com	garydemar.com
1	ajax.googleapis.com	garydemar.com
1	s.206ads.com	garydemar.com
0	loadus.exelator.com Failed
0	ce.lijit.com Failed
0	um.wbtrk.net Failed	d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
438	152

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
plus.google.com
twitter.com
www.youtube.com
popup.taboola.com
www.familyproof.com
pinterest.com
www.homeday.de
safesly.com
www.aboutyou.de
www.abbeywealth.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-29` - `2021-07-29`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
s.206ads.com ZeroSSL RSA Domain Secure Site CA	`2021-03-01` - `2021-05-30`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
4dsply.com Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
fadedsnow.com R3	`2021-04-27` - `2021-07-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.familyproof.com R3	`2021-03-29` - `2021-06-27`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2020-03-29` - `2022-03-29`	2 years	crt.sh
*.mantisadnetwork.com Amazon	`2020-11-13` - `2021-12-12`	a year	crt.sh
*.yieldmo.com Amazon	`2020-06-23` - `2021-07-23`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.a-mo.net R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh
*.in-appadvertising.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.bfmio.com Amazon	`2021-04-23` - `2022-05-22`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-03-01` - `2021-08-24`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-11` - `2021-06-30`	2 months	crt.sh
assets.revcontent.com R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
revcontent.com Amazon	`2020-07-08` - `2021-08-08`	a year	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-31` - `2022-03-31`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
consumer.krxd.net DigiCert SHA2 Secure Server CA	`2020-09-14` - `2021-09-14`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
vompatle.com Amazon	`2020-10-20` - `2021-11-18`	a year	crt.sh
cdn.revcontent.com R3	`2021-03-17` - `2021-06-15`	3 months	crt.sh
images.revcontent.com R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-16` - `2022-03-17`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh

This page contains 53 frames:

Primary Page: https://garydemar.com/
Frame ID: 322D3D47A568F00DD9F2419F088545E5
Requests: 206 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/zrt_lookup.html
Frame ID: 49F9FCBB3DEC184340963B63DC523B3F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: 11EFECBE9227356598ADDA6725C5D547
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: 8FC8AA0E19DD94602FB697CF2B54DFD3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=565645810252486&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a693937457274%26domain%3Dgarydemar.com%26origin%3Dhttps%253A%252F%252Fgarydemar.com%252Ff8d442cab706d%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgaryddemar&locale=en_US&sdk=joey&show_facepile=true&small_header=true&width=500
Frame ID: 352FBFE149435587EBB9C60C991B2AE1
Requests: 12 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8018197&crid=5558925&dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&cmcv=&pix=undefined&cb=1620818465621&uv=90398358&tms=1620818465621&abt=206725b_vA!206725b_vA!adh5c-1_vA!insc_vA!nrlc_vA!rvf1_vA!spa2_vA!ul90398-358_vB&ft=0&su=4&unm=INLINE_INSTREAM&aure=false&agl=1&cirid=C7B653863D1989021401244303739&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 4CE71E70BEFEB9280193FB5922B8FF9C
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: F2E5FC6586330AC35FBEADF3F17A2F5F
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 0FF73E76A549E6427F25A0903208FD36
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 201708307D5F559772D0E4AEA038C5EE
Requests: 11 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 961FED1233F759706B7E252D4AD43FFA
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 2F3705546F9A4CDA1839A40F50840418
Requests: 3 HTTP requests in this frame

Frame: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=73d1200b-a254-4745-bb31-64f7fbc33d52
Frame ID: 87E08123EAE821733CFE40CBDCE6604B
Requests: 1 HTTP requests in this frame

Frame: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DC5054234B262F9DB3AA9AD15B017745
Requests: 19 HTTP requests in this frame

Frame: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F096775AE51C843270BCDE59832C7541
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYB8V3hZ0roWJPub8KFFrhsO8Jv97LMR53YUkXOOe8JmscBg80tKlYXhevtQ5dKlnKuBU5NXWJXLQMCkMHXybKqjH7RjiHwMPRBeOJTc3s9kx7EbtzBszSO9Wh4k86ZzkYhxn9U8h9b4mdr1OWL7yTIPhW5ZmTn-FBf1Rf3QbgOuvxHg7ZWhBAVRtGxTNZYuF07jExQrPMBfFZl_qTbAxzbb-x9dC_R8bJM-mFUECsdm2hZspoTsdIAZjb_1-W1OjyRZBadWVwOJeGsGCrFyGoWYvM8-EFG7QOWwnpF7WCvO3TbvDk1A&sig=Cg0ArKJSzIxrS3wGlyYdEAE&urlfix=1&adurl=
Frame ID: DF14048A671A79D0BFD5876CD0872376
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY3qvMajAB&v=APEucNVI_DRPmdvVzV3k6BFANvKeuxT-VqOnE92e-xy684Gj-wu8snpa0EPMZSIpX2T8xc-qLl6Ye2GT0uOPL-ILo8QlSfxz7XlV-GpmONQmVziSm7zk0t9xzTMqLhDhQqQTomMCWfI3DGm4HACR6yWbKhTmdzeg245TXrYvSHp2CkvwhdCSj60syfePpGEp46qy_jPqq1JbDMURhKh1DLRrPIU0oYXIDw
Frame ID: 3EDB57487761BA6486948BEC6F34FC6D
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCp37T3ARjG9IedATAB&v=APEucNWJgx8AAF-xphB9gXU0ziDYgkyV4ndHvjA4fgBpyL0VJiF3hVs1DSjgbkacT65CKV23tKeD5au9nWZgiWQeQ3JNvV4jipdYvhhdyXFnouV7D0eGnap2utxkI060yz-HLRelB2H5JQC_y1oD3NFMXrG9ApY6VyvLSEtBb2_vj2as1V5dIF2-dWGGf9nMXvsU5f7GME74bP9EXUQSM7Y2alNYUt7mOw
Frame ID: DF3145F0879B861DC4762C651C58FC68
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 78AFF86BF7392764E9B10E4B967CCB8F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 883AD9B1532E4B8801AD14E138308067
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 992D8C6F03A47431EE9E1A8C8BE8723C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D1E60193EA94111700A857D4157A711E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CBBC37D5B93E1E3ED090891F59625C9E
Requests: 8 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9e8ff3fb-9a56-4b92-ab7f-5879e12ac731&tbid=7f350496-8b74-4146-9ac1-46b96950cd18-tuct7953fa1&query=taboola_hm%3D9e8ff3fb-9a56-4b92-ab7f-5879e12ac731&isDirect=0
Frame ID: 0FE9BC30422BC0FB2004EBA5E69187DC
Requests: 19 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.30.0
Frame ID: 09C23B95CF54F9227368EAFC3EDADCA2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 99A2FB751EEF5FC9DDD17A70A88AB0BD
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C4D2E88782525ADE4EF6B3151F1EBF72
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BA39317313B8374800AFBA35126D6492
Requests: 3 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1620818465232&secure=true&version=9&uuid=0cc331e4-d8f1-405b-a9b9-2eb57293253a&title=Gary%20DeMar&url=https%3A%2F%2Fgarydemar.com%2F
Frame ID: BB1CDE14F95AED66C52361331DD2AD32
Requests: 5 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifg=1&id=f1e98ef0-7c63-47ca-981a-2dfd2f2feaa9&gdpr=0&gc=&gce=1&us_privacy=
Frame ID: 7E5E9FA51B6B453CE05660ADA3277A6E
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 40984E34574157E1A477C1A4378E8C00
Requests: 1 HTTP requests in this frame

Frame: https://in-appadvertising.com/api/userSync.html?p=-1&s=-1&u=https://garydemar.com/
Frame ID: 69D074BF0D77046C1443DC1D1CC45FEA
Requests: 8 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifg=1&id=f1e98ef0-7c63-47ca-981a-2dfd2f2feaa9&gdpr=0&gc=&gce=1&us_privacy=
Frame ID: 5C097842F3B508551912CAAEB8A3AE99
Requests: 2 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1620818465728&secure=true&version=9&uuid=0cc331e4-d8f1-405b-a9b9-2eb57293253a&title=Gary%20DeMar&url=https%3A%2F%2Fgarydemar.com%2F
Frame ID: DE5CD7D4BE2C271D311AE660C90380A5
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 164531C7541BFD5A7E83A763F29C17ED
Requests: 2 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.30.0
Frame ID: 3AFC721DF5C78AB1C9A183D6786BBDED
Requests: 1 HTTP requests in this frame

Frame: https://in-appadvertising.com/api/userSync.html?p=-1&s=-1&u=https://garydemar.com/
Frame ID: D65F4A51D31F40914F717A4F7C27B31F
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159543&userIdMacro=PM_UID&&predirect=https%3A%2F%2Fin-appadvertising.com%2Fut%2Fus%3Fv%3D6%26trint%3Dgkg3k(o42%26usr%3DPM_UID
Frame ID: 70785863182A0B72738138FABB548725
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159543&userIdMacro=PM_UID&&predirect=https%3A%2F%2Fin-appadvertising.com%2Fut%2Fus%3Fv%3D6%26trint%3Dekg3k(o6H%26usr%3DPM_UID
Frame ID: 5495AB93C3D90F09CDE9B5A734AA9179
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E4BF1CA75DBCEA8ED28D33C8EF798E33
Requests: 24 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4F0A85792353039493357619C3B6F02F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Frame ID: 6A82B804FDB0929C3B154EBBB14D6271
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3286743539914541343
Frame ID: 9DB967A9F177993F87D46D2DBE5A335F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961362325721512080
Frame ID: EA9F403909543D68A9C2172CFEF9D4AB
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAI1K07BN3QAACzMVJAfrw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: 1ACD3D9B88F2DC145F81491FE3885AD3
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: C85514648AF669537273C0D5B60AEB25
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: 0ABF4EB43B353B764512665DA4176183
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7df12ed4-f03f-4b73-81a1-e5ab6d2c6977-003
Frame ID: C6B51B92C6C0A13859D3E057EAA4317F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=vgZke26FDg7zV9XiLdorWyzJ
Frame ID: 76BBA2455B0614093657BB2785E37F78
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 3BC00D2F8034E2FEB13EE6E4A54BCCA5
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 7B11D0321B8CC2583E5E9E599948C246
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=F1jC7PpJWa0w&pid=557219
Frame ID: 80FB7AF125D3D7F5936B13F6C9B92EC2
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 18355FEE9F83021838136AA529A5D7C6
Requests: 1 HTTP requests in this frame

Frame: https://in-appadvertising.com/ut/us?v=6&trint=gkg3k(o42&usr=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6
Frame ID: EB896A9D0D42E4A5F0E92BAB1B2A340C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://garydemar.com/ HTTP 301
https://garydemar.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

script /googleapis\.com\/.+webfont/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

438
Requests

98 %
HTTPS

29 %
IPv6

84
Domains

152
Subdomains

100
IPs

11
Countries

5929 kB
Transfer

12909 kB
Size

5
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/garydemar

Search URL Search Domain Scan URL

URL: https://plus.google.com/109861627111828068484

Search URL Search Domain Scan URL

URL: https://twitter.com/garydemar

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TheGaryDeMarShow

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en
Title: Ad

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=thepublisherdesk-garydemarcom&utm_medium=referral&utm_content=organic-thumbnails-rr2:Organic%20Right%20Rail%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://www.familyproof.com/top-10-home-gadgets/?tmpl=1&utm_source=taboola&utm_medium=exchange#tblciGiCr94wnuyI93HvdAB2RiAJi5SiLjVv1Ab2IYlN3yaTXQSCBs0AoutuX0NmH-qHGAQ
Title: Trending Stories

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://garydemar.com/where-to-view-gary-demars-daily-articles/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?status=Where+to+View+Gary+DeMar%26%238217%3Bs+Daily+Articles%20-%20https://garydemar.com/where-to-view-gary-demars-daily-articles/

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://garydemar.com/where-to-view-gary-demars-daily-articles/&media=https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail.jpg&description=Where+to+View+Gary+DeMar%26%238217%3Bs+Daily+Articles

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://garydemar.com/where-to-view-gary-demars-daily-articles/

Search URL Search Domain Scan URL

URL: https://www.homeday.de/de/di/immobilienverkauf/?hs11=Preisrechner:+Jetzt+direkt+den+Wert+Ihrer+Immobilie+ermitteln&utm_campaign=0162_TB_RH_DT_PREISRECHNER_EXPERTE&utm_source=taboola&utm_medium=display&utm_term=thepublisherdesk-garydemarcom&utm_content=2988451469&gclid=GiCr94wnuyI93HvdAB2RiAJi5SiLjVv1Ab2IYlN3yaTXQSD6k0ko08rR1-Cl3vffAQ&taboolaclickid=GiCr94wnuyI93HvdAB2RiAJi5SiLjVv1Ab2IYlN3yaTXQSD6k0ko08rR1-Cl3vffAQ&tblci=GiCr94wnuyI93HvdAB2RiAJi5SiLjVv1Ab2IYlN3yaTXQSD6k0ko08rR1-Cl3vffAQ#tblciGiCr94wnuyI93HvdAB2RiAJi5SiLjVv1Ab2IYlN3yaTXQSD6k0ko08rR1-Cl3vffAQ
Title: Homeday

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=thepublisherdesk-garydemarcom&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://safesly.com/579e1305-bcf2-4562-9f87-91dd2b5e975f?site=thepublisherdesk-garydemarcom&title=Wer+eine+Immobilie+besitzt%2C+sollte+diesen+genialen+Rechner+kennen&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fb3323c9025f12bf4bfff2ce1280fd873.jpg&campaign=DE_McMakler_LP_Desktop1&utm_content=2995514236&conversionname=6H_Lead&click_id=GiCr94wnuyI93HvdAB2RiAJi5SiLjVv1Ab2IYlN3yaTXQSC4y0Aort-8xpzJ9qZo&tblci=GiCr94wnuyI93HvdAB2RiAJi5SiLjVv1Ab2IYlN3yaTXQSC4y0Aort-8xpzJ9qZo#tblciGiCr94wnuyI93HvdAB2RiAJi5SiLjVv1Ab2IYlN3yaTXQSC4y0Aort-8xpzJ9qZo
Title: Immo Helden

Search URL Search Domain Scan URL

URL: https://www.aboutyou.de/s/fli-papigu-6538?utm_source=taboola&utm_medium=display-b&utm_campaign=cct.traffic_l.de-de_p.desktop_flipapigu_mood&product_052021_ct.nc&utm_content=2993388319&utm_term=1090371&tblci=GiCr94wnuyI93HvdAB2RiAJi5SiLjVv1Ab2IYlN3yaTXQSD87j8okuHH55m06Ph3#tblciGiCr94wnuyI93HvdAB2RiAJi5SiLjVv1Ab2IYlN3yaTXQSD87j8okuHH55m06Ph3
Title: ABOUT YOU

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=thepublisherdesk-garydemarcom&utm_medium=referral&utm_content=thumbs-feed-01-y-em-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.abbeywealth.com/free-pension-review-taboola?utm_source=oct20germanydesktop&tblci=GiCr94wnuyI93HvdAB2RiAJi5SiLjVv1Ab2IYlN3yaTXQSCjyEIop6bR1PCc03E#tblciGiCr94wnuyI93HvdAB2RiAJi5SiLjVv1Ab2IYlN3yaTXQSCjyEIop6bR1PCc03E
Title: Abbey Wealth

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://garydemar.com/ HTTP 301
https://garydemar.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://garydemar.com/www/wp-content/themes/blackmag-child/custom.min.css HTTP 301
https://garydemar.com/

Request Chain 9

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_1000,h_240/https://garydemar.com/wp-content/uploads/2019/03/logo-garydemar-light.png HTTP 302
https://garydemar.com/wp-content/uploads/2019/03/logo-garydemar-light.png

Request Chain 10

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-750x375.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-750x375.jpg

Request Chain 11

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_100,h_100/https://garydemar.com/wp-content/uploads/userphoto/3.thumbnail.jpg HTTP 302
https://garydemar.com/wp-content/uploads/userphoto/3.thumbnail.jpg

Request Chain 12

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/communist_party-750x375.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/communist_party-750x375.jpg

Request Chain 13

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-750x375.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-750x375.jpg

Request Chain 14

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/monkeys-and-typewriters-750x375.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/monkeys-and-typewriters-750x375.jpg

Request Chain 15

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/Law-Commandments-750x375.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/Law-Commandments-750x375.jpg

Request Chain 16

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/Arch-Duke-Assassinagtion-750x375.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/Arch-Duke-Assassinagtion-750x375.jpg

Request Chain 17

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/Plague-of-Boils_Wolverton-750x375.gif HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/Plague-of-Boils_Wolverton-750x375.gif

Request Chain 18

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/Politics-is-Fifth-750x375.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/Politics-is-Fifth-750x375.jpg

Request Chain 19

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/Pelosibreakfast-750x375.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/Pelosibreakfast-750x375.jpg

Request Chain 20

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/plagues_02-750x375.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/plagues_02-750x375.jpg

Request Chain 21

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/Destruction-of-Jerusalem_eating-Children-750x375.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/Destruction-of-Jerusalem_eating-Children-750x375.jpg

Request Chain 22

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/Kent-state_Mary-Ann-Vecchio-750x375.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/Kent-state_Mary-Ann-Vecchio-750x375.jpg

Request Chain 23

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/Destruction-of-Jerusalem_Bowyer-Bible-750x375.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/Destruction-of-Jerusalem_Bowyer-Bible-750x375.jpg

Request Chain 25

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/envy_Green-eyes-750x375.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/envy_Green-eyes-750x375.jpg

Request Chain 26

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/Joe-Biden_02-750x375.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/Joe-Biden_02-750x375.jpg

Request Chain 27

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/04/Hiding-Money-750x375.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/04/Hiding-Money-750x375.jpg

Request Chain 28

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/04/Persia-750x375.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/04/Persia-750x375.jpg

Request Chain 29

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/04/Rapture_04-750x375.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/04/Rapture_04-750x375.jpg

Request Chain 30

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_360,h_240/https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-360x240.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-360x240.jpg

Request Chain 31

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_360,h_240/https://garydemar.com/wp-content/uploads/2020/05/communist_party-360x240.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/communist_party-360x240.jpg

Request Chain 32

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_360,h_240/https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-360x240.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-360x240.jpg

Request Chain 33

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_360,h_240/https://garydemar.com/wp-content/uploads/2020/05/monkeys-and-typewriters-360x240.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/monkeys-and-typewriters-360x240.jpg

Request Chain 34

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_360,h_240/https://garydemar.com/wp-content/uploads/2020/05/Law-Commandments-360x240.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/Law-Commandments-360x240.jpg

Request Chain 35

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_360,h_240/https://garydemar.com/wp-content/uploads/2020/05/Arch-Duke-Assassinagtion-360x240.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/Arch-Duke-Assassinagtion-360x240.jpg

Request Chain 36

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_360,h_240/https://garydemar.com/wp-content/uploads/2020/05/Plague-of-Boils_Wolverton-360x240.gif HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/Plague-of-Boils_Wolverton-360x240.gif

Request Chain 58

https://sb.scorecardresearch.com/b?c1=2&c2=22315475&ns__t=1620818463756&ns_c=UTF-8&cv=3.5&c8=Gary%20DeMar&c7=https%3A%2F%2Fgarydemar.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=22315475&ns__t=1620818463756&ns_c=UTF-8&cv=3.5&c8=Gary%20DeMar&c7=https%3A%2F%2Fgarydemar.com%2F&c9=

Request Chain 59

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1620818463757&ns_c=UTF-8&cv=3.5&c8=Gary%20DeMar&c7=https%3A%2F%2Fgarydemar.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1620818463757&ns_c=UTF-8&cv=3.5&c8=Gary%20DeMar&c7=https%3A%2F%2Fgarydemar.com%2F&c9=

Request Chain 62

https://cdn.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_1000,h_240/https://garydemar.com/wp-content/uploads/2019/03/logo-garydemar-light.png HTTP 302
https://garydemar.com/wp-content/uploads/2019/03/logo-garydemar-light.png

Request Chain 63

https://cdn.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-750x375.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-750x375.jpg

Request Chain 64

https://cdn.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_100,h_100/https://garydemar.com/wp-content/uploads/userphoto/3.thumbnail.jpg HTTP 302
https://garydemar.com/wp-content/uploads/userphoto/3.thumbnail.jpg

Request Chain 65

https://cdn.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/communist_party-750x375.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/communist_party-750x375.jpg

Request Chain 66

https://cdn.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_360,h_240/https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-360x240.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-360x240.jpg

Request Chain 67

https://cdn.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_360/https://garydemar.com/wp-content/uploads/2020/05/communist_party-360x241.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/communist_party-360x241.jpg

Request Chain 68

https://cdn.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_360,h_240/https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-360x240.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-360x240.jpg

Request Chain 69

https://cdn.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_360,h_240/https://garydemar.com/wp-content/uploads/2020/05/monkeys-and-typewriters-360x240.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/monkeys-and-typewriters-360x240.jpg

Request Chain 109

https://cdn.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-750x375.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-750x375.jpg

Request Chain 110

https://cdn.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_360,h_240/https://garydemar.com/wp-content/uploads/2020/05/Law-Commandments-360x240.jpg HTTP 302
https://garydemar.com/wp-content/uploads/2020/05/Law-Commandments-360x240.jpg

Request Chain 154

https://cdn.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_100,h_100/https://garydemar.com/wp-content/uploads/userphoto/3.thumbnail.jpg HTTP 302
https://garydemar.com/wp-content/uploads/userphoto/3.thumbnail.jpg

Request Chain 173

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=246d7ee5-b314-11eb-bbdc-192cb16e0506 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=246d7e9e-b314-11eb-bbdc-192cb16e0506&orig=video&us_privacy=1---

Request Chain 177

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=24701a53-b314-11eb-a46c-14e583300306 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=24701a0d-b314-11eb-a46c-14e583300306&orig=video&us_privacy=1---

Request Chain 182

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 183

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 205

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 206

https://us-u.openx.net/w/1.0/cm?gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=73d1200b-a254-4745-bb31-64f7fbc33d52

Request Chain 215

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODhiZjg1MjE3YjAwYWJiZmQ0OGJiMDFkNDZkYzczNmM2OTg5YzNmNQ&gdpr=1&us_privacy=1---

Request Chain 217

https://token.rubiconproject.com/token?pid=26594&gdpr=1&us_privacy=1--- HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KOLDGRKS-G-GW8A&sigv=1&esig=2~1ce8decaca0f3375484d12647555fcf7d65caa3c&gdpr=1&us_privacy=1---

Request Chain 218

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=1&us_privacy=1--- HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=1&us_privacy=1---&_test=YJu6IgAA8ROL1gA4 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YJu6IgAA8ROL1gA4&gdpr=1&us_privacy=1---&_test=YJu6IgAA8ROL1gA4

Request Chain 219

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESENv5zK5h2VBktyWrl8SH7kY&google_cver=1

Request Chain 221

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/lJ5ruQjhn3cGKV30BiCLiw?csrc=&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=479567725720021249

Request Chain 222

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MREdSS1MtRy1HVzhB&gdpr=1&us_privacy=1---

Request Chain 266

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENNq5Iqzz_lqGCkwzvhAl8&google_cver=1

Request Chain 267

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJu6IvRXwsi6g5kJoJsNzAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENNq5Iqzz_lqGCkwzvhAl8&google_cver=1

Request Chain 269

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENNq5Iqzz_lqGCkwzvhAl8&google_cver=1

Request Chain 270

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJu6IvRXwsi6g5kJoJsNzAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENNq5Iqzz_lqGCkwzvhAl8&google_cver=1

Request Chain 279

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOoHvm4zisNuY-m2d9iaXbw&google_cver=1&google_push=AQvitUJQHZhJn0rnOPaxVk1XqUwUO-Bl36bqxwwXBPcDC5AhVLKZR_7al3azjJ7nzSEb2ucHWbAaqcb8rwbfhM-3awTwHFo5QDtW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjczNzAyODE2NTAzMzM5MDU2Mg== HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEOoHvm4zisNuY-m2d9iaXbw&google_cver=1

Request Chain 280

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENoFEb7Aui0fdbIHGOayBPY&google_cver=1&google_push=AQvitUIJlCkUa3bcyRRrTCcU_nNwuQQSuSZl_PHY_GI_c7-FIxrNEW-TZQtlYz5N0JQNggftV7NBHnqEGhfwgWBGxeHqVwOv0GhO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIJlCkUa3bcyRRrTCcU_nNwuQQSuSZl_PHY_GI_c7-FIxrNEW-TZQtlYz5N0JQNggftV7NBHnqEGhfwgWBGxeHqVwOv0GhO

Request Chain 282

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEN4qVSxaAJVCbrVAzhRtWKo&google_cver=1&google_push=AQvitUJLxS4Gc4h8itBwvkbIQ6kvnCcNX4WM7gJ7xbztJ9IXqnVrgLWGpc809OB74_OI_3-I2Sji17jC-wvtpIIikENPX2hGkwg HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEN4qVSxaAJVCbrVAzhRtWKo&google_cver=1&google_push=AQvitUJLxS4Gc4h8itBwvkbIQ6kvnCcNX4WM7gJ7xbztJ9IXqnVrgLWGpc809OB74_OI_3-I2Sji17jC-wvtpIIikENPX2hGkwg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJLxS4Gc4h8itBwvkbIQ6kvnCcNX4WM7gJ7xbztJ9IXqnVrgLWGpc809OB74_OI_3-I2Sji17jC-wvtpIIikENPX2hGkwg&google_hm=wvj2FnKFTGKaEy2vaI2RKg==

Request Chain 283

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELwhuxGk28Fqz2neV4yMzS0&google_cver=1&google_push=AQvitUIWjvdM8kSQusb6iK7HyUxcRkPXDWHgvOpcdTdQCR1nIDQTdZzSeaWQbOpVp9KOsiultIi8Xm53mLiD171wbL1QjyS0z3kj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIWjvdM8kSQusb6iK7HyUxcRkPXDWHgvOpcdTdQCR1nIDQTdZzSeaWQbOpVp9KOsiultIi8Xm53mLiD171wbL1QjyS0z3kj&google_hm=NDc5NTY3NzI1NzIwMDIxMjQ5

Request Chain 284

https://rtb.openx.net/sync/dds?google_gid=CAESEAFTkPcWICjquYoWo5YLjow&google_cver=1&google_push=AQvitUINCYAa387w3J8DOHqRY6UGbXamNDW9hMvTeAq3KQmcHmhHtTIZNBuAckH90sPSDzrI1uApkOTVmE_IZndVL2-HqgbwY4ps HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUINCYAa387w3J8DOHqRY6UGbXamNDW9hMvTeAq3KQmcHmhHtTIZNBuAckH90sPSDzrI1uApkOTVmE_IZndVL2-HqgbwY4ps&google_hm=K71JFOHTzzwv6ynGiaejXA==

Request Chain 285

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo&google_cver=1&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp1_sGJ6orUr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp1_sGJ6orUr&google_cver=1&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp1_sGJ6orUr&google_cver=1&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp1_sGJ6orUr&google_cver=1&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp1_sGJ6orUr&google_cver=1&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp1_sGJ6orUr&google_cver=1&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp1_sGJ6orUr&google_cver=1&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp1_sGJ6orUr&google_cver=1&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp1_sGJ6orUr&google_cver=1&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp1_sGJ6orUr&google_cver=1&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp1_sGJ6orUr&google_cver=1&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp1_sGJ6orUr&google_cver=1&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp1_sGJ6orUr&google_cver=1&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp1_sGJ6orUr&google_cver=1&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp1_sGJ6orUr&google_cver=1&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp1_sGJ6orUr&google_cver=1&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp1_sGJ6orUr&google_cver=1&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp1_sGJ6orUr&google_cver=1&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp1_sGJ6orUr&google_cver=1&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp1_sGJ6orUr&google_cver=1&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp1_sGJ6orUr&google_cver=1&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo

Request Chain 290

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJtmmAHolqhF4GYDOsLMe64&google_cver=1&google_push=AQvitULRIfCAZvg1TUcFzQDUhimn2Q8VbFtVgVpZh9U3J8GLO5dCWVRi91O06k9UqU8L9cdXES6exPFS8Nz3a97XfuVEVgs1QRzu HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEJtmmAHolqhF4GYDOsLMe64&google_cver=1&google_push=AQvitULRIfCAZvg1TUcFzQDUhimn2Q8VbFtVgVpZh9U3J8GLO5dCWVRi91O06k9UqU8L9cdXES6exPFS8Nz3a97XfuVEVgs1QRzu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=nPomupq3Sci79JAgna9IymCbuiY

Request Chain 293

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG47EkQJfK2dmdOI9-RHS-M&google_cver=1&google_push=AQvitUIly431s46Kzl_c2tzxvXKeSEsCBren3BgMqZGWrNq6DW-hhfoVYE_q7AZygJ-CmRdWmJGw3cLRdemSq0Oo5AbxVXv2P8U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MREdSS1MtRy1HVzhB&google_push=AQvitUIly431s46Kzl_c2tzxvXKeSEsCBren3BgMqZGWrNq6DW-hhfoVYE_q7AZygJ-CmRdWmJGw3cLRdemSq0Oo5AbxVXv2P8U

Request Chain 294

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMugONVxzUMyRiSsOysuDEo&google_cver=1&google_push=AQvitUKeiAuYxmCBzq6q92resiXyBG9odytPxJACGXbtA8yFIH0qmaKi-K_-t_3pFiydY-HjIHe7CxFAsQzrEavv23kp3ESkerk HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitUKeiAuYxmCBzq6q92resiXyBG9odytPxJACGXbtA8yFIH0qmaKi-K_-t_3pFiydY-HjIHe7CxFAsQzrEavv23kp3ESkerk&google_gid=CAESEMugONVxzUMyRiSsOysuDEo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTM2NTc2NjI1NTQ0MzQ1NDU1&google_push=AQvitUKeiAuYxmCBzq6q92resiXyBG9odytPxJACGXbtA8yFIH0qmaKi-K_-t_3pFiydY-HjIHe7CxFAsQzrEavv23kp3ESkerk

Request Chain 295

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEO6Bufuzo-zzCIa_fi-dWwc&google_cver=1&google_push=AQvitUKSCA8rNTyHdVDllIg0WMcMaIyhGPSzh4vNXcx6Eni7EEtpCEg6zyBNvz674airNnB4eYk1DvdTsTfLv5dfDGrCiynF6-UgxQ HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEO6Bufuzo-zzCIa_fi-dWwc&google_cver=1&google_push=AQvitUKSCA8rNTyHdVDllIg0WMcMaIyhGPSzh4vNXcx6Eni7EEtpCEg6zyBNvz674airNnB4eYk1DvdTsTfLv5dfDGrCiynF6-UgxQ&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEO6Bufuzo-zzCIa_fi-dWwc&google_cver=1&google_push=AQvitUKSCA8rNTyHdVDllIg0WMcMaIyhGPSzh4vNXcx6Eni7EEtpCEg6zyBNvz674airNnB4eYk1DvdTsTfLv5dfDGrCiynF6-UgxQ&apid=UP253fd476-b314-11eb-ba6b-06007d214daa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyNTNmZDQ3Ni1iMzE0LTExZWItYmE2Yi0wNjAwN2QyMTRkYWE%3D&google_push=AQvitUKSCA8rNTyHdVDllIg0WMcMaIyhGPSzh4vNXcx6Eni7EEtpCEg6zyBNvz674airNnB4eYk1DvdTsTfLv5dfDGrCiynF6-UgxQ

Request Chain 301

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9e8ff3fb-9a56-4b92-ab7f-5879e12ac731 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9e8ff3fb-9a56-4b92-ab7f-5879e12ac731&tbid=7f350496-8b74-4146-9ac1-46b96950cd18-tuct7953fa1&query=taboola_hm%3D9e8ff3fb-9a56-4b92-ab7f-5879e12ac731&isDirect=0

Request Chain 305

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=nN80R34B8yGz&ev=1&orig=trc&pid=562107

Request Chain 306

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1626091424495893470&orig=trc

Request Chain 307

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEHMbk--GCko2tg-2QB5--84&google_cver=1

Request Chain 309

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=7f350496-8b74-4146-9ac1-46b96950cd18-tuct7953fa1

Request Chain 310

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=edbb1adf-a410-4e9c-9562-b671118e78f5

Request Chain 315

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=926e014e-3468-4b8b-b18f-6d61012a496a

Request Chain 316

https://id5-sync.com/s/464/9.gif?puid=a382a870-2c60-4997-883f-e1840c999caf-tuct7953fa0&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=a382a870-2c60-4997-883f-e1840c999caf-tuct7953fa0&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOysZXNMtuhcRt6tnFA_mZHa5cQhkitJpnJvO_eg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOysZXNMtuhcRt6tnFA_mZHa5cQhkitJpnJvO_eg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=6bd21104-0182-48e8-9349-bb2383a7098a&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/441/5/3.gif?puid=e_e15125bd-8100-497a-a6bf-0baf597d46bc&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESELp5tCCsVLqnMFo3GfexM9k&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESELp5tCCsVLqnMFo3GfexM9k&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1626091424495893470&opid=apx&ops=&utidl=tech:goo:CAESELp5tCCsVLqnMFo3GfexM9k&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A17441413085&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/3/5.gif?puid=e4b95f7dcdbe799fcafb832cfa67408a&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/2/6.gif?puid=608f6cd4-2cf0-467c-9d42-7a22ce9b3bf4&gdpr=1&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D

Request Chain 317

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=L5FpxAd5CnKC85CNJLqbYA

Request Chain 319

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dtaboola%26bsw_param%3Dc2f8f616-7285-4c62-9a13-2daf688d912a&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=80&user_id=fdb7609b-ba23-4800-b75a-f11636779b99&expires=30&ssp=taboola&bsw_param=c2f8f616-7285-4c62-9a13-2daf688d912a&gdpr=0&gdpr_consent= HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c2f8f616-7285-4c62-9a13-2daf688d912a

Request Chain 359

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2dfe9745-436f-47c1-9cd5-ad3c5115ad8c%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://prebid.a-mo.net/setuid?A=2dfe9745-436f-47c1-9cd5-ad3c5115ad8c&D=&bidder=appnexus&uid=1626091424495893470

Request Chain 360

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2dfe9745-436f-47c1-9cd5-ad3c5115ad8c%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2dfe9745-436f-47c1-9cd5-ad3c5115ad8c%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
https://prebid.a-mo.net/setuid?A=2dfe9745-436f-47c1-9cd5-ad3c5115ad8c&D=&bidder=pubmatic&uid=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6

Request Chain 361

https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=2dfe9745-436f-47c1-9cd5-ad3c5115ad8c HTTP 302
https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=2dfe9745-436f-47c1-9cd5-ad3c5115ad8c&apid=UP253fd476-b314-11eb-ba6b-06007d214daa HTTP 302
https://prebid.a-mo.net/setuid/verizon_video?uid=UP253fd476-b314-11eb-ba6b-06007d214daa&gdpr=0&gdpr_consent=

Request Chain 362

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2dfe9745-436f-47c1-9cd5-ad3c5115ad8c%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2dfe9745-436f-47c1-9cd5-ad3c5115ad8c%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://prebid.a-mo.net/setuid?A=2dfe9745-436f-47c1-9cd5-ad3c5115ad8c&D=&bidder=sovrn&uid=551f214718c7774a4261473f

Request Chain 363

https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2dfe9745-436f-47c1-9cd5-ad3c5115ad8c%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
https://prebid.a-mo.net/setuid?A=2dfe9745-436f-47c1-9cd5-ad3c5115ad8c&D=&bidder=index_rtb&uid=YJu6IvRXwsi6g5kJoJsNzAAA%261165

Request Chain 368

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=edbb1adf-a410-4e9c-9562-b671118e78f5

Request Chain 371

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=edbb1adf-a410-4e9c-9562-b671118e78f5

Request Chain 379

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=111&redir=https%3A%2F%2Fin-appadvertising.com%2Fut%2Fus%3Fv%3D2%26trint%3Dgkg3k(o42%26usr%3D%7BuserId%7D HTTP 302
https://in-appadvertising.com/ut/us?v=2&trint=gkg3k(o42&usr=9cfa26ba-9ab7-49c8-bbf4-90209daf48ca-609bba26-5553

Request Chain 382

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=111&redir=https%3A%2F%2Fin-appadvertising.com%2Fut%2Fus%3Fv%3D2%26trint%3Dekg3k(o6H%26usr%3D%7BuserId%7D HTTP 302
https://in-appadvertising.com/ut/us?v=2&trint=ekg3k(o6H&usr=9cfa26ba-9ab7-49c8-bbf4-90209daf48ca-609bba26-5553

Request Chain 388

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgarydemar.com%2F&domain=in-appadvertising.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=yRfU33xlai9Fd3BGZnMrYVpySlpTTWhiOFMzYWxFVmlWYUNtTDFWaDdNdmJ0eXhHWGtEejdXd3hRZDFGeU8xQVI3cXo5WitidFdaQzVwVkx2bHZCeGlQbk1xUkJNdWlrb2FGZTVhNnhWekF1Y1FXaEY0dEFGNG5yd0ZaZC9vdERwTzUxc2FpT1A3cm1VcjBDSEdzd2tLcDltWWw3Vno3WnVwMGJ5Nm9rVWJ4bUo1WkxmVytmTEhGZHRjWVY2TmY5WjI1VEFyMk5ZS0FEakZ6b05LMlZHUDA5aStKTS9tRlgwM1FxamdJc09ub1BsQzVFWUZ3REgrbE1sbHJHS2ZUWHg5ZG5DR21mSzBKaHYra0x2b0l1UExPaFZ3bUR1N21naDBDcDBReDVkTnA4UmZmND18&cppv=2

Request Chain 391

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgarydemar.com%2F&domain=in-appadvertising.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=2D5xTXxUMktTUWRtWEhINFlxKzRYQ3lXSXVQZ0FtMm9YWHlSMC9uYjRHRHVsTkdVTmNMSmZEQXZzbXZqdU9XVkRJUWlUOHZrTGRlci9ZTFlzcXhhZ1JQTGxBKzBQQ1c0SGdLdkJWSmR0ZEpnQXEwNGYyblFiR21oamRXQWFlZytBUURNNkc5dzF1UkNiMzZxSGhRUTBpaUpqT1MvUmtEUkNwZVladERPUEdWZlJ3R2QwSDB1TjF2Mm9hdVUxM2dJUmFzam11Zms5c2gzT3lsdzIzZmxLVGVNNVA4Y0ZTWGE3Sm1jbW80NlRnLzZCa2dOZDhHVXFzMGtOL0F0T05GVWFyV0oyejJINjRFOUhoeitWbkxvcmo4dEdvMWgwVndZL3RNMjM0Q1BOdHROYTIxOD18&cppv=2

Request Chain 392

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=

Request Chain 393

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3286743539914541343

Request Chain 394

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961362325721512080

Request Chain 395

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJMUswN0JOM1FBQUN6TVZKQWZydw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJMUswN0JOM1FBQUN6TVZKQWZydw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1&google_tc= HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAI1K07BN3QAACzMVJAfrw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAI1K07BN3QAACzMVJAfrw&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAI1K07BN3QAACzMVJAfrw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID

Request Chain 397

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

Request Chain 398

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5294794443 HTTP 302
https://sync.1rx.io/usersync/tradedesk/536422bc-387f-41da-abf9-4111a0c1e8a4 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-7df12ed4-f03f-4b73-81a1-e5ab6d2c6977-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-7df12ed4-f03f-4b73-81a1-e5ab6d2c6977-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7df12ed4-f03f-4b73-81a1-e5ab6d2c6977-003

Request Chain 399

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=vgZke26FDg7zV9XiLdorWyzJ

Request Chain 401

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 402

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=F1jC7PpJWa0w&pid=557219

Request Chain 405

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XBpYkY4OQnK9rvb9y7309g%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 407

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 408

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6&addseg=11,34,40

Request Chain 409

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUMxQTU4OTEtOEUwRS00MjcyLUJEQUUtRjZGRENCQkRGNEY2&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 410

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELT8Bm6bxLrR-_prX7ZM44k&google_cver=1

Request Chain 412

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=edbb1adf-a410-4e9c-9562-b671118e78f5

Request Chain 413

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1503707112516374900

Request Chain 414

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:fdb7609b-ba23-4800-b75a-f11636779b99&gdpr=0&gdpr_consent=

Request Chain 415

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1626091424495893470&gdpr=0&gdpr_consent=

Request Chain 417

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-G0rzLjtE2uW4lfIOS4vgMKU.4n98CNo-~A&gdpr=0&gdpr_consent=

Request Chain 418

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=757a3ded-0258-4b8e-91c7-bba2f6a31956&ssp=pubmatic HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=59&user_id=757a3ded-0258-4b8e-91c7-bba2f6a31956&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=97323ff6-a126-4519-84be-c87a5a68d850&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 419

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=S9DSkR-B2cNQgt3KStHGkBiCipJQhtiRGdWX2amm

Request Chain 420

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2737028165033390562&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 421

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJu6IgAA8ROL1gA4&gdpr=0&gdpr_consent=

Request Chain 422

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:07d32107-5844-438e-b777-f891f7ec1912&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 424

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=9cfa26ba-9ab7-49c8-bbf4-90209daf48ca-609bba26-5553&gdpr=0&gdpr_consent=

Request Chain 425

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1626091424495893470

Request Chain 426

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_e15125bd-8100-497a-a6bf-0baf597d46bc

Request Chain 429

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 430

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 437

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
https://sync.bfmio.com/sync?pid=106&uid=536422bc-387f-41da-abf9-4111a0c1e8a4

Request Chain 438

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
https://sync.bfmio.com/sync?pid=106&uid=536422bc-387f-41da-abf9-4111a0c1e8a4

438 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
garydemar.com/
Redirect Chain

http://garydemar.com/
https://garydemar.com/

142 KB
23 KB

866ms
844ms

Document
text/html

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garydemar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25f52afbe54df1d5f364d04e58bf8e61238ff6c3c54df78c29167281a0170b17

Request headers

:method: GET
:authority: garydemar.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:00 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding
link: <https://garydemar.com/wp-json/>; rel="https://api.w.org/"
x-fw-server: Flywheel/4.1.0
x-fw-hash: jq5toxmr2e
x-cacheable: NO:Not Cacheable
x-fw-serve: TRUE
x-cache: MISS
x-fw-static: NO
x-fw-type: VISIT
cf-cache-status: DYNAMIC
cf-request-id: 0a01e815ab00000eaf63b71000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C8Ko8U0n7QYCiCbJYf%2BLQ2ueH3RIePvFGaCxKDSJ8ijWxkQnwt8M3P0sJg6UDX%2BfN5TsiFGBP3vzVuKr77qobib%2BTRkbCQokZQwFrymoI%2BDgEqqkTt89iV0F"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64e342cf78700eaf-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Wed, 12 May 2021 11:21:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://garydemar.com/
X-FW-Server: Flywheel/4.1.0
X-FW-Hash: jq5toxmr2e
X-FW-Serve: TRUE
X-Cache: MISS
X-FW-Static: NO
X-FW-Type: VISIT
CF-Cache-Status: DYNAMIC
cf-request-id: 0a01e8152200002c52311c4000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nHlQffCrg0%2B8veLXqyNtBE1D78HVMIGwPBGvEtkMdS0VvJjn3heyTxAtURGBhU8qfKBvD7R2tD7gzBBlPuGklR1Qk%2FCfYKi8kQwoKy4ydI1a%2BAv25C2ZSIQg"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 64e342ce9bce2c52-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/thepublisherdesk-network/ 1 MB
64 KB 35ms
11ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/thepublisherdesk-network/loader.js
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1969cf126d14e908364108897694d804b971e858b1079ad347a0c6d320c38f09

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: JnPxhuYLX3F0gUBqyx5.Tm8Ayw9Z5QOs
content-encoding: gzip
etag: "c469e8dbc4ce7cb9a8231b6a25086cf1"
age: 117
x-cache: HIT
content-length: 64871
x-amz-id-2: e6ur64dPGpC0G7jvTXBj+B6j4396JrllWY245BFcHL1HHPugVyq+lGVNeiWE2UIK3aTF+Y4z7So=
x-served-by: cache-fra19133-FRA
last-modified: Thu, 06 May 2021 12:16:59 GMT
server: AmazonS3
x-timer: S1620818461.956088,VS0,VE1
date: Wed, 12 May 2021 11:21:00 GMT
vary: Accept-Encoding
x-amz-request-id: RCPQ2713FVT3FQX5
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 35
x-cache-hits: 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 61 KB
21 KB 54ms
18ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: garydemar.com
URL: https://garydemar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

d8a8dce959450ac3a76160b40029e51ead538acb22f7da376d80c96d07cbdfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "869 / 822 of 1000 / last-modified: 1620817832"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21180
x-xss-protection: 0
expires: Wed, 12 May 2021 11:21:00 GMT

GET
H/1.1 200
OK garydemar.js Show response
s.206ads.com/configs/ 10 KB
3 KB 494ms
438ms Script
application/x-javascript 13.224.95.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.206ads.com/configs/garydemar.js
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-103.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2692618d76da58016d85b699ad7cf915026b1d03bbdd010f12764d875d2e0f9

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Feb 2021 21:20:47 GMT
Server: AmazonS3
X-Amz-Cf-Pop: ZRH50-C1
ETag: "ad098424b14b8426fcc13ed30db7425f"
X-Cache: Miss from cloudfront
Content-Type: application/x-javascript
Via: 1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront)
Cache-Control: must-revalidate,s-maxage=900,max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2038
X-Amz-Cf-Id: 0pz-gqBL9yBhHK0vFzg4PschL4pTIl8uBm9cH9wJBH1pGammUqio5w==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 54ms
18ms Script
application/javascript 13.224.95.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-70.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:06:45 GMT
via: 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 856
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: b2o83rbjWpeSGYudwtRSyEFqFZZJJmYfNAI3Sc8p7sTs8RK-HPqDTw==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 35ms
11ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:00 GMT
content-encoding: gzip
etag: "9iaPKZLFg6XYoMRMhilE8g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 19 May 2021 11:21:00 GMT

GET
H3-29 200 autoptimize_a742a3d8587352743c2a9536ce03c41d.css
garydemar.com/wp-content/cache/autoptimize/css/ 459 KB
50 KB 56ms
40ms Stylesheet
text/css 2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garydemar.com/wp-content/cache/autoptimize/css/autoptimize_a742a3d8587352743c2a9536ce03c41d.css
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61bb6bd2aee4fd366b30d7580c48462deb89c627495bb710b1f26c03db91f0eb

Request headers

:path: /wp-content/cache/autoptimize/css/autoptimize_a742a3d8587352743c2a9536ce03c41d.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:00 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: YES
age: 1099006
cf-polished: origSize=470682
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a01e8191900002b9546bfb000000001
x-fw-type: VISIT
pragma: public
last-modified: Fri, 11 Dec 2020 16:55:22 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: W/"5fd3a47a-72e9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V4p38eGgltT6JdJqs9D%2B1jM22UQVcRD0H0q81zmsMPGsLfF2vUweAn2a8lgaAzdrCK1TKwde3FlA8Ajl8u0DmsFPXTINK%2BXxBnqECH%2FVgnNFhw3ezMxIHN%2B%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-fw-serve: TRUE
cache-control: max-age=2592000, public
cf-ray: 64e342d4ff502b95-FRA
cf-bgj: minify

GET
H3-29

200

/
garydemar.com/
Redirect Chain

https://garydemar.com/www/wp-content/themes/blackmag-child/custom.min.css
https://garydemar.com/

142 KB
23 KB

890ms
889ms

Stylesheet
text/html

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garydemar.com/
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25f52afbe54df1d5f364d04e58bf8e61238ff6c3c54df78c29167281a0170b17

Request headers

:path: /
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: NO
date: Wed, 12 May 2021 11:21:02 GMT
content-encoding: br
vary: Accept-Encoding Accept-Encoding
cf-cache-status: DYNAMIC
x-cacheable: NO:Not Cacheable
x-fw-server: Flywheel/4.1.0
x-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a01e81bc800002b951619f000000001
x-fw-type: VISIT
server: cloudflare
x-fw-hash: jq5toxmr2e
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5A6oFKyqfaA9%2BuHh8D%2BEPDCRFUbDM8bOHldZBOZGFrGJnpGO6qtEUB37smFY3JlbakYiFtN0D2kAIjNESVhwFepHE3u1FR5nT3QhGvZequnCxFNQMSQCqxRT"}],"group":"cf-nel","max_age":604800}
x-fw-serve: TRUE
cf-ray: 64e342d949352b95-FRA
link: <https://garydemar.com/wp-json/>; rel="https://api.w.org/"

Redirect headers

x-fw-static: NO
date: Wed, 12 May 2021 11:21:01 GMT
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
x-fw-server: Flywheel/4.1.0
x-cache: MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a01e8191900002b958c916000000001
x-fw-type: VISIT
server: cloudflare
x-fw-hash: jq5toxmr2e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n0J355eDgMrZYon2sbiROEl0oBJG1%2FlqbEKdBuKaPgBQ4%2FsL%2BXBUE3uBxGgoHi7qKqPxkSHzYeFsoKqjN37Sty8kZYZOiLF1P1q0emFDRXvKPiDgWcf8wGka"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://garydemar.com
x-fw-serve: TRUE
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 64e342d4ff512b95-FRA
link: <https://garydemar.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3-29 200 jquery.js Show response
garydemar.com/wp-includes/js/jquery/ 95 KB
33 KB 37ms
21ms Script
application/javascript 2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garydemar.com/wp-includes/js/jquery/jquery.js
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

:path: /wp-includes/js/jquery/jquery.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:00 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: YES
age: 1530966
cf-polished: origSize=96873
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a01e8191900002b956629d000000001
x-fw-type: VISIT
pragma: public
last-modified: Thu, 04 Jun 2020 15:53:38 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: W/"5ed91902-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PdLbV8DOwpVcPgZPqslozucwizI%2BIghQNmQNIbC1966O%2BpiI5CHY563qrL8QLv6WdAa6s8167TIJHeWYfqT1OwiocbbhcC0j7m03UaFQESiWdPnT9fXweqHX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-fw-serve: TRUE
cache-control: max-age=2592000, public
cf-ray: 64e342d4ff4e2b95-FRA
cf-bgj: minify

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 28ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: garydemar.com
URL: https://garydemar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

edfe7e4e5d1a4300314aad7fd7c2c1367ba303806c4c3d825d2befb3fcb4d56a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://garydemar.com
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 1nF+YRDgfvxi2PgpXzeN6A==
cross-origin-resource-policy: cross-origin
expires: Wed, 12 May 2021 11:37:10 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: 2q4BffeS5TCmto2Do87In/FkHieCiWqT7GELAHIBSU2RVboiFRGkellNX4TUQ7yXQk3j0vvdXF76VEdQnViZ8A==
x-fb-trip-id: 686109401
x-fb-content-md5: 0cdfec25606750d105270319a664337a
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 12 May 2021 11:21:01 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "8941b3520ee7be3abc8bb01adac0ce17"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3-29

200

logo-garydemar-light.png
garydemar.com/wp-content/uploads/2019/03/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_1000,h_240/https://garydemar.com/wp-content/uploads/2019/03/logo-garydemar-light.png
https://garydemar.com/wp-content/uploads/2019/03/logo-garydemar-light.png

12 KB
13 KB

12ms
12ms

Image
image/png

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2019/03/logo-garydemar-light.png
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a2db9896268d45d8071955ab70c5de33b97b2636b14a017d23d4ef87eba88c4

Request headers

:path: /wp-content/uploads/2019/03/logo-garydemar-light.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:01 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 263939
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12190
cf-request-id: 0a01e81b4300002b95772c6000000001
x-fw-type: VISIT
pragma: public
last-modified: Fri, 12 Apr 2019 05:12:06 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5cb01e26-2f9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y%2FFSstustk5Jvd3ENGCFJzn%2Fird93rX2gEpBmzwc2%2Bo1s1GGgULZCrZ59xOBYELqlBLaReP7Pqa5sem%2Bm4l97XYRmC5wykxMnOqHujhz3nNe0M0sWdzQc%2FN9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342d86f8e2b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:01 GMT
cdn-edgestorageid: 723, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:01
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2019/03/logo-garydemar-light.png
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 9a2a399a9c575fdf96f598fcfc067451
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

AV_Logo_detail-750x375.jpg
garydemar.com/wp-content/uploads/2020/10/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-750x375.jpg
https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-750x375.jpg

35 KB
35 KB

103ms
102ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-750x375.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36117942c93a7718be7acdda95df16da1f653e4685a9e35fc98c8ae7593e9160

Request headers

:path: /wp-content/uploads/2020/10/AV_Logo_detail-750x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:01 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35400
cf-request-id: 0a01e81b6800002b955fb1a000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Thu, 22 Oct 2020 15:35:07 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5f91a6ab-8a48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GhYelCPxhQhd8v%2BumQKUF9yrE5R6y%2BhdH5QuQtzoK4FUYIosEXV6L2cP7XK8bgjLSe%2B6OM%2B59GRfH3k70uSlfz%2FQwO68b2P2XGEOs3JWnCwlZt9s9DKurTyE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342d8a8022b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:01 GMT
cdn-edgestorageid: 722, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:01
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-750x375.jpg
content-type: text/html; charset=UTF-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 337c1b8c000f894f8761428948c78a9b
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

3.thumbnail.jpg
garydemar.com/wp-content/uploads/userphoto/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_100,h_100/https://garydemar.com/wp-content/uploads/userphoto/3.thumbnail.jpg
https://garydemar.com/wp-content/uploads/userphoto/3.thumbnail.jpg

4 KB
5 KB

34ms
33ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/userphoto/3.thumbnail.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c095b65f7285452e5da09a62e22f4317ec5f830a09cef936658fe6e40a52005

Request headers

:path: /wp-content/uploads/userphoto/3.thumbnail.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:01 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 460406
x-fw-server: Flywheel/4.1.0
x-cache: HIT
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4014
cf-request-id: 0a01e81bf500002b952f0fd000000001
x-fw-type: VISIT
pragma: public
last-modified: Fri, 12 Apr 2019 05:02:52 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5cb01bfc-fae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X1SJkz%2B9CTEuV5NfCShbvsYde5a%2Bx6gulN3ItUl62t%2BafFNrg0%2BwseIj6Hhmxb5esDCNegBEnxG4v1%2FduiT9qqdOF7As4gnfqw3%2FsAgxKofAiGq%2FymjbYu0a"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
x-hits: 1
accept-ranges: bytes
cf-ray: 64e342d989bd2b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:01 GMT
cdn-edgestorageid: 601, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:01
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/userphoto/3.thumbnail.jpg
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 9cfdc26a9dc772f810139f763940454c
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

communist_party-750x375.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/communist_party-750x375.jpg
https://garydemar.com/wp-content/uploads/2020/05/communist_party-750x375.jpg

43 KB
43 KB

112ms
111ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/communist_party-750x375.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9682647257f497f1b61b9c1c151d12f970071a393f06bd8cbe4d0b67debf289

Request headers

:path: /wp-content/uploads/2020/05/communist_party-750x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:01 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43805
cf-request-id: 0a01e81c3b00002b954e8a9000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Thu, 21 May 2020 11:11:49 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ec661f5-ab1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HTgNTykVcGiEqOe7Ery9Ttd6vVrGH52EDFsAJPMDWnig7umBlMvCuZHMiKro8HsnLTGBT2wJUsxnX%2FBq0v8KxzoJnoUiAmY9tYc%2B7BjouIPGgF%2BHZqrvhfOB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342d9fac22b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:01 GMT
cdn-edgestorageid: 601, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:01
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/communist_party-750x375.jpg
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: ec76979094d0f260217e3228dfd3fcff
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

Old-Testament-Covenants-750x375.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-750x375.jpg
https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-750x375.jpg

59 KB
59 KB

14ms
14ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-750x375.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 203de499bad05048656d8784fe5cbb58eff433ab8b6dba0be7719124fdd2da6c

Request headers

:path: /wp-content/uploads/2020/05/Old-Testament-Covenants-750x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:01 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 971407
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59917
cf-request-id: 0a01e81cd200002b959831b000000001
x-fw-type: VISIT
pragma: public
last-modified: Thu, 21 May 2020 11:17:36 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ec66350-ea0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O6ACxZVQQzGLHQo3biH%2F7fHF%2Bwg9U7sOZBQ96DHhZ2%2BXWhptuRBRobEaf45iuDRB4gF%2FX2qaIgdu%2BXWwSArmMT5LEWvpPnGbDkZEk7nhlw4cS%2FiD%2BBPqoqMJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342daec8f2b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:01 GMT
cdn-edgestorageid: 632, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:01
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-750x375.jpg
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: ff69be32e008d31ae611541999e1f17a
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

monkeys-and-typewriters-750x375.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/monkeys-and-typewriters-750x375.jpg
https://garydemar.com/wp-content/uploads/2020/05/monkeys-and-typewriters-750x375.jpg

54 KB
54 KB

111ms
109ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/monkeys-and-typewriters-750x375.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 316873d9dc0c8f63f7815870aaade76579b16e946523184a21430bee7a6a9244

Request headers

:path: /wp-content/uploads/2020/05/monkeys-and-typewriters-750x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:02 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55090
cf-request-id: 0a01e81cfc00002b9582103000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Thu, 21 May 2020 11:30:59 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ec66673-d732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DUygYrDP%2FHVYanz9G1OMTFmlEACdjaJPxXP0H8ZV4A5oi3Nu6reYJ0eq2Nxb1gPQDTtjTcLLIAKzzEeIFLF9ak3GBwm2igfGRfHWrjsyl6kitJMvlqkYkocb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342db2d092b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:01 GMT
cdn-edgestorageid: 632, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:01
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/monkeys-and-typewriters-750x375.jpg
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 09bdf7d2a70a0e5f06277eba7368685f
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

Law-Commandments-750x375.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/Law-Commandments-750x375.jpg
https://garydemar.com/wp-content/uploads/2020/05/Law-Commandments-750x375.jpg

50 KB
51 KB

24ms
24ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/Law-Commandments-750x375.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbb3a3b486c477e5e0059c5d701ad7113dce6a0d0d443a602049472dd31c61a3

Request headers

:path: /wp-content/uploads/2020/05/Law-Commandments-750x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:02 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 460406
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51297
cf-request-id: 0a01e81d9000002b953492b000000001
x-fw-type: VISIT
pragma: public
last-modified: Thu, 21 May 2020 11:36:11 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ec667ab-c861"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MYcwV%2BPx1SNgQycRS0hr8KSu4qHgcJMUSJNJkp9P0Y%2BByu9qV6Q5AG8c1Wz6Jb7ICkM2ogLrhYc5EfPGg533AJ9GOf%2F4cYaiAsLKMJomwpRaj8KyTzYPfeqk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342dc1f022b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:02 GMT
cdn-edgestorageid: 632, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:02
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/Law-Commandments-750x375.jpg
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: da9b8603f347955a734c652356ef3996
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

Arch-Duke-Assassinagtion-750x375.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/Arch-Duke-Assassinagtion-750x375.jpg
https://garydemar.com/wp-content/uploads/2020/05/Arch-Duke-Assassinagtion-750x375.jpg

67 KB
68 KB

117ms
117ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/Arch-Duke-Assassinagtion-750x375.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bb72a647bd1b0ec3b2309332b4aa8f4f126c3848070373ca25f6915740c60a0

Request headers

:path: /wp-content/uploads/2020/05/Arch-Duke-Assassinagtion-750x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:02 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68688
cf-request-id: 0a01e81dc600002b953f87a000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Fri, 15 May 2020 16:17:49 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ebec0ad-10c50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ETvgabINYdwsddpD67nxmxZce8ZFwa4qOD%2FCo0i%2BDWNBF%2B%2Fzym%2FllpAjgb6g9LRXiduJ0AXVC%2B%2BLdtcJt2Juoc6qt7c3JleISJym6%2Buk4%2BFwMwwJHdAqmYsG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342dc6fec2b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:02 GMT
cdn-edgestorageid: 601, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:02
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/Arch-Duke-Assassinagtion-750x375.jpg
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: d60c507a47e57530ae3571ffd1034fae
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

Plague-of-Boils_Wolverton-750x375.gif
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/Plague-of-Boils_Wolverton-750x375.gif
https://garydemar.com/wp-content/uploads/2020/05/Plague-of-Boils_Wolverton-750x375.gif

181 KB
182 KB

107ms
106ms

Image
image/gif

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/Plague-of-Boils_Wolverton-750x375.gif
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6354dd4a2f8aa04f1037600e7db0210f3f01d805a566277192ff338453350abd

Request headers

:path: /wp-content/uploads/2020/05/Plague-of-Boils_Wolverton-750x375.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:02 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 185178
cf-request-id: 0a01e81e5d00002b950e974000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Fri, 15 May 2020 16:21:46 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ebec19a-2d35a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=igRAh%2B%2F6wouGFx21nTmejXJmFqEd9JM2EcBRSydGbFnaNAxsx%2Fu6Gt%2BMGGVVP6X%2BU8yS31CnGRjDzSIed93RmFSGsIc1CEPnJEgF3BFpgLNbAD55%2FIkIj19G"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342dd6a3e2b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:02 GMT
cdn-edgestorageid: 565, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:02
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/Plague-of-Boils_Wolverton-750x375.gif
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 82f2b766e87db8d63161f999e2ff5743
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

Politics-is-Fifth-750x375.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/Politics-is-Fifth-750x375.jpg
https://garydemar.com/wp-content/uploads/2020/05/Politics-is-Fifth-750x375.jpg

43 KB
44 KB

133ms
133ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/Politics-is-Fifth-750x375.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a424af928b4f4864f58253695e33ae5d7e0235ab96dcb7b62b8f3d078f5c8aaf

Request headers

:path: /wp-content/uploads/2020/05/Politics-is-Fifth-750x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:02 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43912
cf-request-id: 0a01e81efd00002b9522273000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Fri, 15 May 2020 16:13:44 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ebebfb8-ab88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iB%2B8mUkUEE%2BucweLHkbSSpSZxph0Nt3CRMQwThI1YsRIt85PT9O3vxBrvOdmjxu8jeXpp9AW31%2B1vGn%2FXvSZDuhluzfZPLk7Aho09aVeHAfRpip7gp9QznH%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342de6cdb2b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:02 GMT
cdn-edgestorageid: 632, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:02
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/Politics-is-Fifth-750x375.jpg
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 85414b09e06ec1dec15e9bf705ee4839
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

Pelosibreakfast-750x375.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/Pelosibreakfast-750x375.jpg
https://garydemar.com/wp-content/uploads/2020/05/Pelosibreakfast-750x375.jpg

25 KB
26 KB

149ms
148ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/Pelosibreakfast-750x375.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67044fedfbf69bdbc4c2f88af9f680e7a5a5f3dce4cd80182d40d46c838bbc5e

Request headers

:path: /wp-content/uploads/2020/05/Pelosibreakfast-750x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:03 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25882
cf-request-id: 0a01e820b900002b951621d000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Fri, 15 May 2020 16:10:09 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ebebee1-651a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6tbZwQwoNwZIZq6VR5eKe26k%2BhB9UsKHWyAoedLopsaMUtTgXQe2xSVpuj8EwmEpDrBwUqgBxMbUBwLtWQWqUBHLz1hDZSAo3%2BC3PG0xy6zqfYqFoYdGNLdi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342e12be22b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:02 GMT
cdn-edgestorageid: 601, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:02
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/Pelosibreakfast-750x375.jpg
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 220d8ccf955a058552f1845c00f789e9
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

plagues_02-750x375.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/plagues_02-750x375.jpg
https://garydemar.com/wp-content/uploads/2020/05/plagues_02-750x375.jpg

113 KB
113 KB

151ms
149ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/plagues_02-750x375.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd0d263746668da857f6d38b5ffc517b25e793e566d7bccdbbcf68199a94a442

Request headers

:path: /wp-content/uploads/2020/05/plagues_02-750x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:03 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115392
cf-request-id: 0a01e820ea00002b951716e000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Fri, 15 May 2020 16:04:27 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ebebd8b-1c2c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yIN4BiV8B96x8XvfaQbtPXb8UU5ptlN2M1t8ChwPR66NuyST3xI4L6ruX0WFF8ijRF4gZtp48GxZL%2BuNGGUHA8soa%2F%2BH7DoufqWdXkF1ISl7FVwKueOnpD1a"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342e17c9c2b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:02 GMT
cdn-edgestorageid: 632, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:02
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/plagues_02-750x375.jpg
content-type: text/html; charset=UTF-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 60337bd686ded5d879f05d4c0d58dc2d
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

Destruction-of-Jerusalem_eating-Children-750x375.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/Destruction-of-Jerusalem_eating-Children-750x375.jpg
https://garydemar.com/wp-content/uploads/2020/05/Destruction-of-Jerusalem_eating-Children-750x375.jpg

82 KB
83 KB

154ms
153ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/Destruction-of-Jerusalem_eating-Children-750x375.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48cf36689a4269e3c78869790c2f1806aad02d895fba6e3fb7121d02baf57936

Request headers

:path: /wp-content/uploads/2020/05/Destruction-of-Jerusalem_eating-Children-750x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:03 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83974
cf-request-id: 0a01e820e200002b951716d000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Thu, 07 May 2020 17:55:23 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5eb44b8b-14806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4s6MHktjnApdwcJYMDjjsXL0SKHZMLIOIYuKOr8r%2Br8GRP%2Bhr%2BYqKgX21syX8L2KRgVUcsxncpNIqjMlVj56UFPSeVesWywmmrGGqSgilkV9zVtcy1pYenKI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342e16c7a2b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:02 GMT
cdn-edgestorageid: 565, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:02
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/Destruction-of-Jerusalem_eating-Children-750x375.jpg
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 14b729257fca6cfc8350c72afc65be12
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

Kent-state_Mary-Ann-Vecchio-750x375.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/Kent-state_Mary-Ann-Vecchio-750x375.jpg
https://garydemar.com/wp-content/uploads/2020/05/Kent-state_Mary-Ann-Vecchio-750x375.jpg

48 KB
48 KB

138ms
137ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/Kent-state_Mary-Ann-Vecchio-750x375.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b604853c50b56960ebcbf80c785138414ccdbf21d8e8ed60d1971ce85f4c6aac

Request headers

:path: /wp-content/uploads/2020/05/Kent-state_Mary-Ann-Vecchio-750x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:03 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48663
cf-request-id: 0a01e820e200002b955fb9c000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Thu, 07 May 2020 17:38:56 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5eb447b0-be17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YBErnAKCypQIl5yhkW9gjVEDoHaYqCcRgHZlwHPGBqp5K14kv7P%2BKqW%2Fnzk7mnI1gcFSId%2FuG51CLtDsrVqaiPIcu76oCDTTp95pwgFPPAyTPhPzlr0sUsdi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342e16c7d2b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:02 GMT
cdn-edgestorageid: 723, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:02
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/Kent-state_Mary-Ann-Vecchio-750x375.jpg
content-type: text/html; charset=UTF-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 8e15631006dcc6f2dffbf654e96fcc04
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

Destruction-of-Jerusalem_Bowyer-Bible-750x375.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/Destruction-of-Jerusalem_Bowyer-Bible-750x375.jpg
https://garydemar.com/wp-content/uploads/2020/05/Destruction-of-Jerusalem_Bowyer-Bible-750x375.jpg

84 KB
85 KB

119ms
112ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/Destruction-of-Jerusalem_Bowyer-Bible-750x375.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f77e60b8bfbfe331723e483e3d88ee51c699e2e89e76b180fb27e228208dc110

Request headers

:path: /wp-content/uploads/2020/05/Destruction-of-Jerusalem_Bowyer-Bible-750x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:03 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 86108
cf-request-id: 0a01e820e900002b95591ee000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Thu, 07 May 2020 17:30:09 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5eb445a1-1505c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DU4rhBI1%2B1ym%2F2%2FvaAyr17iAcZGoAJD9VqHhRpBfFE2axlGo3zcZLpZaZdL%2FEAqZiuP%2BhS%2FPIGEU3Lhh8bMGk0L3H52LSOVaHL7oEfa6dk3MIWCwgcRQN5Xt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342e17c8e2b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:02 GMT
cdn-edgestorageid: 632, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:02
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/Destruction-of-Jerusalem_Bowyer-Bible-750x375.jpg
content-type: text/html; charset=UTF-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 264c7fbf2f0fcf7bc8f87c7c37503412
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.5.3/ 17 KB
7 KB 136ms
13ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.5.3/webfont.js

Requested by

Host: garydemar.com
URL: https://garydemar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36ef095d011c4ced97b0acef551ca36d76b95299518595dc1acab792a2344601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 08:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183050
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6791
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 May 2022 08:30:12 GMT

GET
H3-29

200

envy_Green-eyes-750x375.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/envy_Green-eyes-750x375.jpg
https://garydemar.com/wp-content/uploads/2020/05/envy_Green-eyes-750x375.jpg

38 KB
38 KB

122ms
114ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/envy_Green-eyes-750x375.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75160d515423e74b50363e75b641edf65987ffd1dc6f3c4b45b5ea820b2efcd5

Request headers

:path: /wp-content/uploads/2020/05/envy_Green-eyes-750x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:03 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38665
cf-request-id: 0a01e820e800002b951e804000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Thu, 07 May 2020 17:22:02 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5eb443ba-9709"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OEOpltfnmjzVKFAYKJ6fkZ4gS0hxsQ3d9l%2B5SMyzdQgmExsRX%2F89hFNtKBu3uIqZXMYVctGM8%2Bae%2BvUM25OO8UOhRuv2MfTBhwoGQDD3TL%2BsF00tiLaKXrYJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342e17c932b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:02 GMT
cdn-edgestorageid: 722, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:02
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/envy_Green-eyes-750x375.jpg
content-type: text/html; charset=UTF-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 2ccad02faa3a4e0e083fb21dd83a50f8
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

Joe-Biden_02-750x375.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/Joe-Biden_02-750x375.jpg
https://garydemar.com/wp-content/uploads/2020/05/Joe-Biden_02-750x375.jpg

29 KB
30 KB

118ms
116ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/Joe-Biden_02-750x375.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23435b99b6465d8a941cc7c2109cbe3c84ebb208a4a018b2c5e865318e833c03

Request headers

:path: /wp-content/uploads/2020/05/Joe-Biden_02-750x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:03 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29931
cf-request-id: 0a01e820ea00002b95550be000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Thu, 07 May 2020 17:17:33 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5eb442ad-74eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s%2B7wWJMHPHyQ2SaP9QpeHR4ipZPcYgtL5RFIfgX%2FK9iU3RmfuxfYN6XxWaHtCM71p6YMpRTagMjSdybK05nzyXJtjrHRrIK0F0hkLd3Jvd0HqVhYURIRuL0X"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342e17c972b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:02 GMT
cdn-edgestorageid: 722, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:02
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/Joe-Biden_02-750x375.jpg
content-type: text/html; charset=UTF-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 54006be4ec0e9d6cb4c1178284ca20f5
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

Hiding-Money-750x375.jpg
garydemar.com/wp-content/uploads/2020/04/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/04/Hiding-Money-750x375.jpg
https://garydemar.com/wp-content/uploads/2020/04/Hiding-Money-750x375.jpg

81 KB
82 KB

143ms
141ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/04/Hiding-Money-750x375.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1571e6d6e844b8aa56c9ad0f9b08b208f1d6e72573309fbec640a336619232b0

Request headers

:path: /wp-content/uploads/2020/04/Hiding-Money-750x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:03 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83099
cf-request-id: 0a01e820ea00002b951a93c000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Thu, 30 Apr 2020 17:44:47 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5eab0e8f-1449b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mqdv43jcuyaWx4MytmIZXiIKFrtgFzH%2FjlA9g8jdzCbAISt9b4DNmLbPrj6OHaGbf0pKKnSvAQaEIilr1Ca7jsuo7FnBRAyW6qWuzhGcU37AxvLAun%2BSQ7o7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342e17c9b2b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:02 GMT
cdn-edgestorageid: 632, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:02
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/04/Hiding-Money-750x375.jpg
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: ceb7893373603d27b24bf41b6f744ab3
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

Persia-750x375.jpg
garydemar.com/wp-content/uploads/2020/04/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/04/Persia-750x375.jpg
https://garydemar.com/wp-content/uploads/2020/04/Persia-750x375.jpg

83 KB
84 KB

116ms
107ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/04/Persia-750x375.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ec7e92c2c8f7d12edcb6a56c255bd2fcf48e2557b81e4fe93af6e4da4ba163c

Request headers

:path: /wp-content/uploads/2020/04/Persia-750x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:03 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85180
cf-request-id: 0a01e820f100002b9565318000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Wed, 29 Apr 2020 14:26:27 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ea98e93-14cbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mEiiwmSMOeD%2FKt9I9SmNuTyTRNYx7BeLlw4pe73EhkOvmarxEwVvJ44eDy3AOW5LWOIboXZITETVxXV%2Bfjdf1yiC0Ja7VyEOt%2BeWmGNiUuoG1YDY5HyI9rhF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342e18cb52b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:02 GMT
cdn-edgestorageid: 632, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:02
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/04/Persia-750x375.jpg
content-type: text/html; charset=UTF-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: eb744c4431299271e6983122e8efdea9
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

Rapture_04-750x375.jpg
garydemar.com/wp-content/uploads/2020/04/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/04/Rapture_04-750x375.jpg
https://garydemar.com/wp-content/uploads/2020/04/Rapture_04-750x375.jpg

55 KB
55 KB

135ms
128ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/04/Rapture_04-750x375.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd8a91337109acebe6f9a4e6e283bd2f420c2cd06283e86e98a8202a3b14a551

Request headers

:path: /wp-content/uploads/2020/04/Rapture_04-750x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:03 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56076
cf-request-id: 0a01e820e700002b9566360000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Wed, 29 Apr 2020 15:54:27 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ea9a333-db0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2OJtcsxouNYWYJN17iMoZPFigT8kZlyJIXSm%2BsEwaXW8EVjyEE%2BBW6o%2Ber1K0o4GcPLbjcsRvZeYLAjw%2BvG%2BV2MqfOxFX3gl3SrB37LFfbB45rTlZAFRZvOw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342e17c912b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:02 GMT
cdn-edgestorageid: 723, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:02
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/04/Rapture_04-750x375.jpg
content-type: text/html; charset=UTF-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 9ddaf52eef9ba94d4366da5ba19d1545
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

AV_Logo_detail-360x240.jpg
garydemar.com/wp-content/uploads/2020/10/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_360,h_240/https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-360x240.jpg
https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-360x240.jpg

14 KB
15 KB

16ms
14ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-360x240.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f26181f12bdb0b9ab6c196e5143a8d5674358e8c78d6c286f272908af91cceca

Request headers

:path: /wp-content/uploads/2020/10/AV_Logo_detail-360x240.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:02 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 92018
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14256
cf-request-id: 0a01e820ea00002b9524077000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Thu, 22 Oct 2020 15:35:07 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5f91a6ab-37b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aRREeo2rebs2E2LXJDnmmOO5crC%2FvYLWppCOmjghpgstnpjDyInZOCNmsM8Uw9jyswyyRt78e%2FTLjpE3nWQg9cB91s3FTeoDj8ct2ZMTAl8A1uoMyDY7Mo17"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342e17c9a2b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:02 GMT
cdn-edgestorageid: 565, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:02
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-360x240.jpg
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: a88c3ee73df8d3eaa471ee4aaac1074b
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

communist_party-360x240.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_360,h_240/https://garydemar.com/wp-content/uploads/2020/05/communist_party-360x240.jpg
https://garydemar.com/wp-content/uploads/2020/05/communist_party-360x240.jpg

17 KB
17 KB

96ms
87ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/communist_party-360x240.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88284a33d8bd2082f11b26b058a1ec0c8479b03e2eff4ff3148aff2ad3311295

Request headers

:path: /wp-content/uploads/2020/05/communist_party-360x240.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:02 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 92018
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17177
cf-request-id: 0a01e820f200002b9585218000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Thu, 21 May 2020 11:11:49 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ec661f5-4319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6emgE0qSJXklcJaDiZ7zaHDjgEoRaC9xKliBmzxeUbTUvUduwLGTBoAY0iMsH5fDIg%2FPPfvmBWEu1cP%2FXVMTro57mVnUGnfFpH8%2FFhlx4YJ2t5p7lWaJpwcy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342e18cc32b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:02 GMT
cdn-edgestorageid: 632, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:02
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/communist_party-360x240.jpg
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 859ef3d357f1055cd9f2cbb9da75641b
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

Old-Testament-Covenants-360x240.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_360,h_240/https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-360x240.jpg
https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-360x240.jpg

22 KB
22 KB

76ms
66ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-360x240.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5105235ba569aa63ba67b813f40f836f2b553b964bff365dd10d2941b579144f

Request headers

:path: /wp-content/uploads/2020/05/Old-Testament-Covenants-360x240.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:02 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 1530967
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22199
cf-request-id: 0a01e820f200002b9539872000000001
x-fw-type: VISIT
pragma: public
last-modified: Thu, 21 May 2020 11:17:36 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ec66350-56b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zOm6ok9uPmql6qFHgIxraxNhAzWuqNv%2FyAOrHo%2Bl%2BzkoUvb09umwJQL16SVVPMddyk4y7INqiM6t8POkTvTr7W9fH5tYCX4Nxd8OutNq0Eku%2BhlnrQPsJ1Vk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342e18cc02b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:02 GMT
cdn-edgestorageid: 565, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:02
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-360x240.jpg
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: f3002f5a4bfa85960c93017f055f63f6
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

monkeys-and-typewriters-360x240.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_360,h_240/https://garydemar.com/wp-content/uploads/2020/05/monkeys-and-typewriters-360x240.jpg
https://garydemar.com/wp-content/uploads/2020/05/monkeys-and-typewriters-360x240.jpg

21 KB
21 KB

26ms
16ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/monkeys-and-typewriters-360x240.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dedea14dfb1c6b9fa41b0524b7d80456fd8ced66279c40b86a97382fe1c88d8

Request headers

:path: /wp-content/uploads/2020/05/monkeys-and-typewriters-360x240.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:02 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 1530967
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21014
cf-request-id: 0a01e820f200002b9566363000000001
x-fw-type: VISIT
pragma: public
last-modified: Thu, 21 May 2020 11:30:59 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ec66673-5216"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ulKT5bAIbQj5WkRGkeAxC3ZZxqxTFRsb6rpNV2owUMG3YMNUckyFdcuSLD07dtBTBbMsfXmQ0s6d1uXWT6iAcGyom%2FNue6XEegLvE%2Bb%2FWkyPM%2Bp3VW6z2F%2Ft"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342e18cba2b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:02 GMT
cdn-edgestorageid: 601, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:02
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/monkeys-and-typewriters-360x240.jpg
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 31cc68f16474c4766b058f3f6493cac1
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

Law-Commandments-360x240.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_360,h_240/https://garydemar.com/wp-content/uploads/2020/05/Law-Commandments-360x240.jpg
https://garydemar.com/wp-content/uploads/2020/05/Law-Commandments-360x240.jpg

24 KB
24 KB

26ms
16ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/Law-Commandments-360x240.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b39a45a7512a7d7e081f144316ea20696f43d25c6c96e1799f04d9b775c7c5df

Request headers

:path: /wp-content/uploads/2020/05/Law-Commandments-360x240.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:02 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 92017
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24099
cf-request-id: 0a01e820f200002b953e347000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Thu, 21 May 2020 11:36:11 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ec667ab-5e23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1XHTvZ%2FJxdnccus5VrH7M2hd5gItPJ%2B6FIGnv5u7aRKSRV8w3jJDDfsZEog6f5JmVakDVoTQTVWKiPZB1O3C7M4RzZnQPd8FujHMp0gUui5C3138jLXjPOPH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342e18cbe2b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:02 GMT
cdn-edgestorageid: 632, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:02
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/Law-Commandments-360x240.jpg
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: db2de9b72e73979fcc470d5244dfd890
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

Arch-Duke-Assassinagtion-360x240.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_360,h_240/https://garydemar.com/wp-content/uploads/2020/05/Arch-Duke-Assassinagtion-360x240.jpg
https://garydemar.com/wp-content/uploads/2020/05/Arch-Duke-Assassinagtion-360x240.jpg

24 KB
25 KB

53ms
44ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/Arch-Duke-Assassinagtion-360x240.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3413479075f6a95ecbec39fa21e03c4fb141a7bb92a73e42530ed598541216ed

Request headers

:path: /wp-content/uploads/2020/05/Arch-Duke-Assassinagtion-360x240.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:02 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 92017
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24901
cf-request-id: 0a01e820f400002b958c9cc000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Fri, 15 May 2020 16:17:49 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ebec0ad-6145"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a8ilZDZzwCpgw6f32fGfomZ%2B5QYVVc6cVowaharrYAgzmgA1Kj9Z4y4Z%2FdyKezptKTeHa%2ByVYrSYVdBAE1U8%2FL753txqFgwckcFhtLoKUgN2rPPtwk52BgCo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342e18cbd2b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:02 GMT
cdn-edgestorageid: 601, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:02
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/Arch-Duke-Assassinagtion-360x240.jpg
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 826fc048473e543820911b7e1a210566
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

Plague-of-Boils_Wolverton-360x240.gif
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_360,h_240/https://garydemar.com/wp-content/uploads/2020/05/Plague-of-Boils_Wolverton-360x240.gif
https://garydemar.com/wp-content/uploads/2020/05/Plague-of-Boils_Wolverton-360x240.gif

61 KB
61 KB

82ms
73ms

Image
image/gif

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/Plague-of-Boils_Wolverton-360x240.gif
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96dad9d3ef0ae246c68dec8db7628ff73f3fd5efeec6af7b82f418966b309055

Request headers

:path: /wp-content/uploads/2020/05/Plague-of-Boils_Wolverton-360x240.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:02 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 92017
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62029
cf-request-id: 0a01e820f300002b950f81b000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Fri, 15 May 2020 16:21:46 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ebec19a-f24d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4p0pDTfUWYqmiqJTUK0GhEEBFHbmmvpInKtRlSLFT%2FH4vl5LT1HpuX53vb2c0Z9f0vx9RrnnmU%2BEyAwocIYuNDYpKflcKUK3A%2BD9Q3OtzWCrbYvYe7B7KIBb"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342e18cc42b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:02 GMT
cdn-edgestorageid: 601, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:02
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/Plague-of-Boils_Wolverton-360x240.gif
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 1c625246ada940672c96071ffbca6d18
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29 200 lazysizes.min.js Show response
garydemar.com/wp-content/plugins/autoptimize/classes/external/js/ 10 KB
4 KB 31ms
14ms Script
application/javascript 2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garydemar.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.8.3
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

:path: /wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.8.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:02 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
age: 1530967
x-fw-server: Flywheel/4.1.0
x-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a01e81f8000002b95738b2000000001
x-fw-type: VISIT
pragma: public
last-modified: Mon, 12 Apr 2021 20:14:51 GMT
server: cloudflare
etag: W/"6074aa3b-2655"
x-fw-hash: jq5toxmr2e
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LjkPEjUyQwjBQ2dKPawe2YuD6%2FvjLRhdWzb28%2B3Wd83xYoJW1AW5l59tbwp3ZzCQ3NUgoABF5K4JY9rGWaqaD6yC%2F8Q4btUi1ZENpg7LdBy4mk0QSqswKswr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-fw-serve: TRUE
cache-control: max-age=2592000, public
cf-ray: 64e342df3ebb2b95-FRA

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 143ms
25ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1fdc83f40b6872fbf82ad027168954ccaa7eee12c7e6fcbe52e26c36bf915de

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:02 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 2373
etag: W/"5404400d01d5519bc4a10316e7ed5c9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 64e342dfdf104e9d-FRA
cf-request-id: 0a01e81fe900004e9d4fb44000000001
expires: Sat, 15 May 2021 11:21:02 GMT

GET
H3-29 200 autoptimize_809473d910a62616da3bf3fc7eb7bb66.js Show response
garydemar.com/wp-content/cache/autoptimize/js/ 268 KB
72 KB 70ms
54ms Script
application/javascript 2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garydemar.com/wp-content/cache/autoptimize/js/autoptimize_809473d910a62616da3bf3fc7eb7bb66.js
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9becf42e2e81d5b28342234e217a77744fe5326b2aa3bf71e0acdc7d30504860

Request headers

:path: /wp-content/cache/autoptimize/js/autoptimize_809473d910a62616da3bf3fc7eb7bb66.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:02 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: YES
age: 1099004
cf-polished: origSize=274074
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a01e81f8000002b95863be000000001
x-fw-type: VISIT
pragma: public
last-modified: Fri, 11 Dec 2020 16:55:22 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: W/"5fd3a47a-42e9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8OMvIpsSzwgBXJl6E9GUjADqx3Xas%2FoM1DOGXMO%2FfohPIJc3GEkknkooDS%2FDlQ8Qfo2Fd2DuAAw0Uj3NUo%2FY4xnF%2BdGa8FT8a2FFLajTZSQURa715nLRl4So"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-fw-serve: TRUE
cache-control: max-age=2592000, public
cf-ray: 64e342df3ebd2b95-FRA
cf-bgj: minify

GET
H3-29 200 wp-emoji-release.min.js Show response
garydemar.com/wp-includes/js/ 14 KB
5 KB 132ms
116ms Script
application/javascript 2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garydemar.com/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:02 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a01e81f8000002b954a06a000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Thu, 04 Jun 2020 15:53:39 GMT
server: cloudflare
etag: W/"5ed91903-364d"
x-fw-hash: jq5toxmr2e
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VJCLVR6dCzlpnZ5yJA33qkLczTAQxT%2FDvBF2sxDTi5%2F8u6NQe87I0nhGxkoqnNG4wfW94IL9wOjoYBtUAin0ewshtkT3sVc14kJ1mKIMX1PRz26bNBou%2FntA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-fw-serve: TRUE
cache-control: max-age=2592000, public
cf-ray: 64e342df3ebf2b95-FRA

GET
H2 200 infinity.js.aspx Show response
cdn.engine.4dsply.com/Scripts/ 179 KB
63 KB 412ms
295ms Script
application/x-javascript 2606:4700::6810:9f11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=6b9c0c75-25eb-4f3b-b651-f6564bc7bf88
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 18bb4fec8965c65d0237e3af2565487f00e09515c8c0a526b11c9252831e1ad1

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:02 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
cache-control: public, no-transform, max-age=900
cf-ray: 64e342dfdfa34ed3-FRA
content-type: application/x-javascript; charset=utf-8
cf-request-id: 0a01e81fe500004ed3a50b3000000001

GET
H2 200 kpqEFU9bQ_bhJZ241RTU9NDIOgy4mjzzIIxEarkB20uT3Uw-KDss6B78PUtIxWt6MuBiA Show response
fadedsnow.com/v2/0/ 103 KB
30 KB 325ms
208ms Script
text/javascript 35.201.96.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fadedsnow.com/v2/0/kpqEFU9bQ_bhJZ241RTU9NDIOgy4mjzzIIxEarkB20uT3Uw-KDss6B78PUtIxWt6MuBiA

Requested by

Host: garydemar.com
URL: https://garydemar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.96.201.35.bc.googleusercontent.com

Software

Resource Hash

64981bd7dfc71ef43b4b6f829d146713e6a6855ff4247e74522b07b6401b8c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "cb1c57d3294cfa6c4425cb8f5909bd81ac054582d3beec0dbe78ccdd8e79bb99"
vary: Accept-Encoding, Accept-Language
x-hostname: e604810c
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Wed, 12 May 2021 11:21:02 GMT
timing-allow-origin: *

GET
H3-29 200 black-noise2.png
garydemar.com/wp-content/uploads/2018/08/ 10 KB
11 KB 124ms
115ms Image
image/png 2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2018/08/black-noise2.png
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cf13cc5e4cab72e0f30b8a796b8218c3de78014a0600b33633ddd42a21e83e4

Request headers

:path: /wp-content/uploads/2018/08/black-noise2.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:02 GMT
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10289
cf-request-id: 0a01e81f8100002b953002b000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Fri, 12 Apr 2019 05:44:28 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5cb025bc-2831"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DG4dMboZAMEw4PTdsMaTkVvylrmTxCTDxjaRj7mtYGxmwUo2OS6qi04V0puNOta3qIACHrr8XCHutcz93UPWssURDd8LFfXg%2BdENnCqqirQemHZPuIG0lHuQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342df3ec32b95-FRA

GET
H3-29 200 zocial.woff
garydemar.com/wp-content/themes/blackmag/components/font-icons/social-icons/font/ 31 KB
31 KB 87ms
82ms Font
application/font-woff 2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garydemar.com/wp-content/themes/blackmag/components/font-icons/social-icons/font/zocial.woff?97035448
Requested by: Host: garydemar.com
URL: https://garydemar.com/wp-content/cache/autoptimize/css/autoptimize_a742a3d8587352743c2a9536ce03c41d.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e74e6bd909fa4325c9b3370137a052f582a054e190069a0a03a5794067e24195

Request headers

:path: /wp-content/themes/blackmag/components/font-icons/social-icons/font/zocial.woff?97035448
pragma: no-cache
origin: https://garydemar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: garydemar.com
referer: https://garydemar.com/wp-content/cache/autoptimize/css/autoptimize_a742a3d8587352743c2a9536ce03c41d.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://garydemar.com
Referer: https://garydemar.com/wp-content/cache/autoptimize/css/autoptimize_a742a3d8587352743c2a9536ce03c41d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:02 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: NO:Not Cacheable
age: 1106914
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a01e81f8a00002b9539850000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Fri, 12 Apr 2019 05:52:28 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: W/"5cb0279c-7ab4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PruKAE04JgZozLDnK8N9HAOvpWsWhfL5gYrOb8q058rjPZcRAaq7EEdJxVjINmNCn7bnoFTUOioOM0tvoHisbOpM7IxLKdD5YFkhrmMTt29GhK%2BMhGpG2V%2Fl"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: max-age=2592000, public
cf-ray: 64e342df4ee42b95-FRA

GET
H3-29 200 iconic.woff
garydemar.com/wp-content/themes/blackmag/components/font-icons/iconic/font/ 19 KB
19 KB 47ms
43ms Font
application/font-woff 2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garydemar.com/wp-content/themes/blackmag/components/font-icons/iconic/font/iconic.woff?72572299
Requested by: Host: garydemar.com
URL: https://garydemar.com/wp-content/cache/autoptimize/css/autoptimize_a742a3d8587352743c2a9536ce03c41d.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca746d0adf4fcbc08ce25a05bd87ce39f35b71ff02fe3cdb9d445d5d15399ec

Request headers

:path: /wp-content/themes/blackmag/components/font-icons/iconic/font/iconic.woff?72572299
pragma: no-cache
origin: https://garydemar.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: garydemar.com
referer: https://garydemar.com/wp-content/cache/autoptimize/css/autoptimize_a742a3d8587352743c2a9536ce03c41d.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://garydemar.com
Referer: https://garydemar.com/wp-content/cache/autoptimize/css/autoptimize_a742a3d8587352743c2a9536ce03c41d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:02 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: YES
age: 323000
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a01e81f8a00002b9562813000000001
x-fw-type: VISIT
pragma: public
last-modified: Fri, 12 Apr 2019 05:52:28 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: W/"5cb0279c-4a10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AZzmKgul7znqLWPmcG0DCLQlSIkg8Z%2BL6xkfy9%2FObs%2B0VU%2B7dyZ1PgnVX4pyu1sYpAr92%2BEvdPqobhRLuysnCW7ZjX3LUbYURFhd9NGOYHMXay5Dyw8sHQQx"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: max-age=2592000, public
cf-ray: 64e342df4ee72b95-FRA

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 213 KB
63 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e6a4ac6d05e208dc904eb372b01d2840&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ebc99b37ecdf7baeb7335087114e2889cfd08d08ff6f258884d5fc96b73f8ba9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://garydemar.com
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xxLZnF9NMsyKQZxoUUTv9Q==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 64554
x-fb-rlafr: 0
x-fb-debug: Ii5TvVRfWjXP0+INPd85Z8YJPglRUzsn3bq7WApXe26CW7FxHsWUZw+f2zL7bumswUKaWB70+H6RQlOpu4OMeA==
x-fb-content-md5: 2ef4b5bd9c3e1a6e500dbcc6ff195371
x-frame-options: DENY
date: Wed, 12 May 2021 11:21:02 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "8dd25df200e7ccb8e9b3bbf9c3d76e96"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 12 May 2022 10:51:28 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
49 KB 56ms
26ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: garydemar.com
URL: https://garydemar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0c59bd2eacde11afe8a1f60e32086839e62d5e63bc2346ae86cc4bc52bef074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49908
x-xss-protection: 0
server: cafe
etag: 13815580874420029976
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 12 May 2021 11:21:03 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
589 B 66ms
30ms Script
application/javascript 2606:4700:3035::6815:40f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:40f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 33862
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9
cf-request-id: 0a01e8222d00004e327bb4f000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BzyJTXcGjkMKz5u1sg4Sn162oDFNzqETqhBKIpyFWKO5jjznAV6Qo3uSOEsP2AOosQGPU2h2xgbEkP%2B9FU3MSod0PvZG2HVjgQ0dZEtMyud1XvukcoRs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 64e342e37fbc4e32-FRA

GET
H2 200 adcode.png
rddywd.com/ 43 B
641 B 111ms
75ms Image
image/gif 2606:4700:3035::6815:40f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:40f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Origin: https://garydemar.com
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:03 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
cf-request-id: 0a01e8222e00001f1dd6b14000000001
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ppSEBtfamThcNWC7BToLV3DCLrLL%2FKMZ0jlhGjdJSpfqaFab0d%2BuLllZdwVkAQgIONcM9HzPimjnK4DghMtW1cOhnFl%2Fnwc9jx5f8wEqpegnY7yb42%2BM"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 64e342e37dc71f1d-FRA

GET
H2 204 generate_204
www.googleapis.com/ 0
182 B 49ms
5ms Image
text/plain 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:03 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/avif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ddf6fdea6eecbb145efbdc4a2f1c02d181a8a8a8c55044a915ba8ee109b6067b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/avif

GET
H3-29 200 essb-core.min.js Show response
garydemar.com/wp-content/plugins/easy-social-share-buttons3/assets/js/ 50 KB
12 KB 45ms
35ms Script
application/javascript 2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garydemar.com/wp-content/plugins/easy-social-share-buttons3/assets/js/essb-core.min.js
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 842d5819ddd0f7a81a34655b7241cdecb56e3ee4773bbe2d4527aa2635205ffd

Request headers

:path: /wp-content/plugins/easy-social-share-buttons3/assets/js/essb-core.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
age: 1239751
x-fw-server: Flywheel/4.1.0
x-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a01e8221500002b953988a000000001
x-fw-type: VISIT
pragma: public
last-modified: Wed, 14 Oct 2020 21:26:50 GMT
server: cloudflare
etag: W/"5f876d1a-c961"
x-fw-hash: jq5toxmr2e
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xC%2FL06IVNNuCnG57WYyFaOY1B%2FVkd%2FlN41bCVtpFr6kSt8CEvvib%2FIMOVnE3lZ%2BXpv%2BrtnusfZH4x9vTl5Oq%2BmFDNL2NjPLW7Atu7uHzbja0M%2BUA1f1YL9yk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-fw-serve: TRUE
cache-control: max-age=2592000, public
cf-ray: 64e342e3592f2b95-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: garydemar.com
URL: https://garydemar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3251
date: Wed, 12 May 2021 10:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 12 May 2021 12:26:52 GMT

GET
H2 200 tag-v2.min.js Show response
cdn.tpdads.com/ 56 KB
15 KB 77ms
28ms Script
application/x-javascript 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tpdads.com/tag-v2.min.js
Requested by: Host: s.206ads.com
URL: https://s.206ads.com/configs/garydemar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c03fd80ef0dc2fc2a77ddf8b724aaa8ba231df775bb9ca33ad4f5801e5c5bbdd

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:03 GMT
content-encoding: gzip
last-modified: Fri, 30 Apr 2021 18:29:45 GMT
server: AkamaiNetStorage
etag: "b0c83dd616c309a7c09991fb6f714c73:1619807385.137782"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=886
server-timing: cdn-cache; desc=HIT, edge; dur=13
accept-ranges: bytes
content-length: 14767
expires: Wed, 12 May 2021 11:35:49 GMT

GET
H2 200 garydemar.com.js Show response
cdn.tpdads.com/publisher-data/ 250 KB
76 KB 411ms
362ms Script
application/x-javascript 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Requested by: Host: s.206ads.com
URL: https://s.206ads.com/configs/garydemar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a8595386c4e441f270dbe75b781383093d2152f918e7d2d3a47f15a1d8cb5a49

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:03 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 21:28:36 GMT
server: AkamaiNetStorage
etag: "cee0c2f3aa58e972a8cf8d0c28e28e44:1616621316.045908"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=854
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=249, origin; dur=94
accept-ranges: bytes
content-length: 77602
expires: Wed, 12 May 2021 11:35:17 GMT

GET
H3-29 200 pubads_impl_2021050601.js Show response
securepubads.g.doubleclick.net/gpt/ 303 KB
107 KB 30ms
14ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js?31061037

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

9eb83620a305b5cfbd47a770dd1f649d9ae99d34becf19308f9cc75106d1b5b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 08:40:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109330
x-xss-protection: 0
expires: Wed, 12 May 2021 11:21:03 GMT

GET
H2 200 impl.20210506-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 483 KB
111 KB 10ms
7ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thepublisherdesk-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 8add9975d90befa00fd949bddf38c8fbde9e000837058684bd26366e71b3ddfb

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 41boWY3bJBMsg5YZKthz6VWW_ra1A1Nu
content-encoding: br
etag: "6d4c8a6b6f8d35505c6e01c7fb07f642"
age: 9800
x-cache: HIT
content-length: 113273
x-amz-id-2: GGarzP9HAhys+mMuf3xwncpaqKJ1Z9IIJXtkA4pVY0E3aprzmp496+ELBnRPwJ55krbxqNYlNF8=
x-served-by: cache-fra19133-FRA
last-modified: Thu, 06 May 2021 08:25:51 GMT
server: AmazonS3-br
x-timer: S1620818464.746903,VS0,VE0
date: Wed, 12 May 2021 11:21:03 GMT
vary: Accept-Encoding
x-amz-request-id: S3X3TT536SHP7QTD
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 33
x-cache-hits: 24924

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=22315475&ns__t=1620818463756&ns_c=UTF-8&cv=3.5&c8=Gary%20DeMar&c7=https%3A%2F%2Fgarydemar.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=22315475&ns__t=1620818463756&ns_c=UTF-8&cv=3.5&c8=Gary%20DeMar&c7=https%3A%2F%2Fgarydemar.com%2F&c9=

64 B
331 B

21ms
21ms

Image
image/gif

13.224.95.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=22315475&ns__t=1620818463756&ns_c=UTF-8&cv=3.5&c8=Gary%20DeMar&c7=https%3A%2F%2Fgarydemar.com%2F&c9=
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-70.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:04 GMT
via: 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: ej7X0hW9nwlqiJNLj1lelrnJrwTuvO95GRA8XNvNbJrWDhJ1zEQJXA==

Redirect headers

date: Wed, 12 May 2021 11:21:03 GMT
via: 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=22315475&ns__t=1620818463756&ns_c=UTF-8&cv=3.5&c8=Gary%20DeMar&c7=https%3A%2F%2Fgarydemar.com%2F&c9=
content-length: 166
x-amz-cf-id: TWTTiur_qRqdQEVxAF2WGVKByzakTQCXy88qfvyG3j_pqFg8iC6GVQ==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1620818463757&ns_c=UTF-8&cv=3.5&c8=Gary%20DeMar&c7=https%3A%2F%2Fgarydemar.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1620818463757&ns_c=UTF-8&cv=3.5&c8=Gary%20DeMar&c7=https%3A%2F%2Fgarydemar.com%2F&c9=

64 B
329 B

32ms
31ms

Image
image/gif

13.224.95.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1620818463757&ns_c=UTF-8&cv=3.5&c8=Gary%20DeMar&c7=https%3A%2F%2Fgarydemar.com%2F&c9=
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-70.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:04 GMT
via: 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: kQKt2jhgq2jrdP5wmqH8ll_f2n3514nkBQ8J77dPKTpe5OX18T8eNA==

Redirect headers

date: Wed, 12 May 2021 11:21:03 GMT
via: 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1620818463757&ns_c=UTF-8&cv=3.5&c8=Gary%20DeMar&c7=https%3A%2F%2Fgarydemar.com%2F&c9=
content-length: 171
x-amz-cf-id: ExtFfzjXZgKwFjPvsoXGpeTPDm-YTT8GCLXxnwfGrkTm10n5uetQ_A==

GET
H2 200 rules-p-52ePUfP6_NxQ_.js Show response
rules.quantcount.com/ 2 KB
1 KB 52ms
14ms Script
application/javascript 2600:9000:2190:5a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-52ePUfP6_NxQ_.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e169da4db8ef0fd2836b21f4f59d4e67459586637366cc1d87cf3ca387301af

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 10:40:51 GMT
content-encoding: gzip
age: 2776
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Tue, 27 Feb 2018 21:10:27 GMT
server: AmazonS3
etag: W/"7626a448cabc0b121fa9d36e26320e4f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: _msipr5inj0QQzCkqPLnY9a_I-Lf71WuMlgyYQP1-F6wyclda-kO7A==

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1013 B 21ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700%7CLato:100,300,400,700,900,100italic,300italic,400italic,700italic,900italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.5.3/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e13af4ab7f33bc40500b2c588f0bec136015eaef7f4999e5390256bc5ce3187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 May 2021 11:21:03 GMT
server: ESF
date: Wed, 12 May 2021 11:21:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 May 2021 11:21:03 GMT

GET
H3-29

200

logo-garydemar-light.png
garydemar.com/wp-content/uploads/2019/03/
Redirect Chain

https://cdn.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_1000,h_240/https://garydemar.com/wp-content/uploads/2019/03/logo-garydemar-light.png
https://garydemar.com/wp-content/uploads/2019/03/logo-garydemar-light.png

12 KB
13 KB

21ms
21ms

Image
image/png

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2019/03/logo-garydemar-light.png
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a2db9896268d45d8071955ab70c5de33b97b2636b14a017d23d4ef87eba88c4

Request headers

:path: /wp-content/uploads/2019/03/logo-garydemar-light.png
pragma: no-cache
cookie: _ga=GA1.2.1473164834.1620818464; _gid=GA1.2.1976713418.1620818464; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:04 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 263942
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12190
cf-request-id: 0a01e8272800002b95433c0000000001
x-fw-type: VISIT
pragma: public
last-modified: Fri, 12 Apr 2019 05:12:06 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5cb01e26-2f9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wzzXngq4hVzEUuPYCkCDz80XPtZ57zvtesckCYmFQ7FTx%2B09IGoeYUU7wXG6wOia2zJs9XEgdMMQixYmBvSj0kK2jQbxrLTPLdDI2HRDWuY55qL96hQYasDM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342eb6dcc2b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:03 GMT
cdn-edgestorageid: 632, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:03
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2019/03/logo-garydemar-light.png
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: ba74c4df4dc58d9aaffe80aefe90f82a
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

AV_Logo_detail-750x375.jpg
garydemar.com/wp-content/uploads/2020/10/
Redirect Chain

https://cdn.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-750x375.jpg
https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-750x375.jpg

35 KB
35 KB

20ms
20ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-750x375.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36117942c93a7718be7acdda95df16da1f653e4685a9e35fc98c8ae7593e9160

Request headers

:path: /wp-content/uploads/2020/10/AV_Logo_detail-750x375.jpg
pragma: no-cache
cookie: _ga=GA1.2.1473164834.1620818464; _gid=GA1.2.1976713418.1620818464; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:04 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 3
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35400
cf-request-id: 0a01e8272500002b953f92e000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Thu, 22 Oct 2020 15:35:07 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5f91a6ab-8a48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6SMQqtRQNc4b0ImQEVWuIpeIgEwxWXf7NvF8q5ie5CUfkLtW3fYziTlWWZvcxXsvyVzz%2Bhj%2BatrxUICrvkO%2B%2FR21UF2SHj03fKZIL293eTm6HgRw0X6S9sEM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342eb6db92b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:03 GMT
cdn-edgestorageid: 632, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:03
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-750x375.jpg
content-type: text/html; charset=UTF-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: bf6ee2b27e0a701a44732e31add40219
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

3.thumbnail.jpg
garydemar.com/wp-content/uploads/userphoto/
Redirect Chain

https://cdn.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_100,h_100/https://garydemar.com/wp-content/uploads/userphoto/3.thumbnail.jpg
https://garydemar.com/wp-content/uploads/userphoto/3.thumbnail.jpg

4 KB
5 KB

18ms
17ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/userphoto/3.thumbnail.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c095b65f7285452e5da09a62e22f4317ec5f830a09cef936658fe6e40a52005

Request headers

:path: /wp-content/uploads/userphoto/3.thumbnail.jpg
pragma: no-cache
cookie: _ga=GA1.2.1473164834.1620818464; _gid=GA1.2.1976713418.1620818464; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:04 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 460409
x-fw-server: Flywheel/4.1.0
x-cache: HIT
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4014
cf-request-id: 0a01e8272700002b956e91d000000001
x-fw-type: VISIT
pragma: public
last-modified: Fri, 12 Apr 2019 05:02:52 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5cb01bfc-fae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NKr50riYltyddgS%2F4qji0atF1yg0FBK7IMzbBtpFKSub3TnlDCjLv1ds%2BAzqDt6hXPB549NnLa5AEXfhGSU9NJAW3lFFtneDCT0lY%2FTNK1v6IZ02elYGPRIf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
x-hits: 1
accept-ranges: bytes
cf-ray: 64e342eb6dcb2b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:03 GMT
cdn-edgestorageid: 632, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:03
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/userphoto/3.thumbnail.jpg
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 6729be4400bf6d5563dc29481c3ed54c
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

communist_party-750x375.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/communist_party-750x375.jpg
https://garydemar.com/wp-content/uploads/2020/05/communist_party-750x375.jpg

43 KB
43 KB

15ms
15ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/communist_party-750x375.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9682647257f497f1b61b9c1c151d12f970071a393f06bd8cbe4d0b67debf289

Request headers

:path: /wp-content/uploads/2020/05/communist_party-750x375.jpg
pragma: no-cache
cookie: _ga=GA1.2.1473164834.1620818464; _gid=GA1.2.1976713418.1620818464; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:04 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 3
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43805
cf-request-id: 0a01e8272400002b9566003000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Thu, 21 May 2020 11:11:49 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ec661f5-ab1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Uf1DxjUjB7QWEch9v15%2B%2BZ8UrKMdh28aJ8gABVMxvCMy0sq4trawH%2Fuu4lGPfrrqiQHqHn3J9XsdoagmcLgazRruMSZWEyGAwp6F6O%2BrgLpkaikz5rDCaRLk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342eb6dbd2b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:03 GMT
cdn-edgestorageid: 723, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:03
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/communist_party-750x375.jpg
content-type: text/html; charset=UTF-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 69e3c6f43dfca6c8eb48f7a17337105c
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

AV_Logo_detail-360x240.jpg
garydemar.com/wp-content/uploads/2020/10/
Redirect Chain

https://cdn.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_360,h_240/https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-360x240.jpg
https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-360x240.jpg

14 KB
15 KB

17ms
16ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-360x240.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f26181f12bdb0b9ab6c196e5143a8d5674358e8c78d6c286f272908af91cceca

Request headers

:path: /wp-content/uploads/2020/10/AV_Logo_detail-360x240.jpg
pragma: no-cache
cookie: _ga=GA1.2.1473164834.1620818464; _gid=GA1.2.1976713418.1620818464; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:04 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 92020
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14256
cf-request-id: 0a01e8272600002b9585298000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Thu, 22 Oct 2020 15:35:07 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5f91a6ab-37b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rB5tmDWslUZBR5GCpOc3dSDFizgpsAEpeYWzWZ7uk1cskTcK6Nmxa%2FkVLSn1bo%2BLXxAzo11SPP%2FIMNe2IoKGJY36PCTQ%2BBLW3PIVNDu0Oo8XdtDneuR2VlhP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342eb6dbf2b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:03 GMT
cdn-edgestorageid: 601, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:03
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/10/AV_Logo_detail-360x240.jpg
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 295cbddd67c708e850a4d1424c24f6e8
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

communist_party-360x241.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_360/https://garydemar.com/wp-content/uploads/2020/05/communist_party-360x241.jpg
https://garydemar.com/wp-content/uploads/2020/05/communist_party-360x241.jpg

17 KB
18 KB

34ms
34ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/communist_party-360x241.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9a4c31954cc5e97b49fa05f1d5a4a4a87dff3d395a393cbba91239e646bcfe5

Request headers

:path: /wp-content/uploads/2020/05/communist_party-360x241.jpg
pragma: no-cache
cookie: _ga=GA1.2.1473164834.1620818464; _gid=GA1.2.1976713418.1620818464; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:04 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 1348110
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17314
cf-request-id: 0a01e8272600002b959930e000000001
x-fw-type: VISIT
pragma: public
last-modified: Thu, 21 May 2020 11:11:49 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ec661f5-43a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lNaXWddRRse1dU7TBxRA1g%2BV9fSpgDjLKeom6yZU%2BhejvBNc31gSnVX%2B5I8x8Saux3joW2zpsT7DScZkjhNFgpfDXt86eM8vdNqZGsgU2AqKC4lPsry2SJSx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342eb6dc32b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:03 GMT
cdn-edgestorageid: 632, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:03
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/communist_party-360x241.jpg
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 5def6d217c2062e2e422244f82e5da52
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

Old-Testament-Covenants-360x240.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_360,h_240/https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-360x240.jpg
https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-360x240.jpg

22 KB
22 KB

20ms
19ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-360x240.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5105235ba569aa63ba67b813f40f836f2b553b964bff365dd10d2941b579144f

Request headers

:path: /wp-content/uploads/2020/05/Old-Testament-Covenants-360x240.jpg
pragma: no-cache
cookie: _ga=GA1.2.1473164834.1620818464; _gid=GA1.2.1976713418.1620818464; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:04 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 1530969
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22199
cf-request-id: 0a01e8272700002b955d0dc000000001
x-fw-type: VISIT
pragma: public
last-modified: Thu, 21 May 2020 11:17:36 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ec66350-56b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZRvrhsA%2FE%2FzJnmxIwSPeCGut%2FFg9xnKcagKkzkcKElwImijM6dTCK030jQuoODjgixw9VELAzn0oCfKe%2F%2FftV0u3KEqzRTqM6tjOSR9elE3WRxzsXd6ADbhx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342eb6dc82b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:03 GMT
cdn-edgestorageid: 601, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:03
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-360x240.jpg
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: cf8d02a21ab4fbd57aeda7c708957d81
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

monkeys-and-typewriters-360x240.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_360,h_240/https://garydemar.com/wp-content/uploads/2020/05/monkeys-and-typewriters-360x240.jpg
https://garydemar.com/wp-content/uploads/2020/05/monkeys-and-typewriters-360x240.jpg

21 KB
21 KB

16ms
16ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/monkeys-and-typewriters-360x240.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dedea14dfb1c6b9fa41b0524b7d80456fd8ced66279c40b86a97382fe1c88d8

Request headers

:path: /wp-content/uploads/2020/05/monkeys-and-typewriters-360x240.jpg
pragma: no-cache
cookie: _ga=GA1.2.1473164834.1620818464; _gid=GA1.2.1976713418.1620818464; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:04 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 1530969
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21014
cf-request-id: 0a01e8272700002b95901a8000000001
x-fw-type: VISIT
pragma: public
last-modified: Thu, 21 May 2020 11:30:59 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ec66673-5216"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8FWu80fYJYraoNUXs3uHTUPPYcg4Cwv8LcktBK%2BI7d7Mb0hbitA%2B4BNDaroOExSZHO2If5UKGnCa%2B7YWtrWZyKWnr6lk6EyjCO9I4TY8%2BuKTxlEsrZ8rQmGA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342eb6dc72b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:03 GMT
cdn-edgestorageid: 601, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:03
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/monkeys-and-typewriters-360x240.jpg
content-type: text/html; charset=UTF-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 5cdf873080060f84df834a6155544b6e
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 Tag.engine Show response
engine.4dsply.com/ 6 KB
4 KB 674ms
671ms Script
application/json 2606:4700::6810:9f11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.4dsply.com/Tag.engine?time=-120&id=6b9c0c75-25eb-4f3b-b651-f6564bc7bf88&rand=67327&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=60&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fgarydemar.com%2F&kw=
Requested by: Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=6b9c0c75-25eb-4f3b-b651-f6564bc7bf88
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1208a7c0cd1a8b9a4a7e45d725794864f81ca789a480becdd86eadab5ddbb433

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 64e342e79ad94ed3-FRA
date: Wed, 12 May 2021 11:21:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-adscore-status: null
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
cache-control: private, no-transform
content-type: application/json; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a01e824c200004ed3d593c000000001

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v36/ 31 KB
31 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700%7CLato:100,300,400,700,900,100italic,300italic,400italic,700italic,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://garydemar.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 04:11:32 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:31:39 GMT
server: sffe
age: 284972
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31676
x-xss-protection: 0
expires: Mon, 09 May 2022 04:11:32 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700%7CLato:100,300,400,700,900,100italic,300italic,400italic,700italic,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://garydemar.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 15:44:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 502617
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Fri, 06 May 2022 15:44:07 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v17/ 24 KB
24 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700%7CLato:100,300,400,700,900,100italic,300italic,400italic,700italic,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://garydemar.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 15:44:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:06 GMT
server: sffe
age: 502611
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24440
x-xss-protection: 0
expires: Fri, 06 May 2022 15:44:13 GMT

GET
H3-29 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
22 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700%7CLato:100,300,400,700,900,100italic,300italic,400italic,700italic,900italic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://garydemar.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 01:32:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
age: 121741
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
expires: Wed, 11 May 2022 01:32:03 GMT

GET
H3-29 200 S6u8w4BMUTPHh30AXC-q.woff2
fonts.gstatic.com/s/lato/v17/ 21 KB
21 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u8w4BMUTPHh30AXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700%7CLato:100,300,400,700,900,100italic,300italic,400italic,700italic,900italic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d971119a046fb86eeec343e50c680c36a72eb2df85521c8f343dc9678924398

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://garydemar.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 03:41:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:43 GMT
server: sffe
age: 286752
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21580
x-xss-protection: 0
expires: Mon, 09 May 2022 03:41:52 GMT

GET
H3-29 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700%7CLato:100,300,400,700,900,100italic,300italic,400italic,700italic,900italic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://garydemar.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 21:58:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:05 GMT
server: sffe
age: 48172
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23248
x-xss-protection: 0
expires: Wed, 11 May 2022 21:58:12 GMT

GET
H3-29 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
22 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700%7CLato:100,300,400,700,900,100italic,300italic,400italic,700italic,900italic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://garydemar.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 22:35:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:30 GMT
server: sffe
age: 45928
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22572
x-xss-protection: 0
expires: Wed, 11 May 2022 22:35:36 GMT

GET
H3-29 200 S6u-w4BMUTPHjxsIPx-oPCI.woff2
fonts.gstatic.com/s/lato/v17/ 17 KB
17 KB 10ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u-w4BMUTPHjxsIPx-oPCI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700%7CLato:100,300,400,700,900,100italic,300italic,400italic,700italic,900italic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d10280e8071d96d42984b8a0fe9eb713babef562cfe8e31bc28fbf65c46e126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://garydemar.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 22:58:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:02 GMT
server: sffe
age: 476535
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17024
x-xss-protection: 0
expires: Fri, 06 May 2022 22:58:49 GMT

GET
H3-29 200 S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v17/ 17 KB
17 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u_w4BMUTPHjxsI9w2_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700%7CLato:100,300,400,700,900,100italic,300italic,400italic,700italic,900italic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afdd5b03f94d18d31b86e4bdf19ad063f6917233f5605f2e4b34d055a2502b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://garydemar.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 15:43:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:31 GMT
server: sffe
age: 502627
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17640
x-xss-protection: 0
expires: Fri, 06 May 2022 15:43:57 GMT

GET
H3-29 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v17/ 24 KB
24 KB 12ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700%7CLato:100,300,400,700,900,100italic,300italic,400italic,700italic,900italic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad012803e63980f185a7ee45c983ff2ab99b7751fc8f817f86420d620f244d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://garydemar.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 02:03:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:34 GMT
server: sffe
age: 551875
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24428
x-xss-protection: 0
expires: Fri, 06 May 2022 02:03:09 GMT

GET
H3-29 200 S6u_w4BMUTPHjxsI3wi_Gwft.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u_w4BMUTPHjxsI3wi_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700%7CLato:100,300,400,700,900,100italic,300italic,400italic,700italic,900italic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad68b1eebdd10516b4cd884ca26e3f2f6086efc2a025badffb5f08e7fb110807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://garydemar.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 11:02:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:41 GMT
server: sffe
age: 519493
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23696
x-xss-protection: 0
expires: Fri, 06 May 2022 11:02:51 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1841105566&t=pageview&_s=1&dl=https%3A%2F%2Fgarydemar.com%2F&ul=en-us&de=UTF-8&dt=Gary%20DeMar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=527308566&gjid=1127356771&cid=1473164834.1620818464&tid=UA-27783617-37&_gid=1976713418.1620818464&_r=1&_slc=1&z=155059409

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://garydemar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/ Frame 49F9 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210510/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://garydemar.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 11 May 2021 18:01:56 GMT
expires: Tue, 25 May 2021 18:01:56 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 62348
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Adsi Show response
ad.doubleclick.net/ddm/adj/Adfm/ 11 B
645 B 44ms
19ms Script
text/javascript 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/Adfm/Adsi

Requested by

Host: fadedsnow.com
URL: https://fadedsnow.com/v2/0/kpqEFU9bQ_bhJZ241RTU9NDIOgy4mjzzIIxEarkB20uT3Uw-KDss6B78PUtIxWt6MuBiA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame 11EF 3 KB
2 KB 30ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: fadedsnow.com
URL: https://fadedsnow.com/v2/0/kpqEFU9bQ_bhJZ241RTU9NDIOgy4mjzzIIxEarkB20uT3Uw-KDss6B78PUtIxWt6MuBiA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://garydemar.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1479
date: Mon, 10 May 2021 06:54:31 GMT
expires: Tue, 10 May 2022 06:54:31 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 188793
cache-control: public, immutable, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame 8FC8 3 KB
2 KB 23ms
8ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: fadedsnow.com
URL: https://fadedsnow.com/v2/0/kpqEFU9bQ_bhJZ241RTU9NDIOgy4mjzzIIxEarkB20uT3Uw-KDss6B78PUtIxWt6MuBiA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://garydemar.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1479
date: Mon, 10 May 2021 06:54:31 GMT
expires: Tue, 10 May 2022 06:54:31 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 188793
cache-control: public, immutable, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=565645810252486&ev=fb_page_view&dl=https%3A%2F%2Fgarydemar.com%2F&rl=&if=false&ts=1620818464595&sw=1600&sh=1200&at=

Requested by

Host: garydemar.com
URL: https://garydemar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 12 May 2021 11:21:04 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
86 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-27783617-37&cid=1473164834.1620818464&jid=527308566&gjid=1127356771&_gid=1976713418.1620818464&_u=IEBAAEAAAAAAAC~&z=793929702

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 12 May 2021 11:21:04 GMT
content-type: text/plain
access-control-allow-origin: https://garydemar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/thepublisherdesk-garydemarcom/trc/3/ 31 KB
10 KB 344ms
258ms XHR
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/thepublisherdesk-garydemarcom/trc/3/json?tim=13%3A21%3A04.726&lti=deflated&data=%7B%22id%22%3A661%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1620303410142%2C%22vi%22%3A1620818464724%2C%22cv%22%3A%2220210506-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fgarydemar.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A13052%2C%22nsid%22%3A%22thepublisherdesk-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22organic-thumbnails-rr2%3Apub%3Dthepublisherdesk-network%3Aabp%3D0%22%2C%22uip%22%3A%22Organic%20Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Organic%20Right%20Rail%20Thumbnails%22%2C%22cd%22%3A364%2C%22mw%22%3A360%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 23ab0d2a417575e9c54c0bf9c02761d0c0cfa467d36839496e0d652770a580af

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 251
date: Wed, 12 May 2021 11:21:05 GMT
content-encoding: gzip
server: nginx
x-timer: S1620818465.815189,VS0,VE251
x-served-by: cache-hhn11577-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://garydemar.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 pixel;r=878074222;labels=title.Gary%20DeMar;rf=0;a=p-52ePUfP6_NxQ_;url=https%3A%2F%2Fgarydemar.com%2F;uht=2;fpan=1;fpa=P0-1994936619-1620818464742;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=1558287b-2021042121...
pixel.quantserve.com/ 35 B
371 B 10ms
9ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=878074222;labels=title.Gary%20DeMar;rf=0;a=p-52ePUfP6_NxQ_;url=https%3A%2F%2Fgarydemar.com%2F;uht=2;fpan=1;fpa=P0-1994936619-1620818464742;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;ref=;d=garydemar.com;je=0;sr=1600x1200x24;dst=1;et=1620818464742;tzo=-120;ogl=locale.en_US%2Ctype.website%2Ctitle.Gary%20DeMar%2Cdescription.Gary%20DeMar%20is%20an%20American%20writer%252C%20lecturer%20and%20former%20president%20of%20American%20Visi%2Curl.https%3A%2F%2Fgarydemar%252Ecom%2F%2Csite_name.Gary%20DeMar

Requested by

Host: garydemar.com
URL: https://garydemar.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

OPTIONS
H2 204 thepublisherdesk
thepublisherdesk.technoratimedia.com/openrtb/bids/ Frame 0
0 295ms
94ms Preflight 150.136.26.45
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://thepublisherdesk.technoratimedia.com/openrtb/bids/thepublisherdesk?src=prebid_prebid_4.30.0
Protocol: H2
Server: 150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://garydemar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 12 May 2021 11:21:05 GMT
access-control-allow-headers: content-type
access-control-allow-origin: https://garydemar.com
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 165583233
age: 0
via: 1.1 varnish

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 126 KB
33 KB 45ms
13ms Script
application/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/tag-v2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: RvFob.r3TH_ft5dtWL2SCNMCpiQphReE
content-encoding: gzip
server: Server
age: 22313
etag: 8975e8311e479cf7d71d71133ee2dff8
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a06cb72e779e366fcd004926eacd5b85.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
date: Wed, 12 May 2021 05:09:11 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: rm4K4JoXgikZEcdIfDIhNlTDJoRw9Q2bZRXEWqTLCG8Of_JzR1R_mg==

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 154 B
497 B 79ms
50ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: 172d5d26861551dd3b36a5b957d6d7cd6b347bded00721deb5945ac4be64d42e

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:04 GMT
Server: nginx/1.19.0
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://garydemar.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 154
Expires: 0

GET
H2 200 display Show response
mantodea.mantisadnetwork.com/prebid/ 56 B
338 B 313ms
120ms XHR
application/javascript 52.22.66.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/display?tz=-120&buster=1620818464843&secure=true&version=9&title=Gary%20DeMar&url=https%3A%2F%2Fgarydemar.com%2F&measurable=true&bids[0][bidId]=6422b174dca70c&bids[0][config][property]=5d14f0c63bb9c40007c8a737&bids[0][config][zone]=dsk-banner-ad-a&bids[0][sizes][0][width]=970&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=728&bids[0][sizes][1][height]=90&bids[0][sizes][2][width]=468&bids[0][sizes][2][height]=60&bids[0][sizes][3][width]=1&bids[0][sizes][3][height]=1&bids[1][bidId]=7e1ff3b336fbd9&bids[1][config][property]=5d14f0c63bb9c40007c8a737&bids[1][config][zone]=dsk-box-ad-a&bids[1][sizes][0][width]=300&bids[1][sizes][0][height]=600&bids[1][sizes][1][width]=300&bids[1][sizes][1][height]=250&bids[1][sizes][2][width]=160&bids[1][sizes][2][height]=600&bids[1][sizes][3][width]=120&bids[1][sizes][3][height]=600&bids[2][bidId]=80cfe575e5455e&bids[2][config][property]=5d14f0c63bb9c40007c8a737&bids[2][config][zone]=dsk-box-ad-b&bids[2][sizes][0][width]=300&bids[2][sizes][0][height]=600&bids[2][sizes][1][width]=300&bids[2][sizes][1][height]=250&bids[2][sizes][2][width]=160&bids[2][sizes][2][height]=600&bids[2][sizes][3][width]=120&bids[2][sizes][3][height]=600&property=5d14f0c63bb9c40007c8a737&foo
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.66.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: 0e3cf72d008684c0ad8cfd6c1c3199c17374cf63b47197caab88e999157e268e

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:05 GMT
x-powered-by: Express
etag: W/"38-vvjt0CInI2vZyLoeKG2ovGdkBWA"
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://garydemar.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 56
expires: -1

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
353 B 98ms
34ms XHR
text/plain 52.208.100.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.30.0&p=%5B%7B%22placement_id%22%3A%22dsk-banner-ad-a%22%2C%22callback_id%22%3A%22106573be9012c1c%22%2C%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B468%2C60%5D%2C%5B1%2C1%5D%5D%2C%22ym_placement_id%22%3A%222454275463044866860%22%7D%2C%7B%22placement_id%22%3A%22dsk-box-ad-a%22%2C%22callback_id%22%3A%2211aa668bdd23116%22%2C%22sizes%22%3A%5B%5B300%2C600%5D%2C%5B300%2C250%5D%2C%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%222454275463111975725%22%7D%2C%7B%22placement_id%22%3A%22dsk-box-ad-b%22%2C%22callback_id%22%3A%22128e3550824004d%22%2C%22sizes%22%3A%5B%5B300%2C600%5D%2C%5B300%2C250%5D%2C%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%222454275463179084590%22%7D%5D&page_url=https%3A%2F%2Fgarydemar.com%2F&bust=1620818464844&pr=https%3A%2F%2Fgarydemar.com%2F&scrd=1&dnt=false&description=Gary%20DeMar%20is%20an%20American%20writer%2C%20lecturer%20and%20former%20president%20of%20American%20Vision%2C%20an%20American%20Christian%20nonprofit%20organization&title=Gary%20DeMar&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22publisherdesk.com%22%2C%22sid%22%3A%22100279%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.100.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://garydemar.com
pragma: no-cache
date: Wed, 12 May 2021 11:21:04 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 376 B
1 KB 112ms
84ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

1baee2fb28ab0b023245d04ea2e5229e68bab1e495017dd9f5fd6fee2c677170

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:04 GMT
X-Proxy-Origin: 159.48.53.232; 159.48.53.232; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.79:80
AN-X-Request-Uuid: cfabe57d-fc80-4ba6-9abc-0fc684e6e95b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://garydemar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 376
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
316 B 45ms
27ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 11:21:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://garydemar.com
access-control-allow-credentials: true
cf-ray: 64e342ed6d3905b7-FRA
access-control-allow-headers: Content-Type, Origin
cf-request-id: 0a01e82864000005b7d02ae000000001

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 471 B
4 KB 437ms
373ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11250&site_id=183890&zone_id=896442%3B896444%3B896446&size_id=2%3B15%3B15&alt_size_ids=1%2C55%2C221%3B9%2C8%2C10%3B9%2C8%2C10&rp_schain=1.0,1!publisherdesk.com,100279,1,,,&rf=https%3A%2F%2Fgarydemar.com%2F&tk_flint=pbjs_lite_v4.30.0&x_source.tid=dbbfe8b9-25f8-4387-8d44-9f2b2715f101%3Bb4700776-9550-4f81-a63d-3665cafd8fc9%3Bef5b5d5c-2935-4ab5-94ff-cd99d4d90743&p_screen_res=1600x1200&rp_secure=1&slots=3&rand=0.6208800631850959
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: ac67719605d957998af1258627cd9bb25fd9b51ba4b4e8d3863d764934d8aeff

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:05 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://garydemar.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 471
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 c Show response
prebid.a-mo.net/a/ 861 B
784 B 464ms
284ms XHR
application/json 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: f783d5339c16ad626dead0d858931477b36d828876ebbbdd136f0cea38392e08

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 11:21:04 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://garydemar.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 195
content-length: 356

GET
H/1.1 200
OK bidRequest Show response
in-appadvertising.com/api/ 55 B
549 B 381ms
101ms XHR
application/javascript 169.63.109.126
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://in-appadvertising.com/api/bidRequest?bidId=3081ddcf1c55f45&pubId=31569&sectionId=10017&vers=4.30.0&url=https://garydemar.com/&sizes=970x90,728x90,468x60,1x1&tr_wd=1&tr_hd=0&tr_vs=visible
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.63.109.126 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: bf231713c1a68e9030ff90129e58a32d99b65a8f6a35efdd11fbf4213b9d60ff

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:05 GMT
Content-Encoding: gzip
Server: nginx/1.16.1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,OPTIONS,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: https://garydemar.com
Cache-control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With
Expires: 0

POST prebid_display
display.bfmio.com/ 0
0

POST
H2 204 thepublisherdesk Show response
thepublisherdesk.technoratimedia.com/openrtb/bids/ 0
292 B 284ms
97ms XHR
text/plain 150.136.26.45
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://thepublisherdesk.technoratimedia.com/openrtb/bids/thepublisherdesk?src=prebid_prebid_4.30.0
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 324312400
access-control-allow-origin: https://garydemar.com
access-control-allow-credentials: true

GET
H3-29 200 b.js Show response
cdn.engine.4dsply.com/Scripts/MediaScripts/ 172 KB
56 KB 31ms
14ms Script
application/x-javascript 2606:4700::6810:9f11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.engine.4dsply.com/Scripts/MediaScripts/b.js?v=4
Requested by: Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=6b9c0c75-25eb-4f3b-b651-f6564bc7bf88
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:9f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 549ab2f9c2dfdee4dbc7632d379c03972b3a1ef2e130fb17f29052e080a117fe

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:04 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 29
x-powered-by: ASP.NET
p3p: CP="CAO PSA OUR IND"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a01e828730000dfe78d952000000001
last-modified: Wed, 12 May 2021 11:17:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: *, Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-transform, max-age=687
cf-ray: 64e342ed8cbadfe7-FRA
expires: Wed, 12 May 2021 11:32:03 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
113 B 32ms
32ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-27783617-37&cid=1473164834.1620818464&jid=527308566&_u=IEBAAEAAAAAAAC~&z=473289184

Requested by

Host: garydemar.com
URL: https://garydemar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
31ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-27783617-37&cid=1473164834.1620818464&jid=527308566&_u=IEBAAEAAAAAAAC~&z=473289184

Requested by

Host: garydemar.com
URL: https://garydemar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
369 B 171ms
171ms XHR
text/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgarydemar.com%2F&pid=LSYtJHzLcQEkp&cb=0&ws=1600x1200&v=7.64.00&t=750&slots=%5B%7B%22sd%22%3A%22dsk-banner-ad-a%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%7D%2C%7B%22sd%22%3A%22dsk-box-ad-a%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22160x600%22%2C%22120x600%22%5D%7D%2C%7B%22sd%22%3A%22dsk-box-ad-b%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22160x600%22%2C%22120x600%22%5D%7D%5D&cfgv=0&schain=1.0%2C1!publisherdesk.com%2C100279%2C1%2C%2C%2C&pubid=8f0be570-94e3-4c8a-8dac-4372ca412efd&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 a06cb72e779e366fcd004926eacd5b85.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://garydemar.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: IONMEie1jRl6yvjSnN2f4EO181vJ4mQFwmoARjPC-tEhFcdvzheL0w==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 439ms
414ms XHR
application/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:06 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
content-type: application/javascript
x-amz-cf-id: fJjHmLS8JB40pmN2C2giVhyvg3UGqg9DfOSOZUx2Bbw8IsukGgkRHg==

GET
H3-29 200 page.php Show response
www.facebook.com/v3.2/plugins/ Frame 352F 53 KB
16 KB 101ms
100ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=565645810252486&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a693937457274%26domain%3Dgarydemar.com%26origin%3Dhttps%253A%252F%252Fgarydemar.com%252Ff8d442cab706d%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgaryddemar&locale=en_US&sdk=joey&show_facepile=true&small_header=true&width=500

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e6a4ac6d05e208dc904eb372b01d2840&ua=modern_es6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1ccd81ec94a255c34bdee7dfe83f6e30f44e5c8713351b22ea85e1e4823b0e53

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.2/plugins/page.php?adapt_container_width=true&app_id=565645810252486&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a693937457274%26domain%3Dgarydemar.com%26origin%3Dhttps%253A%252F%252Fgarydemar.com%252Ff8d442cab706d%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgaryddemar&locale=en_US&sdk=joey&show_facepile=true&small_header=true&width=500
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://garydemar.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0wSXVgqmAJs3QjvIr..Bgm7og...1.0.Bgm7og.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

x-fb-rlafr: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
content-encoding: br
strict-transport-security: max-age=15552000; preload
facebook-api-version: v3.3
x-content-type-options: nosniff
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}
vary: Accept-Encoding
pragma: no-cache
content-type: text/html; charset="utf-8"
x-fb-debug: JPWw7SUtURIzVEsAoGEBLToQC3YVkGYrZIarq5qsm0ephL3YWyI7LmKCXw3IAY0koyxCkSeFVd41bJRm2VLRTA==
date: Wed, 12 May 2021 11:21:05 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29

200

Old-Testament-Covenants-750x375.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_750,h_375/https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-750x375.jpg
https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-750x375.jpg

59 KB
59 KB

14ms
13ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-750x375.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 203de499bad05048656d8784fe5cbb58eff433ab8b6dba0be7719124fdd2da6c

Request headers

:path: /wp-content/uploads/2020/05/Old-Testament-Covenants-750x375.jpg
pragma: no-cache
cookie: _ga=GA1.2.1473164834.1620818464; _gid=GA1.2.1976713418.1620818464; _gat=1; __qca=P0-1994936619-1620818464742
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:05 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 971411
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59917
cf-request-id: 0a01e8290600002b9562914000000001
x-fw-type: VISIT
pragma: public
last-modified: Thu, 21 May 2020 11:17:36 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ec66350-ea0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Djo%2BXp7p2CGjgSu%2B9V1w20JwreaqHCJyyVkC1hXpGb4AbBB7zvXt6kXijf9I1Ao8VXlCE6OsCecBDkggjyV7FjMFZIfxJx3gjq1aXtwypzQnDT%2FjGDAKTLZh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342ee7d302b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:05 GMT
cdn-edgestorageid: 601, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:05
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-750x375.jpg
content-type: text/html; charset=UTF-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 144a0b1b1b7cca4f58a3717860ac67aa
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3-29

200

Law-Commandments-360x240.jpg
garydemar.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_360,h_240/https://garydemar.com/wp-content/uploads/2020/05/Law-Commandments-360x240.jpg
https://garydemar.com/wp-content/uploads/2020/05/Law-Commandments-360x240.jpg

24 KB
24 KB

12ms
12ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/2020/05/Law-Commandments-360x240.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b39a45a7512a7d7e081f144316ea20696f43d25c6c96e1799f04d9b775c7c5df

Request headers

:path: /wp-content/uploads/2020/05/Law-Commandments-360x240.jpg
pragma: no-cache
cookie: _ga=GA1.2.1473164834.1620818464; _gid=GA1.2.1976713418.1620818464; _gat=1; __qca=P0-1994936619-1620818464742
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:05 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 92020
x-fw-server: Flywheel/4.1.0
x-cache: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24099
cf-request-id: 0a01e8290700002b9577026000000001
x-fw-type: FLYWHEEL_BOT
pragma: public
last-modified: Thu, 21 May 2020 11:36:11 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5ec667ab-5e23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5hV8r8yN9M05MFXWo8t1nip17uTsFYNm3Iq%2B%2BM9KxVfNpkoB4A4pL0dKXSKYiRVnjLQjNlndLg8JWUfMojZFvdC6PB3Ij1bjIJUih5iMl5yjk6RQq0kufWVx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64e342ee7d342b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:05 GMT
cdn-edgestorageid: 723, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:05
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/2020/05/Law-Commandments-360x240.jpg
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: 984a77a593030b9042eceae1b518f58e
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 MezyoJrtqwR.css
static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/ Frame 352F 26 KB
6 KB 8ms
6ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/MezyoJrtqwR.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=565645810252486&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a693937457274%26domain%3Dgarydemar.com%26origin%3Dhttps%253A%252F%252Fgarydemar.com%252Ff8d442cab706d%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgaryddemar&locale=en_US&sdk=joey&show_facepile=true&small_header=true&width=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f84cbc4003970cf4410a5f759b3f04ca535de9114f45a867669e05244998c630

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: iS4ZNDNTwEb8sMTP73F6xA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 6119
x-fb-rlafr: 0
x-fb-debug: drD+I/rxVlHd0UdoVnVOGBjbcVYyqqDQEV8+t0olCj58LubKxIojP8GCX0xvzOsyUMMZ2YaCNshn17DPAO1K5A==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 May 2022 17:23:21 GMT

GET
H2 200 IroYP_0CRDZ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yB/r/ Frame 352F 293 KB
80 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/IroYP_0CRDZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e81e3525c7db207a32f1f6a9a9bacafcaf545b6051fb720bc22adad2d75027df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: hF0MMiCyL9CWKbpiWxG2gA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 81392
x-fb-rlafr: 0
x-fb-debug: I/vzVTQpwIB52htAZOQq5Do4xxZRPvy82r+AJxpqIT2jZnIrLp275y9Quccj+O0X3nXrtD0hhGQMwjrlDK0Mvw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 12 May 2022 00:58:47 GMT

GET
H2 200 DUV2z6nTgU6.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yW/r/ Frame 352F 63 KB
19 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/DUV2z6nTgU6.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1ab77d8a35736b5f5c4a04be103d14226b2cd36c06150fb8ed8cc39d46caa31d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: WKBQdaPlu64R96rqlppOpg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 19682
x-fb-rlafr: 0
x-fb-debug: VG6vOoPHEPhjXl0M1Vd0W2uPp7p3DuIa5mYIncrym6GXmwA/mv//lmOIASm/z/jbZcA6OWH48hNz18YV76pSQQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 May 2022 02:37:46 GMT

GET
H2 200 E55X3l-GPh4.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yI/l/en_US/ Frame 352F 128 KB
36 KB 17ms
16ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yI/l/en_US/E55X3l-GPh4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8d67b3b9fcb0a0b4c20906860c9948f31bc0919994192abe8487ebd38efa0e96

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 79a3OOWf3FM5vtHlE2zoQw==
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/;
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 36458
x-fb-rlafr: 0
x-fb-debug: rag/CG4xHICEPuJXTlabo7+t9QQ7RfZvAz/II4xrEsW9eUHEKL0oXFtPb+y4l9Foi03Ym3mKJB2Gue/uV0mBGA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 12 May 2022 02:37:55 GMT

GET
H2 200 IEOQM8FL8ot.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame 352F 5 KB
2 KB 18ms
17ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/IEOQM8FL8ot.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mrvV7Xg6Liq29ANLrbPdkw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1630
x-fb-rlafr: 0
x-fb-debug: yqq3p5egtchtYqtwp/E43L9eZjPfIFy1uhtL+WWCTBHuwGgcCKJR6QhPNCVODTEWxfHpjmo1/IE9G6qaC1mTiw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 May 2022 03:03:44 GMT

GET
H2 200 19060097_788605034651664_1395327376606388156_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t1.18169-0/s370x247/ Frame 352F 17 KB
18 KB 193ms
180ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.xx.fbcdn.net/v/t1.18169-0/s370x247/19060097_788605034651664_1395327376606388156_n.jpg?_nc_cat=110&ccb=1-3&_nc_sid=dd9801&_nc_ohc=7w_ieMUQtpcAX8gfJ-z&_nc_ht=scontent-frt3-2.xx&tp=7&oh=8fd6cfe0451ab64fdf0fe39e615bb6fb&oe=60BFC1AC
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=565645810252486&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a693937457274%26domain%3Dgarydemar.com%26origin%3Dhttps%253A%252F%252Fgarydemar.com%252Ff8d442cab706d%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgaryddemar&locale=en_US&sdk=joey&show_facepile=true&small_header=true&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 3102770dfcd3cf44c48e96f2176f52f82f0b05cb87a17f22812d640c2ae6309b

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1929776804
date: Wed, 12 May 2021 11:21:05 GMT
x-fb-config-version-elb-prod: 1098
cross-origin-resource-policy: cross-origin
x-fb-config-version-olb-prod: 1098
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 17540
x-fb-trip-id: 686109401
last-modified: Tue, 13 Jun 2017 22:36:59 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: udNtBn769jwUcLMDDSN4-Cl9fGEPoueSl2gj7N_yQp38ITLISI9rp0ovsDnLBcxI0PrQrgSOpvxq3Od5IKlN_g
x-needle-checksum: 179740879
timing-allow-origin: *

GET
H2 200 16998110_731324637046371_3487077711885547968_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/ Frame 352F 2 KB
2 KB 19ms
6ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/16998110_731324637046371_3487077711885547968_n.jpg?_nc_cat=105&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=zH3e0fJTFgoAX8XMlIw&_nc_ht=scontent-frx5-1.xx&tp=27&oh=e47f9bbe19306b44ba8b64ac72204e0a&oe=60C29237
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=565645810252486&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a693937457274%26domain%3Dgarydemar.com%26origin%3Dhttps%253A%252F%252Fgarydemar.com%252Ff8d442cab706d%26relation%3Dparent.parent&container_width=360&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgaryddemar&locale=en_US&sdk=joey&show_facepile=true&small_header=true&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: c4d1184bdb17151fd96a8048bc081de2c92a0c7fcb1ad18b47328a71892591c3

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2594065995
date: Wed, 12 May 2021 11:21:05 GMT
x-fb-trip-id: 917726464
last-modified: Fri, 03 Mar 2017 02:52:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3192776136
x-fb-config-version-olb-prod: 1096
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1664

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 19 KB
6 KB 7ms
7ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2f6d277e9a00330022be2b7ef4441ed84127e2359bfe7f7800c10f294e81917

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: scc9i0WjBcezJETEcKeKlmIHFeg5X8y4
content-encoding: gzip
etag: "559c107d74fc83d8062b2553a1818b07"
age: 23834
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5911
x-amz-id-2: oaWjtoybwXcf/v4WF3utsrEWOVBLZIrki4l6iAzPN8PIUxUS/oRUXtX5vCXEBwWMVIZpQj6Qwv0=
x-served-by: cache-fra19133-FRA
last-modified: Mon, 03 May 2021 12:43:43 GMT
server: AmazonS3
x-timer: S1620818465.086801,VS0,VE0
date: Wed, 12 May 2021 11:21:05 GMT
vary: Accept-Encoding
x-amz-request-id: 7QP61W5ZQ629Q8FB
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 33
x-cache-hits: 181299

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
1 KB 7ms
6ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding: gzip
etag: "10c372ee2c83a7fd12df18aebc5320c6"
age: 16323
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 719
x-amz-id-2: UmOOaCltTJva9V4gBfdf27Oy7jykaqbYXsCDo0A/soIFodQTYZAaWWoYstK76SsHg3hRgjqb/Fo=
x-served-by: cache-fra19133-FRA
last-modified: Tue, 06 Apr 2021 14:48:01 GMT
server: AmazonS3
x-timer: S1620818465.086892,VS0,VE0
date: Wed, 12 May 2021 11:21:05 GMT
vary: Accept-Encoding
x-amz-request-id: CR41745BE06MC588
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 33
x-cache-hits: 89865

GET
H2 200 tfa-eid.20210506-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 13 KB
5 KB 7ms
6ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210506-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thepublisherdesk-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59587e68ed187fdfda4f5f89b3e97a64690a13463dfefc1141eaea03bebdc1eb

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: JeTFio8RB25hb0.b.oW6hIUHdtaChnl.
content-encoding: gzip
etag: "497313b7766db3c042e0e09e5eb6bd83"
age: 64
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4868
x-amz-id-2: GYRdj1Sp2cz303aXkKSo/uv/4uMVEsITbWYkKdFK2pVZLe8HMhiBcIEdRDIjwkqjL5Kq9ecGaxM=
x-served-by: cache-fra19133-FRA
last-modified: Thu, 06 May 2021 12:09:39 GMT
server: AmazonS3
x-timer: S1620818465.088717,VS0,VE0
date: Wed, 12 May 2021 11:21:05 GMT
vary: Accept-Encoding
x-amz-request-id: 4511WP7MAA3KHCYK
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 33
x-cache-hits: 275

GET
H2 200 sha256.20210506-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 7ms
7ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210506-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thepublisherdesk-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee0a7fdd5b315817774fc9f3c302bb1470236e0e177fe8ef8334c2f6f75afc1d

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: VgwndrRwnm.4MEVGa4FKVyvAo_uRUKgE
content-encoding: gzip
etag: "9006e6d602ca140d7ed04ab61f41eaed"
age: 78
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2595
x-amz-id-2: lYOTLkivosfDLcV95+HDXPiN2hstDh6a2PZKnkiZmcM1lhmPYvG2zYtGmakSQq0ILnbrFcGlOow=
x-served-by: cache-fra19133-FRA
last-modified: Thu, 06 May 2021 12:09:48 GMT
server: AmazonS3
x-timer: S1620818465.088783,VS0,VE0
date: Wed, 12 May 2021 11:21:05 GMT
vary: Accept-Encoding
x-amz-request-id: PR11BT0MMZ24JW75
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 33
x-cache-hits: 302

GET
H2 200 explore-more.20210506-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 18 KB
7 KB 9ms
8ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20210506-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thepublisherdesk-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 98608ba0e47023cda00658b640b574e46e2b8bd9cf7807cb4061e36f67d311ae

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: DRsm8xXsJeN6HKQ61J4FkyHA7yzpyhac
content-encoding: gzip
etag: "14fb11b624333d1afb8db13e5d565bd5"
age: 47
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6620
x-amz-id-2: +UpCuUGUneuvkIhTmtJ7gELBx9cU948QuIFbxX+tKyRaqRoA+bR0nHLWH69TfwRQ7sv+u3uxq88=
x-served-by: cache-fra19133-FRA
last-modified: Thu, 06 May 2021 12:10:08 GMT
server: AmazonS3
x-timer: S1620818465.092549,VS0,VE0
date: Wed, 12 May 2021 11:21:05 GMT
vary: Accept-Encoding
x-amz-request-id: 20SA9MAA0QENNW44
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 33
x-cache-hits: 52

GET
H2 200 feed-card-placeholder.20210506-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 10ms
6ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20210506-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thepublisherdesk-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73854a96802204f2318120247a7be8c22098bf32c657877d95072c85a75ec7ce

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: kVuT2vxA65uo_EhMdqh4WJzjh5eNqPM.
content-encoding: gzip
etag: "f00ede3e1da15b3b67ec373cb6e7436d"
age: 15
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1268
x-amz-id-2: aPb5mhJ9iS5lUPjSvOEtzaxYggg7fwCmG9rMWVna+CGk6NxodiWC1jK6MZ4PGY48L6bmqI/ROKM=
x-served-by: cache-fra19133-FRA
last-modified: Thu, 06 May 2021 12:10:06 GMT
server: AmazonS3
x-timer: S1620818465.096862,VS0,VE0
date: Wed, 12 May 2021 11:21:05 GMT
vary: Accept-Encoding
x-amz-request-id: 97RB2Z3M5NCJJ7EP
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 33
x-cache-hits: 38

GET
H2 200 userx.20210506-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 23 KB
8 KB 7ms
7ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210506-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thepublisherdesk-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2be8f56a4a70d676b427368242ce718fa41a92dd8ae5d842dac3791d5774d215

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: pkYdxx1t6jn1mignbWEiJ.L2M1yUPNCD
content-encoding: gzip
etag: "6941978c0b873e2e0ed0478d3f339048"
age: 1
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7953
x-amz-id-2: Kc7P7ZBHSh/UgLqSis6JrqatS12sMfIkHdiPbzeQkjj3nVqdBWKYZ5quuAj2u9RKXnJVTRDpYFI=
x-served-by: cache-fra19133-FRA
last-modified: Thu, 06 May 2021 12:09:33 GMT
server: AmazonS3
x-timer: S1620818465.107231,VS0,VE1
date: Wed, 12 May 2021 11:21:05 GMT
vary: Accept-Encoding
x-amz-request-id: GKWFS6X9P92QQ6M9
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 33
x-cache-hits: 1

GET
H2 200 tb Show response
15.taboola.com/ 31 KB
9 KB 49ms
47ms XHR
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=thepublisherdesk-garydemarcom&unitType=199&tbloc=3&pageType=text&pstn=Organic%20Right%20Rail%20Thumbnails%20-%20Video&uuip=&cisrf=&cirf=https%3A%2F%2Fgarydemar.com%2F&encoded=1&uid=a382a870-2c60-4997-883f-e1840c999caf-tuct7953fa0&variant=-100|4505&callback=TRC.videoTagCallbacks.videoCallback1&cb=1620818465167&tagid=&cntry=DE&platform=1&sesid=1204ec3b43112cc056c3db0782881649&itemid=/&viewid=1620818464724&geolat=&geoing=&deviceifa=&appid=&sd=v2_1204ec3b43112cc056c3db0782881649_a382a870-2c60-4997-883f-e1840c999caf-tuct7953fa0_1620818464_1620818464_CNawjgYQw8ZCGNSfvIKWLyABKAEwODib4wlAh4oQSO7Y2ANQoewQWABgAGixr-m1yv33zq0B&ri=db2dbb1702fe5d533615e3fbe16eaf0f&appname=&cdb=&gdprApplies=true&rid=&sii=&oee=true&tpubid=1090371&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=NI&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1054495&prcnt=&layer=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 447337afd5bac4b766076baaeb2c938f0c6f90d04e3fa767dc304f54de2e433f

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
content-encoding: gzip
access-control-allow-origin: https://garydemar.com
machineid: 1450
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-fra19133-FRA
pragma: no-cache
server: nginx
x-timer: S1620818465.194502,VS0,VE16
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 204 abtests
trc.taboola.com/thepublisherdesk-garydemarcom/log/3/ 0
89 B 16ms
15ms Image
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/thepublisherdesk-garydemarcom/log/3/abtests?route=AM:AM:V&lti=deflated&ri=db2dbb1702fe5d533615e3fbe16eaf0f&sd=v2_1204ec3b43112cc056c3db0782881649_a382a870-2c60-4997-883f-e1840c999caf-tuct7953fa0_1620818464_1620818464_CNawjgYQw8ZCGNSfvIKWLyABKAEwODib4wlAh4oQSO7Y2ANQoewQWABgAGixr-m1yv33zq0B&ui=a382a870-2c60-4997-883f-e1840c999caf-tuct7953fa0&pi=/&wi=-2580010407355542262&pt=text&vi=1620818464724&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22animated_story%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1620818465179%7D&tim=13%3A21%3A05.179&id=5269&llvl=1&cv=20210506-7-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 varnish
server: nginx
x-timer: S1620818465.185000,VS0,VE9
x-served-by: cache-hhn11577-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H3-29 200 ApcBOUT5FoS.png
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame 352F 573 B
624 B 13ms
6ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/ApcBOUT5FoS.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/MezyoJrtqwR.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/MezyoJrtqwR.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: ES2i7h1ja+wYQGHhG9KvH0x17ijRyu1BPfapl8TQlJ3+b0ZHuuUE4ZQtC9u2gFsrKWwYgruUiqeoifxzfYWHzQ==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Y/eW3MWFNJnkcpEqoXzG3Q==
date: Wed, 12 May 2021 11:21:05 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 573
x-fb-rlafr: 0
expires: Wed, 11 May 2022 23:14:54 GMT

GET
H2 200 Old-Testament-Covenants-1200x630.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/05/ 81 KB
82 KB 1417ms
1414ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-1200x630.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d0b9360f23d400c0240ea9a8437e4e453ef5c70e519a33e61334537b64ca29b

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1408
date: Wed, 12 May 2021 11:21:06 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 474387674735986555627955210741552869781,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 1278
x-cache: MISS, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-1200x630.jpg
content-length: 83454
x-request-id: 8c3d4bbe035707aad784326fdc08641b
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Sun, 25 Apr 2021 19:35:47 GMT
server: nginx
x-timer: S1620818465.222206,VS0,VE1408
etag: "b2cf6587725611045c6f3f35d9b9afc9"
x-served-by: cache-wdc5562-WDC, cache-dca17771-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H2 200 Wolverton_Last-Days-1200x630.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/04/ 104 KB
105 KB 1153ms
1151ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/04/Wolverton_Last-Days-1200x630.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7ce6eaa43f9522c3baab91fba05ac6e2b22a590c05ce26ead42c6ff3c34abd31

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1145
date: Wed, 12 May 2021 11:21:06 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 335088886725123556148290835212012827550,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: MISS, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/04/Wolverton_Last-Days-1200x630.jpg
content-length: 106640
x-request-id: dd986292ce7524262ce2dd19f045361e
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Wed, 28 Apr 2021 11:56:30 GMT
server: nginx
x-timer: S1620818465.222186,VS0,VE1145
etag: "66c26f0d5ff669407e5c8e1ddbd30413"
x-served-by: cache-wdc5557-WDC, cache-dca17755-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H2 200 Hermas-1200x630.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/03/ 201 KB
202 KB 1459ms
1457ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/03/Hermas-1200x630.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 38027309b96ba6585e9605254e3b1b5c8417952501a1b44913236264a7b4108a

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1451
date: Wed, 12 May 2021 11:21:06 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 527847668255838455983703320237239087756,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-cache: MISS, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/03/Hermas-1200x630.jpg
content-length: 206254
x-request-id: 71a7920f3e043a7b74ee7bd809b1d3aa
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Tue, 27 Apr 2021 17:09:19 GMT
server: nginx
x-timer: S1620818465.222363,VS0,VE1451
etag: "b533103f8942033612a660626d64f487"
x-served-by: cache-wdc5538-WDC, cache-dca17745-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H2 200 Child_survivors_of_Auschwitz-1200x630.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/02/ 150 KB
151 KB 1303ms
1301ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/02/Child_survivors_of_Auschwitz-1200x630.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8d04d589afb4347649076b47945ce3e9a1afd6e43d7acf29da1fe94aff16e48d

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1294
date: Wed, 12 May 2021 11:21:06 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 540492930705395026851576923072166037162,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-cache: MISS, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/02/Child_survivors_of_Auschwitz-1200x630.jpeg
content-length: 154048
x-request-id: cdd9a1850edcb23c5e7948ef8fd0261f
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Tue, 27 Apr 2021 01:33:40 GMT
server: nginx
x-timer: S1620818465.222341,VS0,VE1294
etag: "55beb876f4dfd3c493e791f069c40d28"
x-served-by: cache-wdc5551-WDC, cache-dca17770-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H2 200 1948_Lindsey-1200x630.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/04/ 19 KB
20 KB 762ms
760ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/04/1948_Lindsey-1200x630.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a0ac4bbf593c90891d9cb6f6944503b6cf1921ac4cac0a4ae38bd78bfc1745de

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 754
date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 343266659670070714815511508928285346757,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 98
x-envoy-upstream-service-time: 634
x-cache: MISS, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/04/1948_Lindsey-1200x630.jpg
content-length: 19530
x-request-id: 9604565ab172dba219ae6fc21989c2e4
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Sat, 24 Apr 2021 15:50:02 GMT
server: nginx
x-timer: S1620818465.222405,VS0,VE754
etag: "e12707740b02a0d709d013601a6fa3ff"
x-served-by: cache-wdc5564-WDC, cache-dca17773-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H2 200 whittaker_chambers-1200x630.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/02/ 12 KB
13 KB 242ms
241ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/02/whittaker_chambers-1200x630.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e04319e18076afc1ee76f093349c0c5358eb875fbc2db69d13ab755b4c16b7a4

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 234
date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 441316390118085367358319483021680534556,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 120
expiration: expiry-date="Wed, 12 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/02/whittaker_chambers-1200x630.jpg
content-length: 12398
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Sun, 11 Apr 2021 00:50:35 GMT
server: nginx
x-timer: S1620818465.222476,VS0,VE234
etag: "652949575b7bbb43df097098d27dc500"
x-served-by: cache-wdc5583-WDC, cache-dca17762-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H2 200 communist_party-1200x630.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/05/ 22 KB
23 KB 195ms
194ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/05/communist_party-1200x630.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f6d913f3bbb9a25cdd47c7be4f82d7f6ad6de44b39e960a89d10da7215d89647

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 188
date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 varnish, 1.1 varnish
age: 2227473
edge-cache-tag: 379877270111371015899993914307785161784,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Tue, 20 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/05/communist_party-1200x630.jpg
content-length: 22352
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Sat, 20 Mar 2021 19:10:49 GMT
server: nginx
x-timer: S1620818465.463986,VS0,VE188
etag: "d1a4d66f199d09a8ddafe480663deaa5"
x-served-by: cache-wdc5552-WDC, cache-dca17720-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 200 Day-the-earth-stood-still-1200x630.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/04/ 41 KB
42 KB 215ms
215ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/04/Day-the-earth-stood-still-1200x630.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f13d5c7fda7af208007f37ea218a478457afc0ff0f800ac6c2a3fada8e6ed1d2

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 208
date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 varnish, 1.1 varnish
age: 2333961
edge-cache-tag: 512174854290562010745374137830482976202,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 92
expiration: expiry-date="Fri, 30 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/04/Day-the-earth-stood-still-1200x630.jpg
content-length: 41874
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Tue, 30 Mar 2021 02:08:21 GMT
server: nginx
x-timer: S1620818466.659246,VS0,VE208
etag: "9c7309c3c9b7098b500043c69440d9f9"
x-served-by: cache-wdc5544-WDC, cache-dca17745-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0

GET
H2 200 0abc3041-6ca5-45b3-8ad5-853647557c00_1000x600_917efae7793734865966cd26ea793d3f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/d166bdcc-25a7-46f9-9569-be6743c08c1c/ 38 KB
39 KB 7ms
7ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/d166bdcc-25a7-46f9-9569-be6743c08c1c/0abc3041-6ca5-45b3-8ad5-853647557c00_1000x600_917efae7793734865966cd26ea793d3f.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 10fb0f812b9474dfc495e72cc44e91511bcf116a26dc36dfdd9681c2b50fac59

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 varnish, 1.1 varnish
age: 1576031
edge-cache-tag: 395852904880681866905854435121076596710,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Sat, 15 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/d166bdcc-25a7-46f9-9569-be6743c08c1c/0abc3041-6ca5-45b3-8ad5-853647557c00_1000x600_917efae7793734865966cd26ea793d3f.png
content-length: 39006
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Wed, 14 Apr 2021 13:02:51 GMT
server: nginx
x-timer: S1620818466.875950,VS0,VE1
etag: "72c072b72b5bdc7eaef6314d9c64e2b6"
x-served-by: cache-wdc5567-WDC, cache-dca17758-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1

GET
H2 200 b3323c9025f12bf4bfff2ce1280fd873.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 143 KB
144 KB 8ms
8ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b3323c9025f12bf4bfff2ce1280fd873.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6a3358bb86772fadab5cf6825c6352d43f1f1352abb1cb14905d518267fd736d

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 varnish, 1.1 varnish
age: 439790
edge-cache-tag: 477599477131900031565741642539451101257,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b3323c9025f12bf4bfff2ce1280fd873.jpg
content-length: 146238
x-request-id: dbbe1b1436280173be8e6728018034fe
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 07 May 2021 06:28:48 GMT
server: nginx
x-timer: S1620818466.884450,VS0,VE1
etag: "4109b9af6a79684cb26ff1121e3bdef1"
x-served-by: cache-wdc5526-WDC, cache-dca17763-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 plague-bruegel-1200x630.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/04/ 28 KB
29 KB 166ms
165ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/04/plague-bruegel-1200x630.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9185cc2c7f5d31ab782bb14deb3a6c4808487af4f0b84e2e69c17bd592390dc1

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 158
date: Wed, 12 May 2021 11:21:06 GMT
via: 1.1 varnish, 1.1 varnish
age: 1118716
edge-cache-tag: 407765622763219619030559570893323710957,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 46
x-cache: HIT, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/04/plague-bruegel-1200x630.jpg
content-length: 28878
x-request-id: ee73370482f132b56546b9cdcf6c9965
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Tue, 27 Apr 2021 20:37:48 GMT
server: nginx
x-timer: S1620818466.897913,VS0,VE158
etag: "69e5a00c0c94daad135b75103478e8bf"
x-served-by: cache-wdc5557-WDC, cache-dca17766-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0

GET
H2 200 Duche-prayer-1200x630.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/02/ 24 KB
25 KB 547ms
546ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/02/Duche-prayer-1200x630.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 83cce140896a392c8284d04d84d02cd819a1690b9e12a5472a1d8aad4f0055e1

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 540
date: Wed, 12 May 2021 11:21:06 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 573243009131867291940825988967524789683,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: MISS, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/02/Duche-prayer-1200x630.jpg
content-length: 24776
x-request-id: c53abed5612216f50070ccbf20508d62
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Tue, 04 May 2021 23:07:01 GMT
server: nginx
x-timer: S1620818466.984440,VS0,VE540
etag: "34b67fb9a4e1382cf8d63328c276464b"
x-served-by: cache-wdc5578-WDC, cache-dca17760-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H2 200 35ae2423141e654f29a019d55accb3ab.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 23 KB
23 KB 165ms
164ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/35ae2423141e654f29a019d55accb3ab.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 23525ed5c3926cd6db061a0f47b5c1b7b24e22c8faf634305dae9ddbd63c304f

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 157
date: Wed, 12 May 2021 11:21:06 GMT
via: 1.1 varnish, 1.1 varnish
age: 821566
edge-cache-tag: 392803733737490517912138817798541361504,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/35ae2423141e654f29a019d55accb3ab.jpg
content-length: 23108
x-request-id: 041ab1fedac83bc2b4438d1aa832d146
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Thu, 29 Apr 2021 15:23:36 GMT
server: nginx
x-timer: S1620818466.065629,VS0,VE157
etag: "aef94b8419a008ab00e45be5d134516a"
x-served-by: cache-wdc5530-WDC, cache-dca17781-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 1208789809__Yrwp3DCt.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EYM/ 26 KB
27 KB 8ms
7ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EYM/1208789809__Yrwp3DCt.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 33f151572605a44f60c2671da8a837ae97734032e73751e50a980152044df54f

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 12 May 2021 11:21:06 GMT
via: 1.1 varnish, 1.1 varnish
age: 401238
edge-cache-tag: 498923880753111869489368631842304492282,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EYM/1208789809__Yrwp3DCt.jpg
content-length: 26950
x-request-id: 63c56a1ac89e63fa513260e84b5374a0
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Tue, 27 Apr 2021 08:48:20 GMT
server: nginx
x-timer: S1620818466.229638,VS0,VE1
etag: "834e03a57b98dd51fc681e584fc42826"
x-served-by: cache-wdc5526-WDC, cache-dca17778-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1

GET
H2 200 cosmos-1200x630.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/02/ 43 KB
43 KB 233ms
233ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/02/cosmos-1200x630.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 95fe8dded904122a5676bf95c1f3154ca51e3aa864a6c5952bb438c0470000d9

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 226
date: Wed, 12 May 2021 11:21:06 GMT
via: 1.1 varnish, 1.1 varnish
age: 1033729
edge-cache-tag: 336857144287241178148924765640858648188,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 112
expiration: expiry-date="Mon, 03 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/02/cosmos-1200x630.jpeg
content-length: 43590
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 02 Apr 2021 05:40:02 GMT
server: nginx
x-timer: S1620818466.238151,VS0,VE226
etag: "f31d94b0ec607d6ab5055dafb9a493ed"
x-served-by: cache-wdc5558-WDC, cache-dca17736-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0

GET
H2 200 Federal-Government-1200x630.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/04/ 33 KB
33 KB 220ms
219ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/04/Federal-Government-1200x630.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 87edf1d76745bef608e1b094ffa0e537e6a421ccbb1c9c44832b8d79276b0835

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 213
date: Wed, 12 May 2021 11:21:06 GMT
via: 1.1 varnish, 1.1 varnish
age: 1563407
edge-cache-tag: 484249310623607230683810111479504213917,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Mon, 03 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/04/Federal-Government-1200x630.jpg
content-length: 33410
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Fri, 02 Apr 2021 05:39:50 GMT
server: nginx
x-timer: S1620818466.375862,VS0,VE213
etag: "243961e00dc98495e033f38aff5ba28d"
x-served-by: cache-wdc5562-WDC, cache-dca17745-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0

POST
H2 200 v2nwcTc0f2E7Pbx4_7zJY_ofsY5u6wzqkzbe3nifgMZBm0Pj6-2QyAznA7FLx8_3sDA9DTGDA Show response
fadedsnow.com/ 216 B
611 B 42ms
15ms Fetch
application/json 35.201.96.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fadedsnow.com/v2nwcTc0f2E7Pbx4_7zJY_ofsY5u6wzqkzbe3nifgMZBm0Pj6-2QyAznA7FLx8_3sDA9DTGDA

Requested by

Host: fadedsnow.com
URL: https://fadedsnow.com/v2/0/kpqEFU9bQ_bhJZ241RTU9NDIOgy4mjzzIIxEarkB20uT3Uw-KDss6B78PUtIxWt6MuBiA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.96.201.35.bc.googleusercontent.com

Software

Resource Hash

f7f7052522aed209361eec56a4dda3b443dd1563eaa3294598e7088bf2e900e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Wed, 12 May 2021 11:21:05 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://garydemar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: e604810c
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Wed, 12 May 2021 11:21:04 GMT

POST
H2 200 v2nwcTc0f2E7Pbx4_7zJY_ofsY5u6wzqkzbe3nifgMZBm0Pj6-2QyAznA7FLx8_3sDA9DTGDA Show response
fadedsnow.com/ 216 B
249 B 15ms
15ms Fetch
application/json 35.201.96.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fadedsnow.com/v2nwcTc0f2E7Pbx4_7zJY_ofsY5u6wzqkzbe3nifgMZBm0Pj6-2QyAznA7FLx8_3sDA9DTGDA

Requested by

Host: fadedsnow.com
URL: https://fadedsnow.com/v2/0/kpqEFU9bQ_bhJZ241RTU9NDIOgy4mjzzIIxEarkB20uT3Uw-KDss6B78PUtIxWt6MuBiA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.96.201.35.bc.googleusercontent.com

Software

Resource Hash

b9ee99056cf3116c61376228c3138d17cf9f4a762d34e34f8f6009c68369da90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Wed, 12 May 2021 11:21:05 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://garydemar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: e604810c
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Wed, 12 May 2021 11:21:04 GMT

GET
H2 200 Old-Testament-Covenants-1200x630.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/05/ 27 KB
28 KB 8ms
7ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-1200x630.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3fad3f3d6160c22a70fadf9999c8f2ce1ac2ebb8078b583e1dfd0e1b81a6b33b

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 12 May 2021 11:21:06 GMT
via: 1.1 varnish, 1.1 varnish
age: 1797064
edge-cache-tag: 474387674735986555627955210741552869781,516597067088485307894398999575147827859,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Tue, 04 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-1200x630.jpg
content-length: 27612
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Sat, 03 Apr 2021 14:10:02 GMT
server: nginx
x-timer: S1620818466.472124,VS0,VE1
etag: "c1f8cb0586965f20bd6dbc099960776a"
x-served-by: cache-wdc5521-WDC, cache-dca17779-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 Wolverton_Last-Days-1200x630.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/04/ 33 KB
34 KB 7ms
7ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/04/Wolverton_Last-Days-1200x630.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fd2cd6fb9c71da6a520746673ee971d553c1c987a5fd45674ba7ea3039a532e2

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 12 May 2021 11:21:06 GMT
via: 1.1 varnish, 1.1 varnish
age: 1154922
edge-cache-tag: 335088886725123556148290835212012827550,516597067088485307894398999575147827859,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
expiration: expiry-date="Thu, 13 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/04/Wolverton_Last-Days-1200x630.jpg
content-length: 34036
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Mon, 12 Apr 2021 20:55:57 GMT
server: nginx
x-timer: S1620818466.480259,VS0,VE1
etag: "c9c69d91f6e12432d4dae4a3a5291e24"
x-served-by: cache-wdc5533-WDC, cache-dca17749-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 maxresdefault.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ytimg.com/vi/SjSwhZ9ss9Q/ 16 KB
16 KB 99ms
98ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ytimg.com/vi/SjSwhZ9ss9Q/maxresdefault.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 45c0dcabe450b45971ebba5e949f29e39dfa92981e73f6a19e452acbca722cca

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 92
date: Wed, 12 May 2021 11:21:06 GMT
via: 1.1 varnish, 1.1 varnish
age: 422281
edge-cache-tag: 470950574241788535727502203052224442876,516597067088485307894398999575147827859,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 97
expiration: expiry-date="Thu, 20 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ytimg.com/vi/SjSwhZ9ss9Q/maxresdefault.jpg
content-length: 15886
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Mon, 19 Apr 2021 09:10:15 GMT
server: nginx
x-timer: S1620818466.489562,VS0,VE92
etag: "1dd65f5dd021878e97edbf7e2d6affb3"
x-served-by: cache-wdc5560-WDC, cache-dca17741-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 Hermas-1200x630.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/03/ 51 KB
51 KB 8ms
8ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/03/Hermas-1200x630.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 51ba00b25ade1e89e9462d84cbc82b0d6542cc0353aa4989cc4c7882cd5e7d85

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 12 May 2021 11:21:06 GMT
via: 1.1 varnish, 1.1 varnish
age: 880835
edge-cache-tag: 527847668255838455983703320237239087756,516597067088485307894398999575147827859,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/03/Hermas-1200x630.jpg
content-length: 51842
x-request-id: b7dcb8657510f66e00c976afb8474741
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Tue, 27 Apr 2021 17:09:19 GMT
server: nginx
x-timer: S1620818467.529282,VS0,VE1
etag: "51ef9b41cfb95da0e9e5ad8ea82a52c5"
x-served-by: cache-wdc5530-WDC, cache-dca17770-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 UnitInlineDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.4.2/ 95 KB
28 KB 9ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.4.2/UnitInlineDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48a9cb95cdf07c64bbdab6e6ba8f370292f8be188c7d4c9826f985f549b551d8

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront), 1.1 varnish
age: 958610
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 27855
x-served-by: cache-hhn11577-HHN
last-modified: Sat, 01 May 2021 09:03:06 GMT
server: AmazonS3
x-timer: S1620818465.304643,VS0,VE0
etag: "54e32422fe50da083dd825299a5ca652"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: OjMTxJ0XGEbvhAom6vpgRy4KbGX1vCVH4AngX5LBXSe077ci1EC_3Q==
x-cache-hits: 14820

GET
H3-29 200 tNWqX1KjEm8.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yj/r/ Frame 352F 364 B
302 B 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/tNWqX1KjEm8.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/IroYP_0CRDZ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3dc6f955bc25ba9de2372c0eb71fb8c36f014c444dbba5b38df3fd6a251968f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: WW9QO4DWy9lk9bWuk80fIA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 249
x-fb-rlafr: 0
x-fb-debug: gK5/jLWqNsAMeOH6p10tfu3RKuNv3JB2hsK4fnWEHgfBhIfza+vltR9NdJx2D6lb2Pg+mYd4wsfQGQvU9G8uqA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 12 May 2022 02:35:43 GMT

GET
H3-29 200 3gKIw20zpPx.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ Frame 352F 18 KB
6 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/3gKIw20zpPx.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/IroYP_0CRDZ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

732f2d6e7767e7978cf70554aec8f7b40d5d6da4b601e528f136473c1b965c93

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: +WweuYtea66RPAEX0Vl2fg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 5954
x-fb-rlafr: 0
x-fb-debug: 4BZmJsHvU6hVpaxdNTAAZeDFUjWmQHqQuC+QbaeeZTRceouGDXuXICrGa1pF8uZ2UEPdIovEl00lvXEfVDyVlw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 May 2022 12:55:30 GMT

GET
H3-29 200 JopZtdti8dq.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame 352F 7 KB
2 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/JopZtdti8dq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/IroYP_0CRDZ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mTMNw9OoY8KLmzHcqJmeVA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 2270
x-fb-rlafr: 0
x-fb-debug: DlADW8xzbqS+3scYE/FPycMOo+le3VoKOwEGOOvyixPoXo1qhe5rN1QaFhd/DnoICjXT9cXY2Hk3CiABgISV6Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 May 2022 05:23:15 GMT

GET
H3-29

200

3.thumbnail.jpg
garydemar.com/wp-content/uploads/userphoto/
Redirect Chain

https://cdn.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_100,h_100/https://garydemar.com/wp-content/uploads/userphoto/3.thumbnail.jpg
https://garydemar.com/wp-content/uploads/userphoto/3.thumbnail.jpg

4 KB
5 KB

14ms
14ms

Image
image/jpeg

2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garydemar.com/wp-content/uploads/userphoto/3.thumbnail.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c095b65f7285452e5da09a62e22f4317ec5f830a09cef936658fe6e40a52005

Request headers

:path: /wp-content/uploads/userphoto/3.thumbnail.jpg
pragma: no-cache
cookie: _ga=GA1.2.1473164834.1620818464; _gid=GA1.2.1976713418.1620818464; _gat=1; __qca=P0-1994936619-1620818464742; trc_cookie_storage=thepublisherdesk-garydemarcom%253Asession-data%3Dv2_1204ec3b43112cc056c3db0782881649_a382a870-2c60-4997-883f-e1840c999caf-tuct7953fa0_1620818464_1620818464_CNawjgYQw8ZCGNSfvIKWLyABKAEwODib4wlAh4oQSO7Y2ANQoewQWABgAGixr-m1yv33zq0B%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522thepublisherdesk-garydemarcom%253Asession-data%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Auser-id%3Da382a870-2c60-4997-883f-e1840c999caf-tuct7953fa0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garydemar.com
referer: https://garydemar.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 12 May 2021 11:21:05 GMT
cf-cache-status: HIT
x-cacheable: YES
age: 460410
x-fw-server: Flywheel/4.1.0
x-cache: HIT
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4014
cf-request-id: 0a01e82a4200002b9575a20000000001
x-fw-type: VISIT
pragma: public
last-modified: Fri, 12 Apr 2019 05:02:52 GMT
server: cloudflare
x-fw-hash: jq5toxmr2e
etag: "5cb01bfc-fae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3PkTpSlr%2FZNNAx%2B%2F3G3UmR0IftezNSxEULSDldlLhhNS8OridaCttjjyfHbR7TzugIxkjWStBY0iJKxukOfTFgf4T8vthZfSnTO7hSOXzb0Hdb1MkdIg9L%2FH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
x-hits: 1
accept-ranges: bytes
cf-ray: 64e342f069472b95-FRA

Redirect headers

date: Wed, 12 May 2021 11:21:05 GMT
cdn-edgestorageid: 632, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:garydemar.com
cdn-cachedat: 2021-05-12 13:21:03
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://garydemar.com/wp-content/uploads/userphoto/3.thumbnail.jpg
content-type: text/html; charset=UTF-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=31919000
cdn-requestid: fe45f76f15b564ca9b44e5ac2faee5f4
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

OPTIONS
H2 204 thepublisherdesk
thepublisherdesk.technoratimedia.com/openrtb/bids/ Frame 0
0 94ms
94ms Preflight 150.136.26.45
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://thepublisherdesk.technoratimedia.com/openrtb/bids/thepublisherdesk?src=prebid_prebid_4.30.0
Protocol: H2
Server: 150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://garydemar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 12 May 2021 11:21:05 GMT
access-control-allow-headers: content-type
access-control-allow-origin: https://garydemar.com
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 270802135
age: 0
via: 1.1 varnish

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
370 B 86ms
86ms XHR
text/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgarydemar.com%2F&pid=LSYtJHzLcQEkp&cb=1&ws=1600x1200&v=7.64.00&t=750&slots=%5B%7B%22sd%22%3A%22dsk-banner-ad-a%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%7D%2C%7B%22sd%22%3A%22dsk-box-ad-a%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22160x600%22%2C%22120x600%22%5D%7D%2C%7B%22sd%22%3A%22dsk-box-ad-b%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22160x600%22%2C%22120x600%22%5D%7D%5D&cfgv=0&schain=1.0%2C1!publisherdesk.com%2C100279%2C1%2C%2C%2C&pubid=8f0be570-94e3-4c8a-8dac-4372ca412efd&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 a06cb72e779e366fcd004926eacd5b85.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://garydemar.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: G2TxrFBBJuS2cNMV1umKOEF09xhUElagYV2P6uVjCtnBzkQ0vxAOXw==

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 154 B
497 B 70ms
70ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: 56bedff467d11320bc7854e68ba3a91255d1a258ce2d80e91552da740377f3d8

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:05 GMT
Server: nginx/1.19.0
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://garydemar.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 154
Expires: 0

POST
H2 204 thepublisherdesk Show response
thepublisherdesk.technoratimedia.com/openrtb/bids/ 0
291 B 95ms
95ms XHR
text/plain 150.136.26.45
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://thepublisherdesk.technoratimedia.com/openrtb/bids/thepublisherdesk?src=prebid_prebid_4.30.0
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 212278978
access-control-allow-origin: https://garydemar.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
84 B 14ms
14ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://garydemar.com
access-control-allow-credentials: true
cf-ray: 64e342f2081505b7-FRA
access-control-allow-headers: Content-Type, Origin
cf-request-id: 0a01e82b41000005b7d90b5000000001

POST
H/1.1 204
No Content prebid_display Show response
display.bfmio.com/ 0
343 B 461ms
266ms XHR
text/plain 52.203.101.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://display.bfmio.com/prebid_display

Requested by

Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.203.101.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Type: text/plain;charset=iso-8859-1
Access-Control-Allow-Origin: https://garydemar.com
Access-Control-Expose-Headers: location
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 display Show response
mantodea.mantisadnetwork.com/prebid/ 56 B
337 B 123ms
122ms XHR
application/javascript 52.22.66.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/display?tz=-120&buster=1620818465603&secure=true&version=9&uuid=0cc331e4-d8f1-405b-a9b9-2eb57293253a&title=Gary%20DeMar&url=https%3A%2F%2Fgarydemar.com%2F&measurable=true&bids[0][bidId]=56944f6af3a8477&bids[0][config][property]=5d14f0c63bb9c40007c8a737&bids[0][config][zone]=dsk-banner-ad-a&bids[0][sizes][0][width]=970&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=728&bids[0][sizes][1][height]=90&bids[0][sizes][2][width]=468&bids[0][sizes][2][height]=60&bids[0][sizes][3][width]=1&bids[0][sizes][3][height]=1&bids[1][bidId]=5765b660dab653c&bids[1][config][property]=5d14f0c63bb9c40007c8a737&bids[1][config][zone]=dsk-box-ad-a&bids[1][sizes][0][width]=300&bids[1][sizes][0][height]=600&bids[1][sizes][1][width]=300&bids[1][sizes][1][height]=250&bids[1][sizes][2][width]=160&bids[1][sizes][2][height]=600&bids[1][sizes][3][width]=120&bids[1][sizes][3][height]=600&bids[2][bidId]=582d8b47b8e46ae&bids[2][config][property]=5d14f0c63bb9c40007c8a737&bids[2][config][zone]=dsk-box-ad-b&bids[2][sizes][0][width]=300&bids[2][sizes][0][height]=600&bids[2][sizes][1][width]=300&bids[2][sizes][1][height]=250&bids[2][sizes][2][width]=160&bids[2][sizes][2][height]=600&bids[2][sizes][3][width]=120&bids[2][sizes][3][height]=600&property=5d14f0c63bb9c40007c8a737&foo
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.66.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: 0e3cf72d008684c0ad8cfd6c1c3199c17374cf63b47197caab88e999157e268e

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:05 GMT
x-powered-by: Express
etag: W/"38-vvjt0CInI2vZyLoeKG2ovGdkBWA"
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://garydemar.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 56
expires: -1

POST
H2 200 c Show response
prebid.a-mo.net/a/ 861 B
522 B 250ms
250ms XHR
application/json 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: f783d5339c16ad626dead0d858931477b36d828876ebbbdd136f0cea38392e08

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://garydemar.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 161
content-length: 356

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 376 B
1 KB 40ms
39ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

2d42a07e6f39704c9905b6a6f34314affd0c64974d006dae1c2d34ede3bb29d9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:05 GMT
X-Proxy-Origin: 159.48.53.232; 159.48.53.232; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.242:80
AN-X-Request-Uuid: 511af68a-d079-4b8b-8402-77027a0f255f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://garydemar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 376
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 471 B
3 KB 376ms
376ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11250&site_id=183890&zone_id=896442%3B896444%3B896446&size_id=2%3B15%3B15&alt_size_ids=1%2C55%2C221%3B9%2C8%2C10%3B9%2C8%2C10&rp_schain=1.0,1!publisherdesk.com,100279,1,,,&rf=https%3A%2F%2Fgarydemar.com%2F&tk_flint=pbjs_lite_v4.30.0&x_source.tid=80d14e35-d1b5-45ab-8118-70955657500b%3B494277d3-da51-4153-b705-c9f10b770fbf%3Ba2aeaf0d-98b5-4100-b31b-d43f075bf5c8&p_screen_res=1600x1200&rp_secure=1&slots=3&rand=0.5805600565703584
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 83e9a74bf0cdc1726bf85da7ef132157407782022011fae6c432d8cd687457d5

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:05 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://garydemar.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 471
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK bidRequest Show response
in-appadvertising.com/api/ 55 B
549 B 92ms
92ms XHR
application/javascript 169.63.109.126
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://in-appadvertising.com/api/bidRequest?bidId=723b4237a7372ec&pubId=31569&sectionId=10017&vers=4.30.0&url=https://garydemar.com/&sizes=970x90,728x90,468x60,1x1&tr_wd=1&tr_hd=0&tr_vs=visible
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.63.109.126 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: b9788323a5e4ba8d980d875eee9ae225ccef0406fd546e0284657ecde8e3fbb1

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:05 GMT
Content-Encoding: gzip
Server: nginx/1.16.1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,OPTIONS,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: https://garydemar.com
Cache-control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With
Expires: 0

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
352 B 34ms
34ms XHR
text/plain 52.208.100.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.30.0&p=%5B%7B%22placement_id%22%3A%22dsk-banner-ad-a%22%2C%22callback_id%22%3A%2274980572d6fb0dc%22%2C%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B468%2C60%5D%2C%5B1%2C1%5D%5D%2C%22ym_placement_id%22%3A%222454275463044866860%22%7D%2C%7B%22placement_id%22%3A%22dsk-box-ad-a%22%2C%22callback_id%22%3A%2275dd557f1ad53fd%22%2C%22sizes%22%3A%5B%5B300%2C600%5D%2C%5B300%2C250%5D%2C%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%222454275463111975725%22%7D%2C%7B%22placement_id%22%3A%22dsk-box-ad-b%22%2C%22callback_id%22%3A%2276f5e04d6160c46%22%2C%22sizes%22%3A%5B%5B300%2C600%5D%2C%5B300%2C250%5D%2C%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%222454275463179084590%22%7D%5D&page_url=https%3A%2F%2Fgarydemar.com%2F&bust=1620818465607&pr=https%3A%2F%2Fgarydemar.com%2F&scrd=1&dnt=false&description=Gary%20DeMar%20is%20an%20American%20writer%2C%20lecturer%20and%20former%20president%20of%20American%20Vision%2C%20an%20American%20Christian%20nonprofit%20organization&title=Gary%20DeMar&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22publisherdesk.com%22%2C%22sid%22%3A%22100279%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.100.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://garydemar.com
pragma: no-cache
date: Wed, 12 May 2021 11:21:05 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 4CE7 955 B
646 B 19ms
17ms Document
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8018197&crid=5558925&dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&cmcv=&pix=undefined&cb=1620818465621&uv=90398358&tms=1620818465621&abt=206725b_vA!206725b_vA!adh5c-1_vA!insc_vA!nrlc_vA!rvf1_vA!spa2_vA!ul90398-358_vB&ft=0&su=4&unm=INLINE_INSTREAM&aure=false&agl=1&cirid=C7B653863D1989021401244303739&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.2/UnitInlineDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b9dda5b243c92e46d0e3d3ceb4dc1782855c5ca451000f3052f47ba9cee0f315

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8018197&crid=5558925&dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&cmcv=&pix=undefined&cb=1620818465621&uv=90398358&tms=1620818465621&abt=206725b_vA!206725b_vA!adh5c-1_vA!insc_vA!nrlc_vA!rvf1_vA!spa2_vA!ul90398-358_vB&ft=0&su=4&unm=INLINE_INSTREAM&aure=false&agl=1&cirid=C7B653863D1989021401244303739&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://garydemar.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 varnish
x-served-by: cache-fra19133-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1620818466.626759,VS0,VE11
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame F2E5 956 B
1 KB 44ms
14ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.2/UnitInlineDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 13e3dfa019adc5d3a7ba144426589f45743b5e73e4c8f5135d2dc0ca4afa3e78

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://garydemar.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

server: nginx
date: Wed, 12 May 2021 11:21:05 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3401

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1008 B
696 B 51ms
49ms XHR
application/json 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=360&height=202&pubid=169497&tagid=953497&crid=5558925&noaop=3&sortOrderType=0&cb=1620818465627&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1225&pt=1893674285&tz=120&viewable=true&ddast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2047445&dpubid=191877&abtst=206725b_vA!206725b_vA!adh5c-1_vA!insc_vA!nrlc_vA!rvf1_vA!spa2_vA!ul90398-358_vB&mPre=0.033&cirf=https%3A%2F%2Fgarydemar.com&en=1&subu=4
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.2/UnitInlineDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f5319fd97edaa2f34fd31d58d0735a92b3587c8e998af409633274d67efdfd84

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
content-encoding: gzip
access-control-allow-origin: https://garydemar.com
machineid: 1462
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra19133-FRA
pragma: no-cache
server: nginx
x-timer: S1620818466.630298,VS0,VE43
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 696ms
666ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8018197&crid=5558925&dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&cmcv=&pix=31589837&cb=1620818465621&uv=90398358&tms=1620818465621&abt=206725b_vA!206725b_vA!adh5c-1_vA!insc_vA!nrlc_vA!rvf1_vA!spa2_vA!ul90398-358_vB&ft=0&su=4&unm=INLINE_INSTREAM&debug=pn:!sqg:!torgn:1620818459921.3242!ts:1620818465621&mntl=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:06 GMT
content-length: 0
server: nginx

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4CE7 70 B
265 B 94ms
29ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8018197&crid=5558925&dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&cmcv=&pix=undefined&cb=1620818465621&uv=90398358&tms=1620818465621&abt=206725b_vA!206725b_vA!adh5c-1_vA!insc_vA!nrlc_vA!rvf1_vA!spa2_vA!ul90398-358_vB&ft=0&su=4&unm=INLINE_INSTREAM&aure=false&agl=1&cirid=C7B653863D1989021401244303739&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 sync Show response
pixel.advertising.com/ups/58166/ Frame 4CE7 0
125 B 26ms
9ms Script
text/plain 18.197.99.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8018197&crid=5558925&dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&cmcv=&pix=undefined&cb=1620818465621&uv=90398358&tms=1620818465621&abt=206725b_vA!206725b_vA!adh5c-1_vA!insc_vA!nrlc_vA!rvf1_vA!spa2_vA!ul90398-358_vB&ft=0&su=4&unm=INLINE_INSTREAM&aure=false&agl=1&cirid=C7B653863D1989021401244303739&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.99.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 4CE7
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=246d7e9e-b314-11eb-bbdc-192cb16e0506&orig=video&us_privacy=1---

0
225 B

17ms
14ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=246d7e9e-b314-11eb-bbdc-192cb16e0506&orig=video&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8018197&crid=5558925&dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&cmcv=&pix=undefined&cb=1620818465621&uv=90398358&tms=1620818465621&abt=206725b_vA!206725b_vA!adh5c-1_vA!insc_vA!nrlc_vA!rvf1_vA!spa2_vA!ul90398-358_vB&ft=0&su=4&unm=INLINE_INSTREAM&aure=false&agl=1&cirid=C7B653863D1989021401244303739&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.134:10213
date: Wed, 12 May 2021 11:21:05 GMT
server: nginx
x-fastly-to-nlb-rtt: 7153

Redirect headers

Date: Wed, 12 May 2021 11:21:05 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=246d7e9e-b314-11eb-bbdc-192cb16e0506&orig=video&us_privacy=1---
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 98
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 4CE7 43 B
146 B 24ms
7ms Image
image/gif 3.124.251.221
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8018197&crid=5558925&dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&cmcv=&pix=undefined&cb=1620818465621&uv=90398358&tms=1620818465621&abt=206725b_vA!206725b_vA!adh5c-1_vA!insc_vA!nrlc_vA!rvf1_vA!spa2_vA!ul90398-358_vB&ft=0&su=4&unm=INLINE_INSTREAM&aure=false&agl=1&cirid=C7B653863D1989021401244303739&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.251.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F2E5 70 B
264 B 68ms
30ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 sync Show response
pixel.advertising.com/ups/58166/ Frame F2E5 0
124 B 9ms
8ms Script
text/plain 18.197.99.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&excid=22&docw=0&cijs=1&nlb=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.99.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame F2E5
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=24701a0d-b314-11eb-a46c-14e583300306&orig=video&us_privacy=1---

0
227 B

13ms
13ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=24701a0d-b314-11eb-a46c-14e583300306&orig=video&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.127:10213
date: Wed, 12 May 2021 11:21:05 GMT
server: nginx
x-fastly-to-nlb-rtt: 7153

Redirect headers

Date: Wed, 12 May 2021 11:21:05 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=24701a0d-b314-11eb-a46c-14e583300306&orig=video&us_privacy=1---
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 91
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame F2E5 43 B
145 B 7ms
7ms Image
image/gif 3.124.251.221
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.251.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 cmTagINLINE_INSTREAM.js Show response
vidstat.taboola.com/vpaid/units/90398_358/infra/ 794 KB
137 KB 22ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/90398_358/infra/cmTagINLINE_INSTREAM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.2/UnitInlineDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: edcd554b2553fb03cf34349152c91d4921fc4e19319fa536beb5bfe5bd954e60

Request headers

Origin: https://garydemar.com
Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 varnish
age: 84778
x-amz-meta-mtime: 1620733605
x-cache: HIT
x-amz-meta-ctime: 1620733606
x-amz-meta-mode: 33188
content-encoding: br
content-length: 140082
x-amz-id-2: /bh1xWNhyZRWNuqx+399gRP7F0DkoqLmNYB8dyLJect6xwBWND+MHc8xGjiyuJBPKEVTAAB2qtY=
x-served-by: cache-hhn11552-HHN
accept-ranges: bytes
last-modified: Tue, 11 May 2021 11:46:47 GMT
server: AmazonS3-br
x-timer: S1620818466.697134,VS0,VE0
etag: "9d2ccff37500ce99530efc040199e048"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: BY0CX3PCTPY0R80W
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 6009

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/90398_358/assets/css/ 60 KB
8 KB 7ms
6ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/90398_358/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.2/UnitInlineDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 949df1ccf23d571822752903501ed230b592bc352ba1dd90cee047ba37273d76

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 varnish
age: 84780
x-amz-meta-mtime: 1620733631
x-cache: HIT
x-amz-meta-ctime: 1620733631
x-amz-meta-mode: 33188
content-encoding: br
content-length: 7950
x-amz-id-2: TKVLJ0mwJPP7Pcxi67MdFloStZ08anx35H3mGUm9lv64NcKI2hbNp2rWzcNneirtpxwH0Fai0WI=
x-served-by: cache-hhn11577-HHN
accept-ranges: bytes
last-modified: Tue, 11 May 2021 11:47:12 GMT
server: AmazonS3-br
x-timer: S1620818466.684140,VS0,VE0
etag: "76a50a41a99b62149876849065851fe4"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 4XTRGZS0K44RJ8MH
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 81121

GET
H2 200 PMS.js Show response
vidstat.taboola.com/PMS/3.2.2/ 59 KB
17 KB 7ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/90398_358/infra/cmTagINLINE_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront), 1.1 varnish
age: 2974731
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 17509
x-served-by: cache-hhn11577-HHN
last-modified: Thu, 21 Jan 2021 11:30:56 GMT
server: AmazonS3
x-timer: S1620818466.808383,VS0,VE0
etag: "f237b8d35060f133ac8c595fd1234e1c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: RuZTYf9ZWA96SQeo8HHRHLcCv200QVgjNg5SQ7cxYBxr9Ka4rjgQ-w==
x-cache-hits: 3525225

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 0FF7
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

23ms
7ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8018197&crid=5558925&dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&cmcv=&pix=undefined&cb=1620818465621&uv=90398358&tms=1620818465621&abt=206725b_vA!206725b_vA!adh5c-1_vA!insc_vA!nrlc_vA!rvf1_vA!spa2_vA!ul90398-358_vB&ft=0&su=4&unm=INLINE_INSTREAM&aure=false&agl=1&cirid=C7B653863D1989021401244303739&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://imprammp.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KOLDGRKS-G-GW8A; rsid=1|GdCqMVQW/e7eWy+6n8k7DE/csJlhLqCtjC1RTpP3Ow50wYWQNGmPQsSdY7jlho/RRR2s2jWpYWSoeROXM2OqBxj7tEAFiUAC4F8vbvGAe05m/Tr8XPABacX4SL/aMTCYHr2Y+hQPaXu0ov5eZw==; ses2=; vis2=183890^1; audit=1|naVuGyos1qp8mOclwl4fcivFDs1mPax1RsOjAPR/4NlrpZGZO4thr3QWEsYCaWMgaNgdOVL2Yy+XEFJOwdW9M7KpUjWTmmg0; ses15=; vis15=183890^1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://imprammp.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 12 May 2021 11:21:05 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Wed, 12 May 2021 11:21:05 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 2017
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

23ms
7ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://am-match.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KOLDGRKS-G-GW8A; rsid=1|GdCqMVQW/e7eWy+6n8k7DE/csJlhLqCtjC1RTpP3Ow50wYWQNGmPQsSdY7jlho/RRR2s2jWpYWSoeROXM2OqBxj7tEAFiUAC4F8vbvGAe05m/Tr8XPABacX4SL/aMTCYHr2Y+hQPaXu0ov5eZw==; ses2=; vis2=183890^1; audit=1|naVuGyos1qp8mOclwl4fcivFDs1mPax1RsOjAPR/4NlrpZGZO4thr3QWEsYCaWMgaNgdOVL2Yy+XEFJOwdW9M7KpUjWTmmg0; ses15=; vis15=183890^1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://am-match.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 12 May 2021 11:21:05 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Wed, 12 May 2021 11:21:05 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 content14_10_18m.js Show response
vidstat.taboola.com/ 37 KB
8 KB 8ms
8ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content14_10_18m.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/90398_358/infra/cmTagINLINE_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront), 1.1 varnish
age: 2910108
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 7638
x-served-by: cache-hhn11577-HHN
last-modified: Sun, 14 Oct 2018 13:31:31 GMT
server: AmazonS3
x-timer: S1620818466.886965,VS0,VE0
etag: "d8d81221ec6e604811ce469d899c9c8b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: omj5vaGwuVO0u1DUElZ04p0xjblvLHfKzDESlIUndnM3CZOy52LCcg==
x-cache-hits: 4079403

GET
H2 200 oppsula.js Show response
vidstat.taboola.com/oppsula/1.3.8/ 15 KB
5 KB 8ms
8ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/oppsula/1.3.8/oppsula.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/90398_358/infra/cmTagINLINE_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront), 1.1 varnish
age: 662131
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 5164
x-served-by: cache-hhn11577-HHN
last-modified: Tue, 14 Apr 2020 06:07:12 GMT
server: AmazonS3
x-timer: S1620818466.886965,VS0,VE0
etag: "328b70146f77a19d2bc0172c656d921e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: mX0WwlTmUO4x6xuR8DDLZg909FJ4TvyaVteRGEevDZZ-WfTsdjHQoQ==
x-cache-hits: 1157879

GET
H2 200 video-autoplay-detector.js Show response
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 8 KB
2 KB 7ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/90398_358/infra/cmTagINLINE_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront), 1.1 varnish
age: 1740451
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 2210
x-served-by: cache-hhn11577-HHN
last-modified: Mon, 10 Jun 2019 11:55:53 GMT
server: AmazonS3
x-timer: S1620818466.886948,VS0,VE0
etag: "2fac39530c1c168282a35d1ab56450ed"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: duXZV0i4ZSVC1-tAr6cZHFunN-GB24YQyZTOQIqiUhVHBP_fxBkvMQ==
x-cache-hits: 864669

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v12.2.5/ 547 KB
112 KB 7ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.5/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/90398_358/infra/cmTagINLINE_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 8be3df76f0687d5b947e2e381b30bba18efdd8de99a121a7652a7bab9e8e1833

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 varnish
age: 181151
x-amz-meta-mtime: 1620637248
x-cache: HIT
x-amz-meta-ctime: 1620637261
x-amz-meta-mode: 33188
content-encoding: br
content-length: 114292
x-amz-id-2: DNLjlRPA4yqcv0uBLIiUZ57Nc2twFfEM6sroypFczXkw2JZwfhoNXh6MOeW65xLiej4gq/F+8lA=
x-served-by: cache-hhn11577-HHN
accept-ranges: bytes
last-modified: Mon, 10 May 2021 09:01:02 GMT
server: AmazonS3-br
x-timer: S1620818466.909965,VS0,VE0
etag: "94b58e5ab3cee7d3eeec6a2776278a93"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: ZVCSPDHDXY4GVP0Z
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 412284

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 961F 963 B
1 KB 18ms
14ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/90398_358/infra/cmTagINLINE_INSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: aad99c09cc89f6f22163b3c72fbd19e30ec500dcc89b4538dac644bfa5521938

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://garydemar.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=7f350496-8b74-4146-9ac1-46b96950cd18-tuct7953fa1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

server: nginx
date: Wed, 12 May 2021 11:21:05 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 9405

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 17ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=8018197&crid=5558925&dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&cmcv=&pix=31579697&cb=1620818465906&uv=90398358&tms=1620818465906&su=4&abt=206725b_vA!206725b_vA!adh5c-1_vA!insc_vA!nrlc_vA!rvf1_vA!spa2_vA!ul90398-358_vB&ft=0&unm=INLINE_INSTREAM_VFORCE&su=4&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
content-length: 0
server: nginx

GET
H2 200 loading2.png
vidstat.taboola.com/assets/ 24 KB
24 KB 10ms
7ms Image
image/png 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/loading2.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 60a935292c9892b0b7f9e56f65af863a.cloudfront.net (CloudFront), 1.1 varnish
age: 253895
x-amz-meta-mtime: 1498646328
x-cache: Hit from cloudfront, HIT
x-amz-meta-mode: 33188
content-length: 24300
x-served-by: cache-hhn11577-HHN
last-modified: Sun, 02 Jul 2017 14:25:04 GMT
server: AmazonS3
x-timer: S1620818466.929830,VS0,VE0
etag: "ead84d746b6ee07ee78dc4243d7349c8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: *
x-amz-cf-id: G4P2bsVURwUd-6ftn_beps3mb7kmsffmK8YE2wwAUVs5--MeiZC6SQ==
x-cache-hits: 162442

GET
H2 200 replay-button.svg
vidstat.taboola.com/assets/ 1 KB
1 KB 9ms
6ms Image
image/svg+xml 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/replay-button.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 d79148f01e44f5598c15bdd5ce1c1997.cloudfront.net (CloudFront), 1.1 varnish
age: 1984558
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 701
x-served-by: cache-hhn11577-HHN
last-modified: Wed, 13 Feb 2019 09:30:13 GMT
server: AmazonS3
x-timer: S1620818466.929830,VS0,VE0
etag: "e871e80b457ead7801d3bbe63b25c4fb"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA54
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 9zE_eWDK4NC0Cf3n34DtvXZ4SmjGDoHgXgi77pm7LgxGlqrjH4P-Yw==
x-cache-hits: 485978

GET
H2 200 replay-button-hover.svg
vidstat.taboola.com/assets/ 1 KB
942 B 9ms
7ms Image
image/svg+xml 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/replay-button-hover.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront), 1.1 varnish
age: 1161786
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 709
x-served-by: cache-hhn11577-HHN
last-modified: Wed, 13 Feb 2019 09:30:13 GMT
server: AmazonS3
x-timer: S1620818466.929872,VS0,VE0
etag: "ae0344bce724db935e4f7ba6573ee516"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: BvOIM6Ru-sj1Zuk8Pv4KwWWtNjjN_qkQBQVKUVBbjGSvlxOJWOiTWQ==
x-cache-hits: 431530

GET
H2 200 learn-more-button.svg
vidstat.taboola.com/assets/ 2 KB
906 B 9ms
7ms Image
image/svg+xml 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/learn-more-button.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront), 1.1 varnish
age: 975856
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 634
x-served-by: cache-hhn11577-HHN
last-modified: Wed, 13 Feb 2019 09:30:12 GMT
server: AmazonS3
x-timer: S1620818466.929911,VS0,VE0
etag: "3132e8c3bdd274efa7ce1531ec89580d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: oN72cAAVKwvn1GJ4MZDIQi3y4vHm--RqZWj9LNg2dBhXT141wINHrw==
x-cache-hits: 462148

GET
H2 200 learn-more-button-hover.svg
vidstat.taboola.com/assets/ 2 KB
954 B 10ms
8ms Image
image/svg+xml 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/learn-more-button-hover.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:05 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront), 1.1 varnish
age: 1164457
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 660
x-served-by: cache-hhn11577-HHN
last-modified: Wed, 13 Feb 2019 09:30:11 GMT
server: AmazonS3
x-timer: S1620818466.929977,VS0,VE0
etag: "b14888c73642ebc29c1451727eb1eb8a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: ZDqQ-5Xcpbcna9hH6Q_Y9h6blg6jnT4mc-LZJehSirPojNmToP3qjA==
x-cache-hits: 465196

GET
H2 200 c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 3 KB
2 KB 10ms
8ms Image
image/svg+xml 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding: gzip
etag: "11d8569a7da0739259e3ac0b0d666e94"
age: 16
via: 1.1 varnish
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1502
x-amz-id-2: zLyKpvFSGWjX3PWIhQxl4gsBQdFuCjq55d+fLgIZ8uUndLDZfHxs2LtoLVweUO1DqvYwutfkJFI=
x-served-by: cache-fra19133-FRA
last-modified: Sun, 10 Jun 2018 13:23:55 GMT
server: AmazonS3
x-timer: S1620818466.929545,VS0,VE0
date: Wed, 12 May 2021 11:21:05 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A9JYBFC97YHYX31B
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 35
x-cache-hits: 19

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0FF7 30 KB
9 KB 9ms
9ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: dc768aa956cc3e7c9c11f91c45b70c8ee63ef9ee80249f762c37397085c70b94

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 21:43:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=19345
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9238
Expires: Wed, 12 May 2021 16:43:30 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2017 30 KB
9 KB 8ms
8ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: dc768aa956cc3e7c9c11f91c45b70c8ee63ef9ee80249f762c37397085c70b94

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 21:43:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=19345
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9238
Expires: Wed, 12 May 2021 16:43:30 GMT

GET
BLOB 206
Partial Content eb34e869-ad21-4ef0-bcb0-65ebf2cf341f
https://garydemar.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://garydemar.com/eb34e869-ad21-4ef0-bcb0-65ebf2cf341f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 7f04ba52-f8d9-4986-9697-ac572785bac5
https://garydemar.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://garydemar.com/7f04ba52-f8d9-4986-9697-ac572785bac5
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 961F 70 B
264 B 30ms
29ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 sync Show response
pixel.advertising.com/ups/58166/ Frame 961F 0
124 B 9ms
8ms Script
text/plain 18.197.99.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.99.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:06 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 sync
x.bidswitch.net/ Frame 961F 43 B
145 B 7ms
7ms Image
image/gif 3.124.251.221
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.251.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 2017 0
239 B 46ms
15ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 0FF7 0
239 B 43ms
11ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 2F37
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

11ms
10ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://am-match.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KOLDGRKS-G-GW8A; rsid=1|GdCqMVQW/e7eWy+6n8k7DE/csJlhLqCtjC1RTpP3Ow50wYWQNGmPQsSdY7jlho/RRR2s2jWpYWSoeROXM2OqBxj7tEAFiUAC4F8vbvGAe05m/Tr8XPABacX4SL/aMTCYHr2Y+hQPaXu0ov5eZw==; ses2=; ses15=; vis2=183890^2; audit=1|naVuGyos1qp8mOclwl4fcivFDs1mPax1RsOjAPR/4NnqCQr5PA/JbXQWEsYCaWMgaNgdOVL2Yy+XEFJOwdW9M7KpUjWTmmg0; vis15=183890^2; pux=2249%3D99588%262307%3D99588%262974%3D99588%263778%3D99588%262249-DV360-Hosted%3D99588%26idl%3D99588%26brx%3D99588%26goog%3D99588%26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://am-match.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 12 May 2021 11:21:06 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Wed, 12 May 2021 11:21:06 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

/ Show response
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 87E0
Redirect Chain

https://us-u.openx.net/w/1.0/cm?gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1...
https://us-u.openx.net/w/1.0/cm?cc=1&gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privac...
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=73d1200b-a254-4745-bb31-64f7fbc33d52

0
94 B

13ms
13ms

Document
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=73d1200b-a254-4745-bb31-64f7fbc33d52
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync-t1.taboola.com
:scheme: https
:path: /sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=73d1200b-a254-4745-bb31-64f7fbc33d52
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://am-match.taboola.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=7f350496-8b74-4146-9ac1-46b96950cd18-tuct7953fa1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://am-match.taboola.com/

Response headers

server: nginx
date: Wed, 12 May 2021 11:21:06 GMT
tbl-x-upstream: 10.41.22.84:10213
x-fastly-to-nlb-rtt: 7150

Redirect headers

vary: Accept, Accept-Encoding
set-cookie: i=2747fc71-e1d2-49e5-9349-ad993e99aa1b|1620818466; Version=1; Expires=Thu, 12-May-2022 11:21:06 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.207.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=73d1200b-a254-4745-bb31-64f7fbc33d52
date: Wed, 12 May 2021 11:21:06 GMT
content-type: text/html
content-length: 0
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2F37 30 KB
9 KB 13ms
12ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: dc768aa956cc3e7c9c11f91c45b70c8ee63ef9ee80249f762c37397085c70b94

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 21:43:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=19344
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9238
Expires: Wed, 12 May 2021 16:43:30 GMT

GET
H3-29 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 14 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js?31061037

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 10:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2724
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5863
x-xss-protection: 0
server: cafe
etag: 12453517290502062038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 12 May 2021 11:35:42 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
799 B 36ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=garydemar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js?31061037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 11:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 35ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=garydemar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js?31061037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 11:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 74 KB
34 KB 416ms
415ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3438968678379576&correlator=1674097896653691&output=ldjh&impl=fifs&eid=31060853%2C31061037&vrg=2021050601&ptt=17&sc=1&sfv=1-0-38&ecs=20210512&iu_parts=134702932%2C0279-garydemar.com&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C468x60%7C1x1%2C300x600%7C300x250%7C160x600%7C120x600%2C300x600%7C300x250%7C160x600%7C120x600&prev_scp=position%3Ddsk-banner-ad-a%26refreshcount%3D1%26refresh%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cposition%3Ddsk-box-ad-a%26refreshcount%3D1%26refresh%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cposition%3Ddsk-box-ad-b%26refreshcount%3D1%26refresh%3Dfalse%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=PostID%3D31612%26Page-Type%3Dfront-page%26Post-Type%3Dpost%26Post-Author%3DGary%2520DeMar%26Category%3DOpinion%26domain%3Dgarydemar.com%26path%3D%252F%26url%3D%252F%26kw%3DGary%252CDeMar&cookie_enabled=1&bc=31&abxe=1&lmt=1620818466&dt=1620818466084&dlt=1620818460920&idt=3687&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C1040%2C1040&adys=1140%2C335%2C3623&adks=3833456366%2C3000647830%2C3000647831&ucis=1%7C2%7C3&ifi=1&u_tz=120&u_his=5&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgarydemar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x13052%7C360x-1%7C360x-1&msz=1600x-1%7C360x-1%7C360x-1&ga_vid=1473164834.1620818464&ga_sid=1620818466&ga_hid=1841105566&ga_fc=false&fws=512%2C0%2C0&ohw=0%2C0%2C0&btvi=0%7C0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js?31061037

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

7bab9e7add4df4001a165c3f15a68afec11c6b6dfb1866783478d2538ace82e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34809
x-xss-protection: 0
google-lineitem-id: -1,-1,5455611289
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,138326952440
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://garydemar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 48ms
13ms Other
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js?31061037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 14ms
13ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js?31061037
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 2F37 0
239 B 7ms
7ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2017
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODhiZjg1MjE3YjAwYWJiZmQ0OGJiMDFkNDZkYzczNmM2OTg5YzNmNQ&gdpr=1&us_privacy=1---

170 B
506 B

36ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODhiZjg1MjE3YjAwYWJiZmQ0OGJiMDFkNDZkYzczNmM2OTg5YzNmNQ&gdpr=1&us_privacy=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODhiZjg1MjE3YjAwYWJiZmQ0OGJiMDFkNDZkYzczNmM2OTg5YzNmNQ&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 2017 0
0 286ms
14ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 2017
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr=1&us_privacy=1---
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KOLDGRKS-G-GW8A&sigv=1&esig=2~1ce8decaca0f3375484d12647555fcf7d65caa3c&gdpr=1&us_privacy=1---

0
444 B

20ms
7ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KOLDGRKS-G-GW8A&sigv=1&esig=2~1ce8decaca0f3375484d12647555fcf7d65caa3c&gdpr=1&us_privacy=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:06 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KOLDGRKS-G-GW8A&sigv=1&esig=2~1ce8decaca0f3375484d12647555fcf7d65caa3c&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 2017
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=1&us_privacy=1---
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=1&us_privacy=1---&_test=YJu6IgAA8R...
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YJu6IgAA8ROL1gA4&gdpr=1&us_privacy=1---&_test=YJu6IgAA8ROL1gA4

0
239 B

9ms
9ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YJu6IgAA8ROL1gA4&gdpr=1&us_privacy=1---&_test=YJu6IgAA8ROL1gA4
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620818466.488887,VS0,VE0
x-served-by: cache-hhn4078-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YJu6IgAA8ROL1gA4&gdpr=1&us_privacy=1---&_test=YJu6IgAA8ROL1gA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 2017
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESENv5zK5h2VBktyWrl8SH7kY&google_cver=1

0
239 B

14ms
14ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESENv5zK5h2VBktyWrl8SH7kY&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESENv5zK5h2VBktyWrl8SH7kY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 2017 70 B
264 B 32ms
29ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 2017
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/lJ5ruQjhn3cGKV30BiCLiw?csrc=&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=479567725720021249

0
239 B

12ms
12ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=479567725720021249
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

date: Wed, 12 May 2021 11:21:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=479567725720021249
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2017
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MREdSS1MtRy1HVzhB&gdpr=1&us_privacy=1---

170 B
232 B

27ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MREdSS1MtRy1HVzhB&gdpr=1&us_privacy=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MREdSS1MtRy1HVzhB&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 204 bulk Show response
trc.taboola.com/thepublisherdesk-garydemarcom/log/3/ 0
299 B 18ms
18ms XHR
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/thepublisherdesk-garydemarcom/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=7
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 11
pragma: no-cache
date: Wed, 12 May 2021 11:21:06 GMT
via: 1.1 varnish
server: nginx
x-timer: S1620818466.180755,VS0,VE11
x-served-by: cache-hhn11577-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://garydemar.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
728 B 6ms
6ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 26561
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by: cache-fra19133-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1620818466.339902,VS0,VE0
date: Wed, 12 May 2021 11:21:06 GMT
x-amz-request-id: F6D91014AAA6CDC4
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 35
x-cache-hits: 19366

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-1200x630.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3fad3f3d6160c22a70fadf9999c8f2ce1ac2ebb8078b583e1dfd0e1b81a6b33b

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 12 May 2021 11:21:06 GMT
via: 1.1 varnish, 1.1 varnish
age: 1797064
edge-cache-tag: 474387674735986555627955210741552869781,516597067088485307894398999575147827859,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Tue, 04 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/05/Old-Testament-Covenants-1200x630.jpg
content-length: 27612
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Sat, 03 Apr 2021 14:10:02 GMT
server: nginx
x-timer: S1620818467.520076,VS0,VE0
etag: "c1f8cb0586965f20bd6dbc099960776a"
x-served-by: cache-wdc5521-WDC, cache-dca17779-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/04/Wolverton_Last-Days-1200x630.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fd2cd6fb9c71da6a520746673ee971d553c1c987a5fd45674ba7ea3039a532e2

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 12 May 2021 11:21:06 GMT
via: 1.1 varnish, 1.1 varnish
age: 1154922
edge-cache-tag: 335088886725123556148290835212012827550,516597067088485307894398999575147827859,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
expiration: expiry-date="Thu, 13 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/04/Wolverton_Last-Days-1200x630.jpg
content-length: 34036
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Mon, 12 Apr 2021 20:55:57 GMT
server: nginx
x-timer: S1620818467.520092,VS0,VE0
etag: "c9c69d91f6e12432d4dae4a3a5291e24"
x-served-by: cache-wdc5533-WDC, cache-dca17749-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H3-29 200 container.html Show response
d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DC50 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js?31061037

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://garydemar.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 12 May 2021 11:21:06 GMT
expires: Thu, 12 May 2022 11:21:06 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F096 6 KB
3 KB 15ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js?31061037

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://garydemar.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 12 May 2021 11:21:06 GMT
expires: Thu, 12 May 2022 11:21:06 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 41ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js?31061037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ef9a18aef9847638b3b4344a0b2ebed14e84fb0aeb8ce29292af06826a2580a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696588139699"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28014
x-xss-protection: 0
expires: Wed, 12 May 2021 11:21:06 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DF14 0
0 42ms
41ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYB8V3hZ0roWJPub8KFFrhsO8Jv97LMR53YUkXOOe8JmscBg80tKlYXhevtQ5dKlnKuBU5NXWJXLQMCkMHXybKqjH7RjiHwMPRBeOJTc3s9kx7EbtzBszSO9Wh4k86ZzkYhxn9U8h9b4mdr1OWL7yTIPhW5ZmTn-FBf1Rf3QbgOuvxHg7ZWhBAVRtGxTNZYuF07jExQrPMBfFZl_qTbAxzbb-x9dC_R8bJM-mFUECsdm2hZspoTsdIAZjb_1-W1OjyRZBadWVwOJeGsGCrFyGoWYvM8-EFG7QOWwnpF7WCvO3TbvDk1A&sig=Cg0ArKJSzIxrS3wGlyYdEAE&urlfix=1&adurl=

Requested by

Host: garydemar.com
URL: https://garydemar.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 11:21:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ Frame DF14 360 KB
102 KB 79ms
22ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 479670bce8e7ed603003c409a76b300e06b514b0561d8a0ee50a4af549d4b406

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:06 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 14:11:47 GMT
server: AmazonS3
x-amz-request-id: MFZMFXVH4HFS875E
etag: "fa968158a550ea9c609324da3fb28950"
x-hw: 1620818466.cds001.ml1.hn,1620818466.cds214.ml1.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 103608
x-amz-id-2: wT69XYwS6f6j6KbE/CvFMsyIF9J3kJQ0ge9HWBQe6C4VgeM3c6qHCOk9GbxnEp7ojKqHjB84E1g=

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF14 116 KB
36 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: garydemar.com
URL: https://garydemar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696594685118"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Wed, 12 May 2021 11:21:06 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 29ms
28ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021050601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js?31061037

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cbddec182c39e0a31eefe0634d8194846374085de1c30162d212b88c8b51409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 11:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7677
x-xss-protection: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/03/Hermas-1200x630.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 51ba00b25ade1e89e9462d84cbc82b0d6542cc0353aa4989cc4c7882cd5e7d85

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 12 May 2021 11:21:06 GMT
via: 1.1 varnish, 1.1 varnish
age: 880835
edge-cache-tag: 527847668255838455983703320237239087756,516597067088485307894398999575147827859,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//garydemar.com/wp-content/uploads/2020/03/Hermas-1200x630.jpg
content-length: 51842
x-request-id: b7dcb8657510f66e00c976afb8474741
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Tue, 27 Apr 2021 17:09:19 GMT
server: nginx
x-timer: S1620818467.567218,VS0,VE0
etag: "51ef9b41cfb95da0e9e5ad8ea82a52c5"
x-served-by: cache-wdc5530-WDC, cache-dca17770-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3EDB 478 B
251 B 28ms
24ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY3qvMajAB&v=APEucNVI_DRPmdvVzV3k6BFANvKeuxT-VqOnE92e-xy684Gj-wu8snpa0EPMZSIpX2T8xc-qLl6Ye2GT0uOPL-ILo8QlSfxz7XlV-GpmONQmVziSm7zk0t9xzTMqLhDhQqQTomMCWfI3DGm4HACR6yWbKhTmdzeg245TXrYvSHp2CkvwhdCSj60syfePpGEp46qy_jPqq1JbDMURhKh1DLRrPIU0oYXIDw

Requested by

Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COGKFRCp6RsY3qvMajAB&v=APEucNVI_DRPmdvVzV3k6BFANvKeuxT-VqOnE92e-xy684Gj-wu8snpa0EPMZSIpX2T8xc-qLl6Ye2GT0uOPL-ILo8QlSfxz7XlV-GpmONQmVziSm7zk0t9xzTMqLhDhQqQTomMCWfI3DGm4HACR6yWbKhTmdzeg245TXrYvSHp2CkvwhdCSj60syfePpGEp46qy_jPqq1JbDMURhKh1DLRrPIU0oYXIDw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlIUB7M7eQDMT_Kq5i5ayjUnLY0CV24owZd8mu2lxSqxpCJgYF9kCgyYyf2-4U
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 12 May 2021 11:21:06 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DC50 48 KB
23 KB 50ms
47ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B3LKKjBpJLO4IrYFvvC0fnQska8Pce07XG1bT1CLQcyinIyrOewi6Nbf50uU-l54DmAQ8GOF8gT_bSzJcWtGaNhCaMmxQAGSK4wxjG0gAxq22T4DNdvEBDGUzaub6g-qHqpjFKEgzBPYCAEa5xSoEkxE26aA&dbm_d=AKAmf-AJoLCVrHr__io7nuGBwOU7CwoODgOlqQsgB5RiPwF7pzANvM4wrMwdIFnGcInqufaaytTOSGGjbaMh7ST8G5XYLNrXo2bXlWmfQ-Yvl3N6wYuAbGjylb1kCtfO4JodCeV8NAI8hsOrFgreOkk2Mdcx4M7lCX-E60VtUZX3WWn20-iyMLxXvdYOUHVgobkmXYeK6f_TAVpfJH6OIztYZWxNu1II67H0mk8mEkucpYTU2GhInSFsBY8W9wMSKCvlYlxD-EHIm4QnUfWPJE0OlOEN9Z4NvaamlkjgNhnElGwNgE847wD3KYBAsbvhxEOYuAPR3WOkKwb2I_ylOWzyhFtjxhbw8fPDycchMyMTr7eeMzhcGvAijo0iWRUrqb9KOhEyWfXAZsWghrtTOOks8jn3FJWaNqJUZgm7P8eJtrXTbWMWnuR1a0oDGMIeCdKf5hAv3RJCTj0uu0kw6oEGocSrug8Ukrigl256SqvKN6gBIvIjK4uu5NI8Cv10S2KVWLaNV1t6bH4DxQZh7kxmI9uav7ikFUJO2m6Ea9azWoPTbTRQHrmqRyMZvj_EoxUPNOSD_wyOrzrrYzdOSgTJRssr9a6liEgRQAUFIgP0DNLmuXPqEToOELQ_Z-kMhmoxUsy7NZK0Tx2VuP8WrO4KGUGSzzZGa5i-2KJ-F0EYOra99fiInDR6HKmxNIMciDl_C4DSxnFXFcB5H8m2rNJ-C8sIiwOiVZZk43YuYLJl16R_nryMRbwR3uGCwGUPklNselueq4PIACAfbw72PQbFDVIN0k7oF8UbJ-ai0ZDtX5hBy8GSnb5eu3QxTmIuFbsTihkLbfKQXDF1S43Uqg0YOYbPtmtF0a-e2-v15uV1OwR5_XkGRcmHXezW6Ke_f_TQPk9cFTZybwbX_aoPHBQ7MGq7z57d68YbZCuDjTLXoQz40v4ZmZKrh30kciQAHcPHVDH2PKkr2ByWTK4PJC6RnkQiGAETh3fYYXfNAjX2zg5IXEFZ4bMC0IwHnANgXqRw9MJiSzo2tQ1BJxk1Sqpa6wdzllvdDuPx9PEbXnb6YAVI1o-q5y4eKexpkVIfyBXkyEeG7pc54hQRiDWv5KbrpAVLouxSzvkh1BW3KK9Ekb1EFcd1WUy-M5heEJ2DdOA8gmvX8-EM1foEX5sze9lGhkNChCvNvE7dr5_2CQ31K4biVZyqXlHvyyICeix4T1VEmMQbALMvJteWLG1hfPD98zrWC3gkQ7QyLTbCoPnwSQDgEjTjPZWi_SUt5Ddng0Uu9J36CrSXLqgTQWYldy_iIyciOBMEUt5VECngE2Ojy9A4k6nlfKFQvj4tNAhywMrANdM0JuThKQ9jqb5hUB6VZX_gnvbeR3Dbfux3AHFygXO9hg0C0QdNvcJ2VjgRSjC-s8LaizN-cevwXAzYIiCgMpwloBT_ufzf6lQHDxNXeLhkAN29XNQZyPLhnsWdV4fGFlCjakNSIsZpS90bal9u-q-6LZ66Hn4GI_iAW6hf9qqJZMPM1mz0uEAjbD8ngNzb4pGqGOv-ZQvKyOSI0MoXDaUPIaw5qsnwKAcYGaFFLlvMhKkgJ0UEZruYvw0SXu8wEZzRIiiQLVlOsccAgAR0fNhSomUBf2x8kPAfQYzL0r-FOMhomwGT3fyB7m7lI5UOkcej-eRuhZ8YzZ7Ieccb5n2zoaxx1P_wODygENhd46HGOYVWXa7AKS8x2uSLqvDb94_LniI5hIa6Y2n9BWORiiV2Bq6eJf6NblitPopXAuqFSLY_TLBnqEWA67ZYDPALhP3U7QIUWE9S39dWKyP_HzA88hELLH496VYkAE7yaJRmN9DeuEoDzKZjw_alcQj72Qb23qMAX6CNhwAVZ7vK4TgPydHZCk9JMzQHqEO2CirpSntC-9oQHXkiN1Nl6tBbEzMDxj7NlzhlGEiqz2i9MM8buWvSdTkyY0m43nzNhQjaOiv-TqriC4Tzkm-cG-ESKJa26GHm8ZydzNg1DpweYDcsqDsXGu70pNyGE7zCvJWcPcLjVI_Ge0k5_mu032p4s_--re_Vd36IaLJehFMHNxf9lMU9XvyxE2I5WzZNF9YdPFNs43QAJZ8-AbVPpdX4DJIWa9CapgpJFBPUl8ullXjeX4HccQUOLhp4-lvFR7nYpP_Jtas-LJu-q2Extqbdngm55SCZ1WK2-ombLKvkjXTlXIJ_1zrCsE2L5UCQ5XtrEbRapZpj8STKOPfaa0tsRrb9VjPQNWFv0tuXzMeeET1NnrT7V-B94QWkwZAtzbFgMaWq4ASFr11k96V2vClE6M4cZns5choTG8_N16zz5HKoE7jlddyIZFHXd-NjeuvLabsWoCRflFHwKJLDd_jmFerx6i0xjWa_HABn1F9wkugHCSr6PjM9HwmHPijuzQ-xbhKfOeFHUzgzCXqA7jPiy76ohppQYcvSxxZT3M0VHd-jCnzk3DRn-6HLIUOvYv2a5ix_DYdo_FP7RXQlmOy4GAyriTzz1U6QivBmhWBM9U6kdXdDrLTiQJo3s9d9YjjGnvYVUbDlHmBtQedTdTdiLwKQ83gRIc8vU-1wZvQJxOREX4hiCku_HfJ3Egvg_cnC1tzkSbDOZepf4FFOULJCHJ1ro0f3Jya8ewTgF3Wc_kea_V8Lr8bNrRuPVSpUNsDZVFAQB60Uq2tSG5c5HpjzNy4tR0GpptFyVdsEV5F2f0-XaJF6_rfi1H-8Gmy2Nj9lLIUWAy6-xgS-q6Jl4mRGkcavGiHB_DAG2tEGeHiydDN-Ug3H2EEMgGGGO8JAoiQHJ0av22IhlFZ9_ncJTEwMs71i6x5UaZdBzwM-yH3eB-0wLWfreVxouCh7X8San1O2KJNV5G4sHV2j1iQRZ14uD5vemQRGBN-_kZ5-_e19cj5J3G-65w5RlMzrvDLBJ2OBixAqR1eGUyCKjDuZ1fvAPDiVUiXC0HvdkCaYuPmwavhLvUx5LSb_Tg96EaY9JSfwkLPY3HOYNBFjsInQkKSGacgsZW4Px4IdiNc8r_FJ_dk1QZdqZIpbg3-DbUir45qXz3FCCKS-7er_Ms7N9EaDd93b7m6fTNTK3JymCo-b3fFaAJgTZW5zQOYgrXbHlk2P3Hw3Nk_wdv6omlOFsPMrjzAU6btXOJooGg-rXmBSolpx9dRM_6FgPzNyuYZe7ia25OdClQgofuC4oM6kL_MUPeZ_-Sgm&cid=CAASEuRoD5U4L2x7UoeNOAbDPzr12Q&rfl=1%2Chttps%253A%252F%252Fgarydemar.com%252F%240

Requested by

Host: garydemar.com
URL: https://garydemar.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ea6685bce0013f2c779860b9c615fb347a68d20ce1e5871c944f3d8202dd164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23177
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DC50 42 B
63 B 41ms
38ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AIqgiPoxbSETSVlLk6Wn4-yOqw1mNbdDSp6IBGxxs4lREHU4jZ8lwivGfmcccQiy1vcthOwpbmDTlI9fwQLxMOzeB2v3PzcqefWRtbTsVzW9J23HM

Requested by

Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame DC50 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js

Requested by

Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 11:10:12 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC50 116 KB
35 KB 31ms
16ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696594685118"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Wed, 12 May 2021 11:21:06 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame DC50 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 11:19:04 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DF31 478 B
251 B 27ms
25ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCp37T3ARjG9IedATAB&v=APEucNWJgx8AAF-xphB9gXU0ziDYgkyV4ndHvjA4fgBpyL0VJiF3hVs1DSjgbkacT65CKV23tKeD5au9nWZgiWQeQ3JNvV4jipdYvhhdyXFnouV7D0eGnap2utxkI060yz-HLRelB2H5JQC_y1oD3NFMXrG9ApY6VyvLSEtBb2_vj2as1V5dIF2-dWGGf9nMXvsU5f7GME74bP9EXUQSM7Y2alNYUt7mOw

Requested by

Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMKPFhCp37T3ARjG9IedATAB&v=APEucNWJgx8AAF-xphB9gXU0ziDYgkyV4ndHvjA4fgBpyL0VJiF3hVs1DSjgbkacT65CKV23tKeD5au9nWZgiWQeQ3JNvV4jipdYvhhdyXFnouV7D0eGnap2utxkI060yz-HLRelB2H5JQC_y1oD3NFMXrG9ApY6VyvLSEtBb2_vj2as1V5dIF2-dWGGf9nMXvsU5f7GME74bP9EXUQSM7Y2alNYUt7mOw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlIUB7M7eQDMT_Kq5i5ayjUnLY0CV24owZd8mu2lxSqxpCJgYF9kCgyYyf2-4U
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 12 May 2021 11:21:06 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame F096 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/abg_lite_fy2019.js

Requested by

Host: garydemar.com
URL: https://garydemar.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0489619b42dc28c6d135cf946eaea95f6206229dedbad28a2636d3525fdb3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 8099588968410230469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 11:07:26 GMT

GET
H2 200 3462074123497468323
s0.2mdn.net/simgad/ Frame F096 167 KB
167 KB 29ms
8ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3462074123497468323

Requested by

Host: garydemar.com
URL: https://garydemar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4061fd54a9aaf1d5841883f83f11c031b0484ca12f7326d612500dc2b588a081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 10:04:36 GMT
x-content-type-options: nosniff
age: 263790
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170901
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:30:41 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 May 2022 10:04:36 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/ Frame F096 6 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: garydemar.com
URL: https://garydemar.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 7752240862628680351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 09:25:52 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F096 0
575 B 72ms
48ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLRUn_algZxtcKBaXquc3uPyBUoR2mg2cw2HgiL_l1CeP5dZ9Z9XHerpPc3LLyrcrsabXOopeqHHMgjBqL8YTjSencMQ10bNrSF9hPprV17m0sefRWAvVasIDvjbyaezSBnq0qLLBscRjeBx2k9GvEegY5Cb8ysiv8UG9fZabm1sJepjSNSiR0o2m4ST1Fx5jqamdvHT5g6_vGkdn2dG1AYlyXr77FOxaMJM0aMktRC6BJyUL72MHK4SmUf5pBashve9-BMuLJzpVuR__mfdPCzKGKDtPl20lFHmlIgcwzc8B5bFm_jS74l0vgB4rv5G5ikgyhAKEAwYwH8z3V51wO9F2Dhg7D5cNtRMoZ94ZlkDf6-cYVDtp6P3TS_F1E3fD_fm9r1vZ90k1mhGQ1GfS8-9yD56NK4jAhw1nVr0aNl4ntDVJ3azYixdEG6839ntXV9p3ex39IRd-WFA1CHLHmTrOMPS-pCNxkghDzbuLlAiyZDB9dELFPoZuTV_ByuNzImavkxM0Cxx0RYFdl7guGERzgNUw1AIA3pp8MscwpIKs4RhEHRyDq3bQoTZHlpeLAd-K08r3M-5PG0f_PS0f4qIx3-OKKQ665FsCSf26E2XQbZ3Mn-ynu-B5FSUzC4DtGuw_4HVe5AP5LAoeDMUIn6xIBGq9f0f6bXTMpK-sPb1eL9IweKbx9w__t1_1pw4oyzjnJDKwI-sBt44i1G_N6MdCqMsWU1r6x8FubaQbkgqm1-d4OqwMYO1ttheVN23aO6lVIXDvpKevH3j0S4dVWEepzVPyleCwgsgot1Lb6BQGtJIHlw3WD4vw2-U1BF4djyGLNRoLf7DOQia-uqIm0pMnqIXkwcOIp9zmqBQI0-jy4eeGqs7UezZY9JH8oGdF-CTxQIruePVlye7Gyu4NSNw7rDz-mPHxRzvm5ts2O6Kv5BAzzDmzb0YO_biaJkOjDQHEAoZmt7AlZKHYfl9DvLsVuSkRffYwzByaXOHpE56Znz42ChBLgHFdwNXfeVYm6cvWkJrBBDowWd0qeRSn3GiCwuqorAdCblYqrQ3VMUATeKr98x8ABMzJlmXXoV129P15tO2cGj-1lQP8oKqL4BfCI3eoIGxPpZAZ1HTe7J6nX_yZLFkSK09SpV8bifJ_60K9RfegeErgFzP_1QkuSeDD3VM8GJMAzmjAxe_14RfXzFWLlLb931McuV3DGKFGujnuvPXwvSvFdeAn8ueAgSGA&sai=AMfl-YTB0PVQWF_eVgPM2XjogRMANFB6y9OVVks3LGyo230S1n0Ksu_zF4D9xSqSj4XIAC9LpvVdl7E5s0-Nd52ZGVuX79qmHCtIy39iLRdAOrtw5Fpqmh-2ATaBUWWU1vgJYrSa4NmzNBF-BLy7SDEkW2sr2qP2CUgyBHEEGKCgtad-ZzBW5UYsn9s4pEdSrIBOSmc0GTmiUR8cJeCIQnuHLf8wxEWY13PvmXluOXc46jTRqBowgp4NMKKDDYGUcMpvebARSTWVJcZjXe4TvcEvWp7ARw&sig=Cg0ArKJSzCX6vtDrvkLVEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210510.93512&adurl=

Requested by

Host: garydemar.com
URL: https://garydemar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 12 May 2021 11:21:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F096 41 KB
15 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: garydemar.com
URL: https://garydemar.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 08:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8845
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 May 2022 08:53:41 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F096 42 B
63 B 43ms
39ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CGQoIhibR3U9GgDCQqKK8xp5K7RVPkbBlNDqsJbM4Yjig6iNUH4mnmedvf7yK3vMdQa7Yo4YxF8hjXIlsm_3fSMpR36PSjp3SXjGJi9nEtxlAAuCg

Requested by

Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame F096 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js

Requested by

Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 11:10:12 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F096 116 KB
35 KB 21ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696594685118"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Wed, 12 May 2021 11:21:06 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame F096 13 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 11:19:04 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js?31061037

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 12 May 2021 11:21:06 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ytimg.com/vi/SjSwhZ9ss9Q/maxresdefault.jpg
Requested by: Host: garydemar.com
URL: https://garydemar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 45c0dcabe450b45971ebba5e949f29e39dfa92981e73f6a19e452acbca722cca

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 12 May 2021 11:21:06 GMT
via: 1.1 varnish, 1.1 varnish
age: 422281
edge-cache-tag: 470950574241788535727502203052224442876,516597067088485307894398999575147827859,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 97
expiration: expiry-date="Thu, 20 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ytimg.com/vi/SjSwhZ9ss9Q/maxresdefault.jpg
content-length: 15886
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Mon, 19 Apr 2021 09:10:15 GMT
server: nginx
x-timer: S1620818467.682879,VS0,VE0
etag: "1dd65f5dd021878e97edbf7e2d6affb3"
x-served-by: cache-wdc5560-WDC, cache-dca17741-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
DATA 200
OK truncated
/ Frame DF14 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44d0de4f55ca10e30752ec2d82efbcdc6f2e27a89736f5bcfece90dced3ba6b0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 78AF 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 12 May 2021 06:38:34 GMT
expires: Thu, 13 May 2021 06:38:34 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 16952
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F096 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32b7a31f7150aac243f97f92fe45cdc86f8dc4cfb240b69d79c7e3246d37b31f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame DC50 22 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B3LKKjBpJLO4IrYFvvC0fnQska8Pce07XG1bT1CLQcyinIyrOewi6Nbf50uU-l54DmAQ8GOF8gT_bSzJcWtGaNhCaMmxQAGSK4wxjG0gAxq22T4DNdvEBDGUzaub6g-qHqpjFKEgzBPYCAEa5xSoEkxE26aA&dbm_d=AKAmf-AJoLCVrHr__io7nuGBwOU7CwoODgOlqQsgB5RiPwF7pzANvM4wrMwdIFnGcInqufaaytTOSGGjbaMh7ST8G5XYLNrXo2bXlWmfQ-Yvl3N6wYuAbGjylb1kCtfO4JodCeV8NAI8hsOrFgreOkk2Mdcx4M7lCX-E60VtUZX3WWn20-iyMLxXvdYOUHVgobkmXYeK6f_TAVpfJH6OIztYZWxNu1II67H0mk8mEkucpYTU2GhInSFsBY8W9wMSKCvlYlxD-EHIm4QnUfWPJE0OlOEN9Z4NvaamlkjgNhnElGwNgE847wD3KYBAsbvhxEOYuAPR3WOkKwb2I_ylOWzyhFtjxhbw8fPDycchMyMTr7eeMzhcGvAijo0iWRUrqb9KOhEyWfXAZsWghrtTOOks8jn3FJWaNqJUZgm7P8eJtrXTbWMWnuR1a0oDGMIeCdKf5hAv3RJCTj0uu0kw6oEGocSrug8Ukrigl256SqvKN6gBIvIjK4uu5NI8Cv10S2KVWLaNV1t6bH4DxQZh7kxmI9uav7ikFUJO2m6Ea9azWoPTbTRQHrmqRyMZvj_EoxUPNOSD_wyOrzrrYzdOSgTJRssr9a6liEgRQAUFIgP0DNLmuXPqEToOELQ_Z-kMhmoxUsy7NZK0Tx2VuP8WrO4KGUGSzzZGa5i-2KJ-F0EYOra99fiInDR6HKmxNIMciDl_C4DSxnFXFcB5H8m2rNJ-C8sIiwOiVZZk43YuYLJl16R_nryMRbwR3uGCwGUPklNselueq4PIACAfbw72PQbFDVIN0k7oF8UbJ-ai0ZDtX5hBy8GSnb5eu3QxTmIuFbsTihkLbfKQXDF1S43Uqg0YOYbPtmtF0a-e2-v15uV1OwR5_XkGRcmHXezW6Ke_f_TQPk9cFTZybwbX_aoPHBQ7MGq7z57d68YbZCuDjTLXoQz40v4ZmZKrh30kciQAHcPHVDH2PKkr2ByWTK4PJC6RnkQiGAETh3fYYXfNAjX2zg5IXEFZ4bMC0IwHnANgXqRw9MJiSzo2tQ1BJxk1Sqpa6wdzllvdDuPx9PEbXnb6YAVI1o-q5y4eKexpkVIfyBXkyEeG7pc54hQRiDWv5KbrpAVLouxSzvkh1BW3KK9Ekb1EFcd1WUy-M5heEJ2DdOA8gmvX8-EM1foEX5sze9lGhkNChCvNvE7dr5_2CQ31K4biVZyqXlHvyyICeix4T1VEmMQbALMvJteWLG1hfPD98zrWC3gkQ7QyLTbCoPnwSQDgEjTjPZWi_SUt5Ddng0Uu9J36CrSXLqgTQWYldy_iIyciOBMEUt5VECngE2Ojy9A4k6nlfKFQvj4tNAhywMrANdM0JuThKQ9jqb5hUB6VZX_gnvbeR3Dbfux3AHFygXO9hg0C0QdNvcJ2VjgRSjC-s8LaizN-cevwXAzYIiCgMpwloBT_ufzf6lQHDxNXeLhkAN29XNQZyPLhnsWdV4fGFlCjakNSIsZpS90bal9u-q-6LZ66Hn4GI_iAW6hf9qqJZMPM1mz0uEAjbD8ngNzb4pGqGOv-ZQvKyOSI0MoXDaUPIaw5qsnwKAcYGaFFLlvMhKkgJ0UEZruYvw0SXu8wEZzRIiiQLVlOsccAgAR0fNhSomUBf2x8kPAfQYzL0r-FOMhomwGT3fyB7m7lI5UOkcej-eRuhZ8YzZ7Ieccb5n2zoaxx1P_wODygENhd46HGOYVWXa7AKS8x2uSLqvDb94_LniI5hIa6Y2n9BWORiiV2Bq6eJf6NblitPopXAuqFSLY_TLBnqEWA67ZYDPALhP3U7QIUWE9S39dWKyP_HzA88hELLH496VYkAE7yaJRmN9DeuEoDzKZjw_alcQj72Qb23qMAX6CNhwAVZ7vK4TgPydHZCk9JMzQHqEO2CirpSntC-9oQHXkiN1Nl6tBbEzMDxj7NlzhlGEiqz2i9MM8buWvSdTkyY0m43nzNhQjaOiv-TqriC4Tzkm-cG-ESKJa26GHm8ZydzNg1DpweYDcsqDsXGu70pNyGE7zCvJWcPcLjVI_Ge0k5_mu032p4s_--re_Vd36IaLJehFMHNxf9lMU9XvyxE2I5WzZNF9YdPFNs43QAJZ8-AbVPpdX4DJIWa9CapgpJFBPUl8ullXjeX4HccQUOLhp4-lvFR7nYpP_Jtas-LJu-q2Extqbdngm55SCZ1WK2-ombLKvkjXTlXIJ_1zrCsE2L5UCQ5XtrEbRapZpj8STKOPfaa0tsRrb9VjPQNWFv0tuXzMeeET1NnrT7V-B94QWkwZAtzbFgMaWq4ASFr11k96V2vClE6M4cZns5choTG8_N16zz5HKoE7jlddyIZFHXd-NjeuvLabsWoCRflFHwKJLDd_jmFerx6i0xjWa_HABn1F9wkugHCSr6PjM9HwmHPijuzQ-xbhKfOeFHUzgzCXqA7jPiy76ohppQYcvSxxZT3M0VHd-jCnzk3DRn-6HLIUOvYv2a5ix_DYdo_FP7RXQlmOy4GAyriTzz1U6QivBmhWBM9U6kdXdDrLTiQJo3s9d9YjjGnvYVUbDlHmBtQedTdTdiLwKQ83gRIc8vU-1wZvQJxOREX4hiCku_HfJ3Egvg_cnC1tzkSbDOZepf4FFOULJCHJ1ro0f3Jya8ewTgF3Wc_kea_V8Lr8bNrRuPVSpUNsDZVFAQB60Uq2tSG5c5HpjzNy4tR0GpptFyVdsEV5F2f0-XaJF6_rfi1H-8Gmy2Nj9lLIUWAy6-xgS-q6Jl4mRGkcavGiHB_DAG2tEGeHiydDN-Ug3H2EEMgGGGO8JAoiQHJ0av22IhlFZ9_ncJTEwMs71i6x5UaZdBzwM-yH3eB-0wLWfreVxouCh7X8San1O2KJNV5G4sHV2j1iQRZ14uD5vemQRGBN-_kZ5-_e19cj5J3G-65w5RlMzrvDLBJ2OBixAqR1eGUyCKjDuZ1fvAPDiVUiXC0HvdkCaYuPmwavhLvUx5LSb_Tg96EaY9JSfwkLPY3HOYNBFjsInQkKSGacgsZW4Px4IdiNc8r_FJ_dk1QZdqZIpbg3-DbUir45qXz3FCCKS-7er_Ms7N9EaDd93b7m6fTNTK3JymCo-b3fFaAJgTZW5zQOYgrXbHlk2P3Hw3Nk_wdv6omlOFsPMrjzAU6btXOJooGg-rXmBSolpx9dRM_6FgPzNyuYZe7ia25OdClQgofuC4oM6kL_MUPeZ_-Sgm&cid=CAASEuRoD5U4L2x7UoeNOAbDPzr12Q&rfl=1%2Chttps%253A%252F%252Fgarydemar.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df0df39146c8995f0d40836e1e0839ad95f81ad1c9d24ba85169e3c2f0560ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8628
x-xss-protection: 0
server: cafe
etag: 4958886646989192229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 11:20:10 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/ Frame DC50 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:20:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 11:20:05 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame DC50 0
24 B 63ms
49ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstp1J0TQlwYmK-7nCoZ_4YrVCj5CSBUhKVT6YrfT71AFiWi3Oalhw0mVHzMIyS7qwrZ2jx2juV07I59ya81mA2_i9mfCo_cxkZCGqablfs6T9Pgk1DUoauRW1ntqpfvY2kuL7Oo6-IDfIweoEOamGqJr7VSuftqPWtrcY9zM7l6ohkVmDONpljxJARuMFKr1-oLvmENPyu03gAYnbAVAHx0Kwp0onq6rW_rhtBqLpiNJLjX7Jm52WOxuw2bUUJdkqGG_zHBxnHELGrbYa2cbEhOD7r2-mh7PCDY5h7rjsyTyXFSgnvVktdOry6Tu2qyXREgTV6U2jVKES8z48x5btKgVWiRip_Eucz7et0l1HLaLrXfzwogaVh6mG33HnkkXgpZB3qU7D-TfaVArBzT8Knqhou1OgmbnczUmkd6-9N2wKP0fnUJuAuXZ1ixvQacsSFfeYicxl-fGh7THHXYXjUNUb9IModFhBsrC-y8wKQGomkjJjn-8bX8dPbIjkd1kG3CjfK4Sk3fqbOMCcUrsGvhvj3Mp9abtLQ_oOFItN8kBItuJCdZ91XbKDH_XgtbQEW8oyGtJ7L8TMIi47iiVk6Fxdfyxfn84hxE_w0_gMFAzUqh5Mm0VuAKSBz0ZyzuiGRvvfG1aFpQEDnyrS5CghOKCVfZKmrjwbKTMrifd6l14ExJm_9Iw2vy4lIlgi2zDR7mNXyZA8Zb0AW1rzShYQuiG5pwtZva1JNDBuZ368fFzI1gcbNTqv5eZq167ftPY74n6XCCQB9acoj4Jykn1FKQcZ2cPQIdN1mTy9WVCo31JCW_k0V7ijqETcHjgCTBjNpUsQa0WIs8ZCvfYiI5NSNYbEVQtXzmWMqCoP-XwuCNxmsP2Gd-jgHLXCFBmgYBKRBd1WmrZUTSCxy0wzGIlIOb7NqzmvUlf5HLiEbG5HBNXFlCpvTr35g0I_r5UqbLauQP5sYqYIARlDr4h4lEDRvNDBwNQUZi_ErVHPOSqeIx4RetxN2Fg04uvP-I1CeM6fFhco0yPAoDkE6lE1ynvtXedygQWA6DzTgJUa8QjIumsHLKjdFauSjzFnPjhToAz9fTeXQOwv-P0D-gJGSqIpM0vmjc4GrMhbDda-GmwNOLxsIZwb0J2FVX9NzhsPKRjM6IZtjDvk9PpCnrSOxW0MPfVzMNUQ6Uy0Zuop_r-XyzRPoZk3siZvsL2Mzr961T2scyxksYtN029NCIMdG_Se-Ccsvr2Tsdt81f9eWiD0YvDlVx6kZ3vpbkcpo-W4yYTLkvZGCo8sJtjAl5zQ&sai=AMfl-YQyqDn93n4hpk9zg5PDGWWHqaNQChaRoy-BfyjOSTnqr0umMuTU-fv3XabxnvuorxVZeYmgnOrcX_HZ8TryOJ5V-oELzOCLrzjzLQYrceGzqWD0Ow_gr0Y6E2Ziy9ty0pJ7mDa8U0Zour9-wSvFR7U5Oo7AFw&sig=Cg0ArKJSzJbfEpHGYhwDEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210510.90829&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 12 May 2021 11:21:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 sfht0if3y.js Show response
cdn.krxd.net/controltag/ Frame DC50 10 KB
4 KB 24ms
6ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B3LKKjBpJLO4IrYFvvC0fnQska8Pce07XG1bT1CLQcyinIyrOewi6Nbf50uU-l54DmAQ8GOF8gT_bSzJcWtGaNhCaMmxQAGSK4wxjG0gAxq22T4DNdvEBDGUzaub6g-qHqpjFKEgzBPYCAEa5xSoEkxE26aA&dbm_d=AKAmf-AJoLCVrHr__io7nuGBwOU7CwoODgOlqQsgB5RiPwF7pzANvM4wrMwdIFnGcInqufaaytTOSGGjbaMh7ST8G5XYLNrXo2bXlWmfQ-Yvl3N6wYuAbGjylb1kCtfO4JodCeV8NAI8hsOrFgreOkk2Mdcx4M7lCX-E60VtUZX3WWn20-iyMLxXvdYOUHVgobkmXYeK6f_TAVpfJH6OIztYZWxNu1II67H0mk8mEkucpYTU2GhInSFsBY8W9wMSKCvlYlxD-EHIm4QnUfWPJE0OlOEN9Z4NvaamlkjgNhnElGwNgE847wD3KYBAsbvhxEOYuAPR3WOkKwb2I_ylOWzyhFtjxhbw8fPDycchMyMTr7eeMzhcGvAijo0iWRUrqb9KOhEyWfXAZsWghrtTOOks8jn3FJWaNqJUZgm7P8eJtrXTbWMWnuR1a0oDGMIeCdKf5hAv3RJCTj0uu0kw6oEGocSrug8Ukrigl256SqvKN6gBIvIjK4uu5NI8Cv10S2KVWLaNV1t6bH4DxQZh7kxmI9uav7ikFUJO2m6Ea9azWoPTbTRQHrmqRyMZvj_EoxUPNOSD_wyOrzrrYzdOSgTJRssr9a6liEgRQAUFIgP0DNLmuXPqEToOELQ_Z-kMhmoxUsy7NZK0Tx2VuP8WrO4KGUGSzzZGa5i-2KJ-F0EYOra99fiInDR6HKmxNIMciDl_C4DSxnFXFcB5H8m2rNJ-C8sIiwOiVZZk43YuYLJl16R_nryMRbwR3uGCwGUPklNselueq4PIACAfbw72PQbFDVIN0k7oF8UbJ-ai0ZDtX5hBy8GSnb5eu3QxTmIuFbsTihkLbfKQXDF1S43Uqg0YOYbPtmtF0a-e2-v15uV1OwR5_XkGRcmHXezW6Ke_f_TQPk9cFTZybwbX_aoPHBQ7MGq7z57d68YbZCuDjTLXoQz40v4ZmZKrh30kciQAHcPHVDH2PKkr2ByWTK4PJC6RnkQiGAETh3fYYXfNAjX2zg5IXEFZ4bMC0IwHnANgXqRw9MJiSzo2tQ1BJxk1Sqpa6wdzllvdDuPx9PEbXnb6YAVI1o-q5y4eKexpkVIfyBXkyEeG7pc54hQRiDWv5KbrpAVLouxSzvkh1BW3KK9Ekb1EFcd1WUy-M5heEJ2DdOA8gmvX8-EM1foEX5sze9lGhkNChCvNvE7dr5_2CQ31K4biVZyqXlHvyyICeix4T1VEmMQbALMvJteWLG1hfPD98zrWC3gkQ7QyLTbCoPnwSQDgEjTjPZWi_SUt5Ddng0Uu9J36CrSXLqgTQWYldy_iIyciOBMEUt5VECngE2Ojy9A4k6nlfKFQvj4tNAhywMrANdM0JuThKQ9jqb5hUB6VZX_gnvbeR3Dbfux3AHFygXO9hg0C0QdNvcJ2VjgRSjC-s8LaizN-cevwXAzYIiCgMpwloBT_ufzf6lQHDxNXeLhkAN29XNQZyPLhnsWdV4fGFlCjakNSIsZpS90bal9u-q-6LZ66Hn4GI_iAW6hf9qqJZMPM1mz0uEAjbD8ngNzb4pGqGOv-ZQvKyOSI0MoXDaUPIaw5qsnwKAcYGaFFLlvMhKkgJ0UEZruYvw0SXu8wEZzRIiiQLVlOsccAgAR0fNhSomUBf2x8kPAfQYzL0r-FOMhomwGT3fyB7m7lI5UOkcej-eRuhZ8YzZ7Ieccb5n2zoaxx1P_wODygENhd46HGOYVWXa7AKS8x2uSLqvDb94_LniI5hIa6Y2n9BWORiiV2Bq6eJf6NblitPopXAuqFSLY_TLBnqEWA67ZYDPALhP3U7QIUWE9S39dWKyP_HzA88hELLH496VYkAE7yaJRmN9DeuEoDzKZjw_alcQj72Qb23qMAX6CNhwAVZ7vK4TgPydHZCk9JMzQHqEO2CirpSntC-9oQHXkiN1Nl6tBbEzMDxj7NlzhlGEiqz2i9MM8buWvSdTkyY0m43nzNhQjaOiv-TqriC4Tzkm-cG-ESKJa26GHm8ZydzNg1DpweYDcsqDsXGu70pNyGE7zCvJWcPcLjVI_Ge0k5_mu032p4s_--re_Vd36IaLJehFMHNxf9lMU9XvyxE2I5WzZNF9YdPFNs43QAJZ8-AbVPpdX4DJIWa9CapgpJFBPUl8ullXjeX4HccQUOLhp4-lvFR7nYpP_Jtas-LJu-q2Extqbdngm55SCZ1WK2-ombLKvkjXTlXIJ_1zrCsE2L5UCQ5XtrEbRapZpj8STKOPfaa0tsRrb9VjPQNWFv0tuXzMeeET1NnrT7V-B94QWkwZAtzbFgMaWq4ASFr11k96V2vClE6M4cZns5choTG8_N16zz5HKoE7jlddyIZFHXd-NjeuvLabsWoCRflFHwKJLDd_jmFerx6i0xjWa_HABn1F9wkugHCSr6PjM9HwmHPijuzQ-xbhKfOeFHUzgzCXqA7jPiy76ohppQYcvSxxZT3M0VHd-jCnzk3DRn-6HLIUOvYv2a5ix_DYdo_FP7RXQlmOy4GAyriTzz1U6QivBmhWBM9U6kdXdDrLTiQJo3s9d9YjjGnvYVUbDlHmBtQedTdTdiLwKQ83gRIc8vU-1wZvQJxOREX4hiCku_HfJ3Egvg_cnC1tzkSbDOZepf4FFOULJCHJ1ro0f3Jya8ewTgF3Wc_kea_V8Lr8bNrRuPVSpUNsDZVFAQB60Uq2tSG5c5HpjzNy4tR0GpptFyVdsEV5F2f0-XaJF6_rfi1H-8Gmy2Nj9lLIUWAy6-xgS-q6Jl4mRGkcavGiHB_DAG2tEGeHiydDN-Ug3H2EEMgGGGO8JAoiQHJ0av22IhlFZ9_ncJTEwMs71i6x5UaZdBzwM-yH3eB-0wLWfreVxouCh7X8San1O2KJNV5G4sHV2j1iQRZ14uD5vemQRGBN-_kZ5-_e19cj5J3G-65w5RlMzrvDLBJ2OBixAqR1eGUyCKjDuZ1fvAPDiVUiXC0HvdkCaYuPmwavhLvUx5LSb_Tg96EaY9JSfwkLPY3HOYNBFjsInQkKSGacgsZW4Px4IdiNc8r_FJ_dk1QZdqZIpbg3-DbUir45qXz3FCCKS-7er_Ms7N9EaDd93b7m6fTNTK3JymCo-b3fFaAJgTZW5zQOYgrXbHlk2P3Hw3Nk_wdv6omlOFsPMrjzAU6btXOJooGg-rXmBSolpx9dRM_6FgPzNyuYZe7ia25OdClQgofuC4oM6kL_MUPeZ_-Sgm&cid=CAASEuRoD5U4L2x7UoeNOAbDPzr12Q&rfl=1%2Chttps%253A%252F%252Fgarydemar.com%252F%240
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c2423cbc3081a6d26022031366660f7900aa5cb280fd91f7a3b80777332b1a54

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Wed, 12 May 2021 11:21:06 GMT
via: 1.1 varnish, 1.1 varnish
age: 543
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 3673
x-served-by: config-service-a006-ash-prod.krxd.net, cache-bwi5137-BWI, cache-hhn4057-HHN
x-response-time: 0
x-do-esi: esi
x-timer: S1620818467.749915,VS0,VE0
etag: "8595c2bfd40270513d3f71e8843150475690db95"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 825

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DC50 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 08:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8845
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 May 2022 08:53:41 GMT

GET
H3-29 200 dsp-2005-fairflat_970x90_2020.gif
s0.2mdn.net/4528516/1870323671097434/ Frame DC50 39 KB
39 KB 23ms
6ms Image
image/gif 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528516/1870323671097434/dsp-2005-fairflat_970x90_2020.gif

Requested by

Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

250323543c900614a9068f155d4c5df5e868380969b3dc24989eae9f688caa29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 19:58:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Dec 2020 17:28:51 GMT
server: sffe
age: 55367
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39852
x-xss-protection: 0
expires: Wed, 12 May 2021 19:58:19 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 883A 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 12 May 2021 10:37:10 GMT
expires: Thu, 12 May 2022 10:37:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2636
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 992D 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://garydemar.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 12 May 2021 11:11:51 GMT
expires: Thu, 12 May 2022 11:11:51 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 555
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame F096 0
23 B 43ms
43ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: garydemar.com
URL: https://garydemar.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 11:21:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame 3EDB 170 B
188 B 27ms
25ms Image
image/png 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY3qvMajAB&v=APEucNVI_DRPmdvVzV3k6BFANvKeuxT-VqOnE92e-xy684Gj-wu8snpa0EPMZSIpX2T8xc-qLl6Ye2GT0uOPL-ILo8QlSfxz7XlV-GpmONQmVziSm7zk0t9xzTMqLhDhQqQTomMCWfI3DGm4HACR6yWbKhTmdzeg245TXrYvSHp2CkvwhdCSj60syfePpGEp46qy_jPqq1JbDMURhKh1DLRrPIU0oYXIDw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3EDB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENNq5Iqzz_lqGCkwzvhAl8&google_cver=1

43 B
1014 B

42ms
28ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENNq5Iqzz_lqGCkwzvhAl8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY3qvMajAB&v=APEucNVI_DRPmdvVzV3k6BFANvKeuxT-VqOnE92e-xy684Gj-wu8snpa0EPMZSIpX2T8xc-qLl6Ye2GT0uOPL-ILo8QlSfxz7XlV-GpmONQmVziSm7zk0t9xzTMqLhDhQqQTomMCWfI3DGm4HACR6yWbKhTmdzeg245TXrYvSHp2CkvwhdCSj60syfePpGEp46qy_jPqq1JbDMURhKh1DLRrPIU0oYXIDw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:06 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 12 May 2021 11:21:06 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENNq5Iqzz_lqGCkwzvhAl8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3EDB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJu6IvRXwsi6g5kJoJsNzAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENNq5Iqzz_lqGCkwzvhAl8&google_cver=1

43 B
1014 B

54ms
53ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENNq5Iqzz_lqGCkwzvhAl8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY3qvMajAB&v=APEucNVI_DRPmdvVzV3k6BFANvKeuxT-VqOnE92e-xy684Gj-wu8snpa0EPMZSIpX2T8xc-qLl6Ye2GT0uOPL-ILo8QlSfxz7XlV-GpmONQmVziSm7zk0t9xzTMqLhDhQqQTomMCWfI3DGm4HACR6yWbKhTmdzeg245TXrYvSHp2CkvwhdCSj60syfePpGEp46qy_jPqq1JbDMURhKh1DLRrPIU0oYXIDw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:07 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 12 May 2021 11:21:07 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENNq5Iqzz_lqGCkwzvhAl8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame DF31 170 B
188 B 17ms
16ms Image
image/png 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCp37T3ARjG9IedATAB&v=APEucNWJgx8AAF-xphB9gXU0ziDYgkyV4ndHvjA4fgBpyL0VJiF3hVs1DSjgbkacT65CKV23tKeD5au9nWZgiWQeQ3JNvV4jipdYvhhdyXFnouV7D0eGnap2utxkI060yz-HLRelB2H5JQC_y1oD3NFMXrG9ApY6VyvLSEtBb2_vj2as1V5dIF2-dWGGf9nMXvsU5f7GME74bP9EXUQSM7Y2alNYUt7mOw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DF31
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENNq5Iqzz_lqGCkwzvhAl8&google_cver=1

43 B
1014 B

41ms
27ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENNq5Iqzz_lqGCkwzvhAl8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCp37T3ARjG9IedATAB&v=APEucNWJgx8AAF-xphB9gXU0ziDYgkyV4ndHvjA4fgBpyL0VJiF3hVs1DSjgbkacT65CKV23tKeD5au9nWZgiWQeQ3JNvV4jipdYvhhdyXFnouV7D0eGnap2utxkI060yz-HLRelB2H5JQC_y1oD3NFMXrG9ApY6VyvLSEtBb2_vj2as1V5dIF2-dWGGf9nMXvsU5f7GME74bP9EXUQSM7Y2alNYUt7mOw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:06 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 12 May 2021 11:21:06 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENNq5Iqzz_lqGCkwzvhAl8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DF31
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJu6IvRXwsi6g5kJoJsNzAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENNq5Iqzz_lqGCkwzvhAl8&google_cver=1

43 B
1014 B

54ms
52ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENNq5Iqzz_lqGCkwzvhAl8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCp37T3ARjG9IedATAB&v=APEucNWJgx8AAF-xphB9gXU0ziDYgkyV4ndHvjA4fgBpyL0VJiF3hVs1DSjgbkacT65CKV23tKeD5au9nWZgiWQeQ3JNvV4jipdYvhhdyXFnouV7D0eGnap2utxkI060yz-HLRelB2H5JQC_y1oD3NFMXrG9ApY6VyvLSEtBb2_vj2as1V5dIF2-dWGGf9nMXvsU5f7GME74bP9EXUQSM7Y2alNYUt7mOw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:07 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 12 May 2021 11:21:07 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENNq5Iqzz_lqGCkwzvhAl8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame DC50 0
23 B 47ms
42ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 11:21:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D1E6 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 12 May 2021 10:37:10 GMT
expires: Thu, 12 May 2022 10:37:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2636
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 controltag.js.0631b7d64dbbd3656a8b7368ad227a04 Show response
cdn.krxd.net/ctjs/ Frame DC50 259 KB
83 KB 8ms
8ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Wed, 12 May 2021 11:21:06 GMT
content-encoding: gzip
age: 5320536
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 3255584
content-length: 84451
x-served-by: cache-hhn4057-HHN
last-modified: Thu, 15 Oct 2020 07:09:29 GMT
x-timer: S1620818467.835587,VS0,VE0
etag: "0631b7d64dbbd3656a8b7368ad227a04"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 13 Oct 2030 07:09:28 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DF14 0
0 74ms
59ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnq0Wesfxz4y6ph8MABN81QhXypn6909dGS3-Ykm4pEqmZ-h2F0mvlwbY5OKx21LZ2zEx0s8uWSskw_zN5ra_DNZCX4Jk2DMRAkM4yfFHeRJqW3yZ3-h_onuGd18R-Nurik3hgkdN5B8EH_v73xBS9ODYw1EGpPyIPE-ZRqLoVdtosGhb4zp0l6OMS8jbDeyvsYu6qqsFdl5wcrvzSnVMlNk0r207cduSFwSeL5IycI8D6iXTxVwRiBT_DngZNb9Hua9xXtCdKHEkLe67GVvM12IZknTvJ3jpsNc4h_kKaH4PClAsbmZXq&sig=Cg0ArKJSzPWmx-86GBmJEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 11:21:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 12 May 2021 11:21:06 GMT

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ Frame DF14 52 B
264 B 108ms
32ms Fetch
text/html 99.81.79.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=168174

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.79.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://garydemar.com
date: Wed, 12 May 2021 11:21:06 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ Frame DF14 0
0 104ms
31ms Fetch 99.81.79.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.79.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://garydemar.com
date: Wed, 12 May 2021 11:21:06 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CBBC 1 KB
749 B 8ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 12 May 2021 06:38:34 GMT
expires: Thu, 13 May 2021 06:38:34 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 16952
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame DC50 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ed923de5ded26af462b76b892d911423c761519d65631d368985d701707cba6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 78AF
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOoHvm4zisNuY-m2d9iaXbw&google_cver=1&google_push=AQvitUJQHZhJn0rnOPaxVk1XqUwUO-Bl36bqxwwXBPcDC5AhVLKZR_7al3azjJ7nzSEb2ucHWbAaqcb8rwbfhM-3awTwHFo5QDtW
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjczNzAyODE2NTAzMzM5MDU2Mg==
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEOoHvm4zisNuY-m2d9iaXbw&google_cver=1

43 B
407 B

93ms
56ms

Image
image/gif

2001:678:cb4:bbbb::11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEOoHvm4zisNuY-m2d9iaXbw&google_cver=1
Requested by: Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:06 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEOoHvm4zisNuY-m2d9iaXbw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 78AF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENoFEb7Aui0fdbIHGOayBPY&google_cver=1&google_push=AQvitUIJlCkUa3bcyRRrTCcU_nNwuQQSuSZl_PHY_GI_c7-FIxrNEW-TZQtlYz5N0JQNggftV7NBHnqEGhfwgWBG...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIJlCkUa3bcyRRrTCcU_nNwuQQSuSZl_PHY_GI_c7-FIxrNEW-TZQtlYz5N0JQNggftV7NBHnqEGhfwgWBGxeHqVwOv0GhO

170 B
188 B

18ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIJlCkUa3bcyRRrTCcU_nNwuQQSuSZl_PHY_GI_c7-FIxrNEW-TZQtlYz5N0JQNggftV7NBHnqEGhfwgWBGxeHqVwOv0GhO

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 12 May 2021 11:21:04 GMT
Server: MT3 3709 11aaa92 master zrh-pixel-x4
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIJlCkUa3bcyRRrTCcU_nNwuQQSuSZl_PHY_GI_c7-FIxrNEW-TZQtlYz5N0JQNggftV7NBHnqEGhfwgWBGxeHqVwOv0GhO
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 12 May 2021 11:21:03 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 78AF 70 B
264 B 34ms
30ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMiXEECfekUfW0kckX9sF-s&google_cver=1&google_push=AQvitUK_sEMWZgzWHPUJUjhReFsovOxd_Dz-WrvxDn4uziRVfwYIPStsWHH6Uu3AaJP-19Xcl_hqaOEfjOje53abxuIOn1h5os64
Requested by: Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 78AF
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEN4qVSxaAJVCbrVAzhRtWKo&google_cver=1&google_push=AQvitUJLxS4Gc4h8itBwvkbIQ6kvnCcNX4WM7gJ7xbztJ9IXqnVrgLWGpc809OB74_OI_3-I2Sji17jC-wvtpIIikENP...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEN4qVSxaAJVCbrVAzhRtWKo&google_cver=1&google_push=AQvitUJLxS4Gc4h8itBwvkbIQ6kvnCcNX4WM7gJ7xbztJ9IXqnVrgLWGpc809OB74_OI_3-I2Sji17jC-wvtpI...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJLxS4Gc4h8itBwvkbIQ6kvnCcNX4WM7gJ7xbztJ9IXqnVrgLWGpc809OB74_OI_3-I2Sji17jC-wvtpIIikENPX2hGkwg&google_hm=wvj2FnKFTGKaEy2vaI2RKg==

170 B
188 B

67ms
67ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJLxS4Gc4h8itBwvkbIQ6kvnCcNX4WM7gJ7xbztJ9IXqnVrgLWGpc809OB74_OI_3-I2Sji17jC-wvtpIIikENPX2hGkwg&google_hm=wvj2FnKFTGKaEy2vaI2RKg==

Requested by

Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJLxS4Gc4h8itBwvkbIQ6kvnCcNX4WM7gJ7xbztJ9IXqnVrgLWGpc809OB74_OI_3-I2Sji17jC-wvtpIIikENPX2hGkwg&google_hm=wvj2FnKFTGKaEy2vaI2RKg==
date: Wed, 12 May 2021 11:21:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 78AF
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELwhuxGk28Fqz2neV4yMzS0&google_cver=1&google_push=AQvitUIWjvdM8kSQusb6iK7HyUxcRkPXDWHgvOpcdTdQCR1nIDQTdZzSeaWQbOpVp9KOsiultIi8Xm53mLiD171wbL1QjyS...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIWjvdM8kSQusb6iK7HyUxcRkPXDWHgvOpcdTdQCR1nIDQTdZzSeaWQbOpVp9KOsiultIi8Xm53mLiD171wbL1QjyS0z3kj&google_hm=NDc5NTY3NzI1NzIwMDIxMjQ5

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIWjvdM8kSQusb6iK7HyUxcRkPXDWHgvOpcdTdQCR1nIDQTdZzSeaWQbOpVp9KOsiultIi8Xm53mLiD171wbL1QjyS0z3kj&google_hm=NDc5NTY3NzI1NzIwMDIxMjQ5

Requested by

Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 12 May 2021 11:21:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIWjvdM8kSQusb6iK7HyUxcRkPXDWHgvOpcdTdQCR1nIDQTdZzSeaWQbOpVp9KOsiultIi8Xm53mLiD171wbL1QjyS0z3kj&google_hm=NDc5NTY3NzI1NzIwMDIxMjQ5
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 78AF
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEAFTkPcWICjquYoWo5YLjow&google_cver=1&google_push=AQvitUINCYAa387w3J8DOHqRY6UGbXamNDW9hMvTeAq3KQmcHmhHtTIZNBuAckH90sPSDzrI1uApkOTVmE_IZndVL2-HqgbwY4ps
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUINCYAa387w3J8DOHqRY6UGbXamNDW9hMvTeAq3KQmcHmhHtTIZNBuAckH90sPSDzrI1uApkOTVmE_IZndVL2-HqgbwY4ps&google_hm=K71JFOHTzzwv6ynGiaejXA==

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUINCYAa387w3J8DOHqRY6UGbXamNDW9hMvTeAq3KQmcHmhHtTIZNBuAckH90sPSDzrI1uApkOTVmE_IZndVL2-HqgbwY4ps&google_hm=K71JFOHTzzwv6ynGiaejXA==

Requested by

Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:06 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUINCYAa387w3J8DOHqRY6UGbXamNDW9hMvTeAq3KQmcHmhHtTIZNBuAckH90sPSDzrI1uApkOTVmE_IZndVL2-HqgbwY4ps&google_hm=K71JFOHTzzwv6ynGiaejXA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: l2bofcjijj72j035ngjld1m4engv54no

GET

pixel
cm.g.doubleclick.net/ Frame 78AF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp...

0
0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 78AF 0
12 B 17ms
14ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J6CdBuVZATG6rLlH0ET-GPsdILU01nCegoPX78uhpY76jK-EoSF5FSGER5aU4L5OLwLV_R

Requested by

Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:06 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame DC50 0
337 B 129ms
28ms Image
text/plain 34.246.207.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?campaignid=11313517&advertiserid=4528516&placementid=268711632&adid=321282296&creativeid=143881683&siteid=1729994&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=af5fc09f-edef-481c-bfa7-696005c6deb3&confid=sfht0if3y
Requested by: Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.207.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:07 GMT
cache-control: private, no-cache, no-store
x-request-time: D=204 t=1620818467
x-served-by: beacon-n002-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame 883A 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 08:20:45 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 10822
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Thu, 12 May 2022 08:20:45 GMT

GET
H2 200 af5fc09f-edef-481c-bfa7-696005c6deb3 Show response
consumer.krxd.net/consent/get/ Frame DC50 301 B
467 B 69ms
49ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/af5fc09f-edef-481c-bfa7-696005c6deb3?idt=device&dt=kxcookie&callback=Krux.ns.congstar.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 82e76fd96be924f1b403ac3df443b63361cf0dae48400077bc085965265e75c1

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:07 GMT
via: 1.1 varnish
age: 1172
x-served-by: consumer-a008-dub-prod.krxd.net, cache-hhn4053-HHN
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1620818467.060614,VS0,VE0
content-length: 228
x-cache-hits: 0, 1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame CBBC
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJtmmAHolqhF4GYDOsLMe64&google_cver=1&google_push=AQvitULRIfCAZvg1TUcFzQDUhimn2Q8VbFtVgVpZh9U3J8GLO5dCWVRi91O06k9UqU8L9cdXES6exPF...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEJtmmAHolqhF4GYDOsLMe64&google_cver=1&google_push=AQvitULRIfCAZvg1TUcFzQDUhimn2Q8VbFtVgVpZh9U3J8GLO5dCWVRi91O06k9UqU8L9...
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=nPomupq3Sci79JAgna9IymCbuiY

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=nPomupq3Sci79JAgna9IymCbuiY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:09 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=nPomupq3Sci79JAgna9IymCbuiY
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET match
um.wbtrk.net/doubleclick/user/ Frame CBBC 0
0

GET
H3-29 200 dot.gif
s0.2mdn.net/ Frame CBBC 43 B
63 B 60ms
55ms Image
image/gif 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEDwR-2RL2d8KB_BKtLjNdgE&google_cver=1&google_push=AQvitUJ1Y6C1cfoqp0ybiHcWauLdv_IQ55A-pPRM5c3AZmc_pThww9SxtzxMppJp47kjbEugh4IlFzQXrIfZ-p-iPIAVqehqs3E

Requested by

Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Thu, 13 May 2021 11:21:07 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame CBBC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG47EkQJfK2dmdOI9-RHS-M&google_cver=1&google_push=AQvitUIly431s46Kzl_c2tzxvXKeSEsCBren3BgMqZGWrNq6DW-hhfoVYE_q7AZygJ-CmRdWmJG...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MREdSS1MtRy1HVzhB&google_push=AQvitUIly431s46Kzl_c2tzxvXKeSEsCBren3BgMqZGWrNq6DW-hhfoVYE_q7AZygJ-CmRdWmJGw3cLRdemSq0Oo5AbxVXv2P8U

170 B
188 B

21ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MREdSS1MtRy1HVzhB&google_push=AQvitUIly431s46Kzl_c2tzxvXKeSEsCBren3BgMqZGWrNq6DW-hhfoVYE_q7AZygJ-CmRdWmJGw3cLRdemSq0Oo5AbxVXv2P8U

Requested by

Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MREdSS1MtRy1HVzhB&google_push=AQvitUIly431s46Kzl_c2tzxvXKeSEsCBren3BgMqZGWrNq6DW-hhfoVYE_q7AZygJ-CmRdWmJGw3cLRdemSq0Oo5AbxVXv2P8U
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame CBBC
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMugONVxzUMyRiSsOysuDEo&google_cver=1&google_push=AQvitUKeiAuYxmCBzq6q92resiXyBG9odytPxJACGXbtA8yFIH0qmaKi-K_-t_3pFiydY-HjIHe7CxFAsQzrEavv23kp3ESkerk
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitUKeiAuYxmCBzq6q92resiXyBG9odytPxJACGXbtA8yFIH0qmaKi-K_-t_3pFiydY-HjIHe7CxFAsQzrEavv23kp3ESkerk&googl...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTM2NTc2NjI1NTQ0MzQ1NDU1&google_push=AQvitUKeiAuYxmCBzq6q92resiXyBG9odytPxJACGXbtA8yFIH0qmaKi-K_-t_3pFiyd...

170 B
188 B

45ms
45ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTM2NTc2NjI1NTQ0MzQ1NDU1&google_push=AQvitUKeiAuYxmCBzq6q92resiXyBG9odytPxJACGXbtA8yFIH0qmaKi-K_-t_3pFiydY-HjIHe7CxFAsQzrEavv23kp3ESkerk

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTM2NTc2NjI1NTQ0MzQ1NDU1&google_push=AQvitUKeiAuYxmCBzq6q92resiXyBG9odytPxJACGXbtA8yFIH0qmaKi-K_-t_3pFiydY-HjIHe7CxFAsQzrEavv23kp3ESkerk
date: Wed, 12 May 2021 11:21:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame CBBC
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEO6Bufuzo-zzCIa_fi-dWwc&google_cver=1&google_push=AQvitUKSCA8rNTyHdVDllIg0WMcMaIyhGPSzh4vNXcx6Eni7EEtpCEg6...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEO6Bufuzo-zzCIa_fi-dWwc&google_cver=1&google_push=AQvitUKSCA8rNTyHdVDllIg0WMcMaIyhGPSzh4vNXcx6Eni7EEtpCEg6...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEO6Bufuzo-zzCIa_fi-dWwc&google_cver=1&google_push=AQvitUKSCA8rNTyHdVDllIg0WMcMaIyhGPSzh4vNXcx6Eni7EEtpCE...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyNTNmZDQ3Ni1iMzE0LTExZWItYmE2Yi0wNjAwN2QyMTRkYWE%3D&google_push=AQvitUKSCA8rNTyHdVDllIg0WMcMaIyhGPSzh4vNXcx6Eni7EEtpCEg6zyBNvz674a...

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyNTNmZDQ3Ni1iMzE0LTExZWItYmE2Yi0wNjAwN2QyMTRkYWE%3D&google_push=AQvitUKSCA8rNTyHdVDllIg0WMcMaIyhGPSzh4vNXcx6Eni7EEtpCEg6zyBNvz674airNnB4eYk1DvdTsTfLv5dfDGrCiynF6-UgxQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 12 May 2021 11:21:08 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyNTNmZDQ3Ni1iMzE0LTExZWItYmE2Yi0wNjAwN2QyMTRkYWE%3D&google_push=AQvitUKSCA8rNTyHdVDllIg0WMcMaIyhGPSzh4vNXcx6Eni7EEtpCEg6zyBNvz674airNnB4eYk1DvdTsTfLv5dfDGrCiynF6-UgxQ
Connection: keep-alive
Content-Length: 0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame CBBC 0
12 B 60ms
56ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K_jR-tx7vDW8ey-NAiEB39AmCYRjOloVnyOb_iq9TjgxChksE1hHElVmUWfWCzrPA

Requested by

Host: d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
URL: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:07 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 generic
trends.revcontent.com/event/ Frame DF14 0
0 387ms
30ms Fetch 99.81.79.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/generic
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.79.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://garydemar.com
date: Wed, 12 May 2021 11:21:07 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ Frame DF14 9 KB
4 KB 172ms
170ms Fetch
text/html 99.81.79.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=false&w=168174&width=300&rev_allow_cookies=0&site_url=https%3A%2F%2Fgarydemar.com%2F&icr_url=&va=1&time=1620818467053&up=pc&bn=chrome&bv=89&widget_width=0

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.79.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

57d01f5f0318db462df992255e277a7a01fe876481eef8327cbe8a4fa2243abb

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:07 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://garydemar.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 4170

GET
H3-29 200 VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js Show response
pagead2.googlesyndication.com/bg/ Frame D1E6 14 KB
6 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 10:37:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 2600
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Thu, 12 May 2022 10:37:47 GMT

GET
H3-29 200 VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js Show response
pagead2.googlesyndication.com/bg/ Frame 992D 14 KB
6 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 10:37:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 2600
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Thu, 12 May 2022 10:37:47 GMT

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 0FE9
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9e8ff3fb-9a56-4b92-ab7f-5879e12ac731
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9e8ff3fb-9a56-4b92-ab7f-5879e12ac731&tbid=7f350496-8b74-4146-9ac1-46b96950cd18-tuct7953fa1&query=taboola_hm%3D9e8ff3fb-9a56-...

0
72 B

20ms
18ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9e8ff3fb-9a56-4b92-ab7f-5879e12ac731&tbid=7f350496-8b74-4146-9ac1-46b96950cd18-tuct7953fa1&query=taboola_hm%3D9e8ff3fb-9a56-4b92-ab7f-5879e12ac731&isDirect=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:07 GMT
via: 1.1 varnish
server: nginx
x-timer: S1620818467.341035,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19133-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9e8ff3fb-9a56-4b92-ab7f-5879e12ac731&tbid=7f350496-8b74-4146-9ac1-46b96950cd18-tuct7953fa1&query=taboola_hm%3D9e8ff3fb-9a56-4b92-ab7f-5879e12ac731&isDirect=0
tbl-x-upstream: 10.41.10.199:10213
date: Wed, 12 May 2021 11:21:07 GMT
server: nginx
x-fastly-to-nlb-rtt: 10752

GET
H2 200 sd
u.openx.net/w/1.0/ Frame 0FE9 43 B
180 B 28ms
14ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?id=543998486&val=a382a870-2c60-4997-883f-e1840c999caf-tuct7953fa0&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:07 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 0FE9 42 B
233 B 3314ms
89ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=281&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:10 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 0FE9 0
239 B 19ms
13ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 0FE9
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=nN80R34B8yGz&ev=1&orig=trc&pid=562107

0
219 B

14ms
13ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=nN80R34B8yGz&ev=1&orig=trc&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.12.133:10213
date: Wed, 12 May 2021 11:21:10 GMT
server: nginx
x-fastly-to-nlb-rtt: 13218

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=nN80R34B8yGz&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-stage-0
expires: -1

GET
H2

200

/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 0FE9
Redirect Chain

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1626091424495893470&orig=trc

0
227 B

18ms
13ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1626091424495893470&orig=trc
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.12.133:10213
date: Wed, 12 May 2021 11:21:07 GMT
server: nginx
x-fastly-to-nlb-rtt: 7149

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:07 GMT
X-Proxy-Origin: 159.48.53.232; 159.48.53.232; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.105:80
AN-X-Request-Uuid: 202e432e-cf4d-446e-b75c-186c088aab14
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1626091424495893470&orig=trc
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 0FE9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEHMbk--GCko2tg-2QB5--84&google_cver=1

0
234 B

21ms
15ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEHMbk--GCko2tg-2QB5--84&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Wed, 12 May 2021 11:21:07 GMT
via: 1.1 varnish
server: nginx
x-timer: S1620818467.218816,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11577-HHN

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEHMbk--GCko2tg-2QB5--84&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame 0FE9 42 B
805 B 5242ms
13ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=a382a870-2c60-4997-883f-e1840c999caf-tuct7953fa0:$UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:11 GMT
X-lat: amspug012:0:476
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0FE9
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=7f350496-8b74-4146-9ac1-46b96950cd18-tuct7953fa1

170 B
188 B

19ms
15ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=7f350496-8b74-4146-9ac1-46b96950cd18-tuct7953fa1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=7f350496-8b74-4146-9ac1-46b96950cd18-tuct7953fa1
tbl-x-upstream: 10.40.0.134:10213
date: Wed, 12 May 2021 11:21:07 GMT
server: nginx
x-fastly-to-nlb-rtt: 7150

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 0FE9
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=edbb1adf-a410-4e9c-9562-b671118e78f5

0
55 B

16ms
15ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=edbb1adf-a410-4e9c-9562-b671118e78f5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Wed, 12 May 2021 11:21:07 GMT
via: 1.1 varnish
server: nginx
x-timer: S1620818467.321770,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11577-HHN

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:07 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=edbb1adf-a410-4e9c-9562-b671118e78f5
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET merge
ce.lijit.com/ Frame 0FE9 0
0

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 0FE9 49 B
406 B 3639ms
96ms Image
image/gif 198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=a382a870-2c60-4997-883f-e1840c999caf-tuct7953fa0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-7c488d4f5b-4jjrl
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 0FE9 43 B
697 B 1374ms
24ms Image
image/gif 185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=a382a870-2c60-4997-883f-e1840c999caf-tuct7953fa0&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:07 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 put
e1.emxdgt.com/ Frame 0FE9 0
59 B 2079ms
7ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=a382a870-2c60-4997-883f-e1840c999caf-tuct7953fa0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:09 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 0FE9
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=926e014e-3468-4b8b-b18f-6d61012a496a

0
228 B

13ms
13ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=926e014e-3468-4b8b-b18f-6d61012a496a
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.10.199:10213
date: Wed, 12 May 2021 11:21:07 GMT
server: nginx
x-fastly-to-nlb-rtt: 16205

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=926e014e-3468-4b8b-b18f-6d61012a496a
cache-control: no-cache
date: Wed, 12 May 2021 11:21:06 GMT
server-processing-duration-in-ticks: 1791
content-type: text/html; charset=utf-8
content-length: 222
expires: Wed, 12 May 2021 00:00:00 GMT

GET

/
loadus.exelator.com/load/ Frame 0FE9
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=a382a870-2c60-4997-883f-e1840c999caf-tuct7953fa0&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=a382a870-2c60-4997-883f-e1840c999caf-tuct7953fa0&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOysZXNMtuhcRt6tnFA_mZHa5cQhkitJpnJvO_eg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOysZXNMtuhcRt6tnFA_mZHa5cQhkitJpnJvO_eg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=6bd21104-0182-48e8-9349-bb2383a7098a&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/441/5/3.gif?puid=e_e15125bd-8100-497a-a6bf-0baf597d46bc&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESELp5tCCsVLqnMFo3GfexM9k&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1626091424495893470&opid=apx&ops=&utidl=tech:goo:CAESELp5tCCsVLqnMFo3GfexM9k&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A17441413085&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/3/5.gif?puid=e4b95f7dcdbe799fcafb832cfa67408a&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/2/6.gif?puid=608f6cd4-2cf0-467c-9d42-7a22ce9b3bf4&gdpr=1&gdpr_consent=
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D

0
0

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 0FE9
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=L5FpxAd5CnKC85CNJLqbYA

0
218 B

13ms
13ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=L5FpxAd5CnKC85CNJLqbYA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.134:10213
date: Wed, 12 May 2021 11:21:08 GMT
server: nginx
x-fastly-to-nlb-rtt: 14084

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=L5FpxAd5CnKC85CNJLqbYA
date: Wed, 12 May 2021 11:21:08 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 0FE9 35 B
380 B 374ms
94ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Wed, 12 May 2021 11:20:32 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 0FE9
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dtaboola%26bsw_param%3Dc2f8f616-7285-4c62-9a13-2daf688d912...
https://x.bidswitch.net/sync?dsp_id=80&user_id=fdb7609b-ba23-4800-b75a-f11636779b99&expires=30&ssp=taboola&bsw_param=c2f8f616-7285-4c62-9a13-2daf688d912a&gdpr=0&gdpr_consent=
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c2f8f616-7285-4c62-9a13-2daf688d912a

0
227 B

15ms
14ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c2f8f616-7285-4c62-9a13-2daf688d912a
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.95:10213
date: Wed, 12 May 2021 11:21:07 GMT
server: nginx
x-fastly-to-nlb-rtt: 15075

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c2f8f616-7285-4c62-9a13-2daf688d912a
date: Wed, 12 May 2021 11:21:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 cds.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 22ms
13ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 916d29998baf302ea3c88e031e6f77370ef2aff02258f1b53557599099d27cdc

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: qAC_83v.ruQxT.EBjAF212Y3Xw1cEshk
content-encoding: gzip
etag: "fe3141b1cffc47b284c82d96b098b304"
age: 2203
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1181
x-amz-id-2: 7BQRL9iY7L8Tf3O0nB1ktVMpv9AnvetXSGu3BRR2WleFIbXVOXrz/PPn8YfxL0+rV1Xv+3FcIj0=
x-served-by: cache-fra19133-FRA
last-modified: Wed, 10 Mar 2021 13:27:13 GMT
server: AmazonS3
x-timer: S1620818467.128147,VS0,VE0
date: Wed, 12 May 2021 11:21:07 GMT
vary: Accept-Encoding
x-amz-request-id: R30ZXS631HAMHHHX
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 35
x-cache-hits: 15328

GET
H2 200 optout_check Show response
beacon.krxd.net/ Frame DC50 81 B
240 B 71ms
70ms Script
text/javascript 34.246.207.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.congstar.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.207.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 59c6900b99e8f08d4ce444ae4d547142b4cba8dde8800885d96753dc2d09f166

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:07 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=44 t=1620818467
x-served-by: beacon-n011-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 / Show response
t1.taboola.com/ 2 B
175 B 732ms
113ms XHR
text/html 141.226.124.206
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.206 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 340792a7a42feffabbddc144fe4059013ff8af265ca9c3337933e0b633569367

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:07 GMT
last-modified: Sun, 24 Jan 2021 15:03:23 GMT
server: nginx
etag: "600d8c3b-2"
content-type: text/html
access-control-allow-origin: https://garydemar.com
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t2.taboola.com/ 2 B
175 B 725ms
107ms XHR
text/html 141.226.124.221
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t2.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.221 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:07 GMT
last-modified: Sun, 24 Jan 2021 15:03:13 GMT
server: nginx
etag: "600d8c31-2"
content-type: text/html
access-control-allow-origin: https://garydemar.com
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t3.taboola.com/ 2 B
175 B 3613ms
121ms XHR
text/html 141.226.124.227
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t3.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.227 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 535fa30d7e25dd8a49f1536779734ec8286108d115da5045d77f3b4185d8f790

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:10 GMT
last-modified: Sun, 24 Jan 2021 15:03:23 GMT
server: nginx
etag: "600d8c3b-2"
content-type: text/html
access-control-allow-origin: https://garydemar.com
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t4.taboola.com/ 2 B
175 B 3610ms
122ms XHR
text/html 141.226.124.216
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t4.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.216 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 4ec9599fc203d176a301536c2e091a19bc852759b255bd6818810a42c5fed14a

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:10 GMT
last-modified: Sun, 24 Jan 2021 15:03:16 GMT
server: nginx
etag: "600d8c34-2"
content-type: text/html
access-control-allow-origin: https://garydemar.com
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t5.taboola.com/ 2 B
175 B 7710ms
110ms XHR
text/html 141.226.124.210
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t5.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.210 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 6b51d431df5d7f141cbececcf79edf3dd861c3b4069f0b11661a3eefacbba918

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:14 GMT
last-modified: Thu, 21 Jan 2021 15:58:46 GMT
server: nginx
etag: "6009a4b6-2"
content-type: text/html
access-control-allow-origin: https://garydemar.com
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t6.taboola.com/ 2 B
175 B 7772ms
110ms XHR
text/html 141.226.124.196
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t6.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.196 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 6cd5b6e51936a442b973660c21553dd22bd72ddc8751132a943475288113b4c0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:15 GMT
last-modified: Sun, 24 Jan 2021 15:03:23 GMT
server: nginx
etag: "600d8c3b-2"
content-type: text/html
access-control-allow-origin: https://garydemar.com
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t7.taboola.com/ 2 B
175 B 7716ms
162ms XHR
text/html 141.226.124.208
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t7.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.208 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 4a44dc15364204a80fe80e9039455cc1608281820fe2b24f1e5233ade6af1dd5

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:14 GMT
last-modified: Sun, 24 Jan 2021 15:03:13 GMT
server: nginx
etag: "600d8c31-2"
content-type: text/html
access-control-allow-origin: https://garydemar.com
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t8.taboola.com/ 2 B
175 B 1602ms
107ms XHR
text/html 141.226.124.218
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t8.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.218 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: a73fcf339640929207281fb8e038884806e2eb0840f2245694dbba1d5cc89e65

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:08 GMT
last-modified: Sun, 24 Jan 2021 15:03:16 GMT
server: nginx
etag: "600d8c34-2"
content-type: text/html
access-control-allow-origin: https://garydemar.com
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
pips.taboola.com/ 64 B
238 B 28ms
6ms XHR
text/plain 2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:07 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19128-FRA
access-control-allow-methods: GET
access-control-allow-origin: https://garydemar.com
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

POST
H2 204 impression
trends.revcontent.com/event/ Frame DF14 0
0 96ms
30ms Fetch 99.81.79.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/impression
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.79.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://garydemar.com
date: Wed, 12 May 2021 11:21:07 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H3-29 200 css2
fonts.googleapis.com/ Frame DF14 3 KB
599 B 63ms
63ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato&family=Roboto&display=swap

Requested by

Host: garydemar.com
URL: https://garydemar.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d37a69b4d97a22c41911c610868a1db6a49a2c1050e59073e0864f75cb27fec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 May 2021 11:21:07 GMT
server: ESF
date: Wed, 12 May 2021 11:21:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 May 2021 11:21:07 GMT

GET
H2 200 rendered
ri.vompatle.com/notify/ Frame DF14 0
38 B 295ms
96ms Image
text/plain 3.216.40.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ri.vompatle.com/notify/rendered?a=revcontent&cep=nvG9hLYnsxQ51Bj7XrMfDhF2XOJd5s2sv2Z8DhEVl6WQ86jXjq0Wh39OlNlheMIdAqp6KOm_U9_Wcx7HD9kUwC4XYTz7gFbwmm8kOm2w834zP0narsdGVosGPRELX_A_7RXQmCtQ-0Yuq0vfDUmWGFHAUafD4UUoR5UlxXuUwuCdmK584J1dzKmWEZXZXEw2oN6cFXef884kJ0-MInwUt1dygfPTN5rFlw0rpEhUvOhBj4oybCIuGGpBfLLCmf_M-6kNWhMFOaHarwef121sRnkq-DRcL-DGajc11hE6qsk=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.40.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:08 GMT
content-length: 0

GET
H2 200 rc-logo.png
cdn.revcontent.com/assets/img/ Frame DF14 4 KB
4 KB 109ms
36ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revcontent.com/assets/img/rc-logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:08 GMT
last-modified: Mon, 10 May 2021 17:39:04 GMT
etag: "1620668344"
x-hw: 1620818468.cds017.ml1.hn,1620818468.cds215.ml1.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=57
accept-ranges: bytes
content-length: 4298

GET
H2 200 https%3A%2F%2Fcdn.vompatle.com%2Fff53a4a7-6c87-45df-b309-95fa5c56fcfe%2F5a55017d-784c-4f17-986b-a8b458807acb.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/ Frame DF14 6 KB
6 KB 361ms
39ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https%3A%2F%2Fcdn.vompatle.com%2Fff53a4a7-6c87-45df-b309-95fa5c56fcfe%2F5a55017d-784c-4f17-986b-a8b458807acb.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

91cd603636632bd428bb06ecda2e255ee736385e92cd096a8c86c2f688d70097

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 10:08:47 GMT
server: Cloudinary
etag: "acb3606f7c3e401c0c5a67a1e2ac33a8"
strict-transport-security: max-age=604800
x-hw: 1620818467.cds022.ml1.hn,1620818467.cds221.ml1.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=154;cpu=0;start=2021-05-11T11:03:21.541Z;desc=miss,rtt;dur=0,cloudinary;dur=53;start=2021-05-11T11:03:21.594Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 6088

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame DF14 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&family=Roboto&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://garydemar.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 553055
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Fri, 06 May 2022 01:43:32 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D1E6 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsuRaIrqbYJujJJK03gPbrr-gBQAAAAA4AeAEAg&bg=!W1ilWBzNAAY59bwoOfU7ACkAdvg8WqZLyoOoaXibIYtumNTTSi5ROQzffWPMW8YRhiy9SaDDD30RlwIAAAHiUgAAABtoAQcKAERomdUU1t9gMRxVVkkNpXqfncpmSMbCm7BYVufDtp6vkR0Xnc7zo8WUD0HQGpKzAbweWMnmg7bVExz4M0LbDheJsgzE2ZkCkm2w7idT0K4hsoFKVm6-WGXl1zA3ndrU69W1gI7cWdiPRH6sGMGMoMGf8r8ilvZJ-KjKEe-Fl_E8w2mxgtC02CI2kS3AFgmzD8lO3k0QEsLO6l7pKj0X-gcujvnF_3M99n10YscWZire5RpkI5YKWeir8VNUGcyAsc7vtfsls4HWBI3s00PT9dDKy3-6BBHbyk2sREpcWmdes4yQGzx26mxrsUSa3I1PbIFkAyuvCw98HLqfNKtvYttIcTfcm6zTTAhR19jOiN_GKiA7PTzzpgx7TbAqlt41dmpvZXQZ0dmEQqW1W1nMp_Rpz3Hf0x4NX1eXFE5o72KhiE089gqLDrijy4SYpUhDE7GrvATbscU2B8aBVbE2pOo_unHCae4WyBNn5lK_5ZNG2wmWgmth5o3aq8P_AqO4UPpLD3XRDne5duo5hXy2Rr9D4mKjIpWPTZDXXcPTyZ2cM_S786kCV6k_qXHOruMxyGegMy0KNkdluXXDpYhWh0ohGVF6F_tOz1KHyBFWU0gu11up8Z7RzOvYANOe29VmO_sprbkxJmaww-_UQ2PiyQiJ2jf3fHmm0B_7Kptu3KcAPzlWgR4KTWYT6NBATfaYMtn-NB2vJtaLR9TMIVX5p5V6xGIwxg7f8lPrM_2PSiojkZigsLI9dROfCLtI7Wfoa1ipqU4B4q9WImFE4MWRVqTlC9w-326XRDxWFLKvVM1sd3tydW5gG_rx0iAn27lFoVot_oXpswq2rmU7kQO4dg-PvWt_f7vsxNLGDWO59cmaJSEfMwjIAAn5exPCf_ZoCexf9dWoLCePBGDE0eoGM0PgX3JCYgfM9SkwkR_Ps5T-ESJ8cM7M8NiVS6xMGk5Zt8hXMF42C4c_JV4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 883A 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1y5kIrqbYOiyCImygQeH8LnAAgAAAAA4AeAEAg&bg=!IyClIGTNAAY59bwoOfU7ACkAdvg8Wu-2vOsyqo4pN5FzMl1S9tgntgBr5zb2zjy25mAvZZyAShG1fgIAAAJEUgAAABBoAQcKAAla5xRmwxq4MBiZApB0QCniN7p-OO65MaAQO_eIVQMpQYLmIsALnWWuH9DktbfMLfqb41RI_RUBqJx0Hi7syHWibZoIA6UhV9oDK-cXndQ5Wukc6eM4H8LMdUGRnYNzpcVGOCGfL109YlGsNTQMLin8LCeiec-fSAc1AoG_tvjI0BXt_-APAkPnT9XHoY3EVxkCvvNTiGINWUypJJDOKX_93Xmf2ybPAKJxQB2zbfMzbZMJnHjo2U14IpcDVOBDHZ5JDSsMVxHpa6fG_7dyKq6j5IWSgKbXiof1TZZkBnw0o8ukrtvp9H_s9xK_tthxWFNXOa4YtxutObB1FGRCGjmXQYr7MPkxkFt7CuA0upn53F4melOpqwLR1Ce3Ncn1Nzqydid6r9v1PsO4H3ORP0rfDz6N_LHDAw3R0o2m-KR4R6IeYV_29meRgCrIx3-eXM0A_0mDR0UJ81o0hHv9bqt_oNimC-9ZjsGgL8LwdZPwgMQgX_LAKUOVJQkvpEuiZGCujMN4dhfZb0lDLrNmj9uc_UxCTtvT0Ez68U9FkixQTWQ5Lck6PYIU1TBlXlWmHriA8dBjP0rVpOoAhVJ0Mru7EYCXTNE3DVIlytlX6pootA6Doxie3wB-GXP3FfLOOzbYqTGIk91z30gC-Ntdqm0Zo95_GBEmwgTQnT3TRY_vdUI0o7R691VSSXCnBQcF-saiEMchYsKG-Zn_0mkxcdfaETteOt4a9RV-QTXsaY1RZVLpv0TZxi5239Tj0mAcyVukOmfxBrGUEEbQyw21geIXD1XGwFcM5CYaE79zOxaYpKLQenjvYtDxM6SkiPHNdSgINcjy6_8Xc4r0i-JTrJxWoZsSKDL8SkQTKGoTWKxptibawmPz8-dlLVcrvg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021050601&jk=3438968678379576&bg=!HxylHFjNAAY59bwoOfU7ACkAdvg8WrpDCSZNY-KpBytzo08Tssuob_qDuUpCZjNs1LSUzpmRW2Ph_wIAAAGrUgAAAA1oAQeZAkNlPnWsFdV7Xfo3c9ZJ355jeCrMlBOLf9DlLjCNwdcOa8fVaoE7Bd1EPQ-S8n-TgtLQEhjYApxgqtzrKASyBdhnQos55TRtuLd0rlgqr3NfKxqc_I-jAAAR3Q3Cx7GmjCRnffpfIzmM6z1p0_Iu4f8r6UoM8X4mTn-yOeRjX59TTlbxkMq168uFYw-Gg0Jcq22QbYIQe45szya0yDW65Pc3uwERpV3CHOFmAdbooTiud97NGRaAbzOrNpt4RG9IKnD60-0W00fmNFOVvOs_VW6LobFKRGcypJ8BglHYqIkZGh3oW7f1dx4QR9k75DzOEYM9WExFlqekm9nwAJ_LRG3joeZtNef9-9RI4iy44RiGDr46QcFLPzHZk7nE8xe4kDaDa0K5mMS9gejU0yz5oZO-kQfqi57E_IKdfuo9RIIuJHCY515zQyAT_wQnvxNK7Gzt9Yrbfbjko0f_dMRJgPjO20bz1A4DB2b64X4xia_MW1zE_Rj_SBKZJazrP2Al_WFKhxqWsOnaoYTGkbVYF5sUXarZZXS8knqhG63HN7MS5NCTQ6MEihQ0vyKBcsieczb19nyJMSxrro0OmBthpm-eGRrgECLrwbqZhRi_eSngc-IxoXEGHax3h95hlV1kvbKBkhLIj_oK7SmAL4g8x9h2orh7yfru99-4snjmICxBC-6iIJJ6bLMam2mOfEWQhPDhDWiFATKyfJgNQIocnPYUgw8KG6SyHOG-JTSWxSEur3cIYf25dnu9i3atW2Sy9EX0poY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F096 42 B
64 B 21ms
21ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQdJW-jQ72A-rsCBbf6ZTEe2qHEP6Wo3gkS8iNHOS1G0Ye-Am1mZgWESTgaIbyGg6y8O17Q9cV2nQY1nlD_P9S5HAg4wQZhva7On7czCe5tNrE86khH7QJxCu1fA&sai=AMfl-YRWQxvP_tUCxGgel9GGvV5E79mIBF1JztUmo4Dqin-2zNnO7iUex0v0iTyGoy_V_7EVsLYiAXmV5UL1lTiskbo9qe1IarjWFDiQ42vF2U7YedbCzEQuJAzFmV4&sig=Cg0ArKJSzLnujyhinA81EAE&cid=CAASEuRotMzUd1hWv2gHnWwkvuAElw&id=lidar2&mcvt=1001&p=319,1040,923,1340&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20210510&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=3000647830&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620818466536&dlt=27&rpt=243&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 generic
trends.revcontent.com/event/ Frame DF14 0
0 30ms
30ms Fetch 99.81.79.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/generic
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.79.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://garydemar.com
date: Wed, 12 May 2021 11:21:07 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

POST
H2 204 generic
trends.revcontent.com/event/ Frame DF14 0
0 31ms
30ms Fetch 99.81.79.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/generic
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.79.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://garydemar.com
date: Wed, 12 May 2021 11:21:07 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DC50 42 B
64 B 21ms
20ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRpAhNM0OFTtJ9SYOSiIbndKb2uRaVcL11HqAX5eh7aO16pIO9kltKxWw3zmu95jYqh_cPvoOSuy32l4MPc_NXkF9o1pNVOo8J173k13IrVQhbHPpYiaerys-vXw&sai=AMfl-YQdbVBrDalu5J2DPl3rWAyUYeAHUHgUmV9ohbeV4hlIhHLLu7RRHslyRbV4nh88KiIZ1xOph5-3vAOufaj9mJrajSpzwafb2H_Ur6yRYMPV097ZXakpefxvLZo&sig=Cg0ArKJSzJPyTAAcI4a_EAE&cid=CAASEuRoD5U4L2x7UoeNOAbDPzr12Q&id=lidar2&mcvt=1000&p=1110,315,1204,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210510&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=3833456366&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620818466535&dlt=25&rpt=346&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v2nwcTc0f2E7Pbx4_7zJY_ofsY5u6wzqkzbe3nifgMZBm0Pj6-2QyAznA7FLx8_3sDA9DTGDA Show response
fadedsnow.com/ 139 B
222 B 15ms
15ms Fetch
application/json 35.201.96.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fadedsnow.com/v2nwcTc0f2E7Pbx4_7zJY_ofsY5u6wzqkzbe3nifgMZBm0Pj6-2QyAznA7FLx8_3sDA9DTGDA

Requested by

Host: fadedsnow.com
URL: https://fadedsnow.com/v2/0/kpqEFU9bQ_bhJZ241RTU9NDIOgy4mjzzIIxEarkB20uT3Uw-KDss6B78PUtIxWt6MuBiA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.96.201.35.bc.googleusercontent.com

Software

Resource Hash

788c3cf61e6b402191052fb6a810f94d736d521c22675a8fe2d84c6d07439980

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Wed, 12 May 2021 11:21:10 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://garydemar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: e604810c
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 139
expires: Wed, 12 May 2021 11:21:09 GMT

POST
H2 200 v2nwcTc0f2E7Pbx4_7zJY_ofsY5u6wzqkzbe3nifgMZBm0Pj6-2QyAznA7FLx8_3sDA9DTGDA Show response
fadedsnow.com/ 139 B
172 B 15ms
15ms Fetch
application/json 35.201.96.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fadedsnow.com/v2nwcTc0f2E7Pbx4_7zJY_ofsY5u6wzqkzbe3nifgMZBm0Pj6-2QyAznA7FLx8_3sDA9DTGDA

Requested by

Host: fadedsnow.com
URL: https://fadedsnow.com/v2/0/kpqEFU9bQ_bhJZ241RTU9NDIOgy4mjzzIIxEarkB20uT3Uw-KDss6B78PUtIxWt6MuBiA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.96.201.35.bc.googleusercontent.com

Software

Resource Hash

788c3cf61e6b402191052fb6a810f94d736d521c22675a8fe2d84c6d07439980

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Wed, 12 May 2021 11:21:10 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://garydemar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: e604810c
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 139
expires: Wed, 12 May 2021 11:21:09 GMT

GET
H2 200 usersync.html Show response
ad-cdn.technoratimedia.com/html/ Frame 09C2 16 KB
6 KB 29ms
7ms Document
text/html 152.199.22.191
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.30.0
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2F8) /
Resource Hash: 688e1a13a6ab7e1a00ca53de2288ddc2abcaedb690040b04803cd22ce9334332

Request headers

:method: GET
:authority: ad-cdn.technoratimedia.com
:scheme: https
:path: /html/usersync.html?src=prebid_prebid_4.30.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://garydemar.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tads_uid=GDPR
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 701
cache-control: max-age=900
content-type: text/html; charset=UTF-8
date: Wed, 12 May 2021 11:21:10 GMT
etag: "41cc-5c10be1c2e300"
expires: Wed, 12 May 2021 11:36:10 GMT
last-modified: Wed, 28 Apr 2021 17:41:00 GMT
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server: ECAcc (frd/E2F8)
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-varnish: 165805332
content-length: 5388

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 99A2 0
0 14ms
12ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://garydemar.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

date: Wed, 12 May 2021 11:21:10 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 0a01e83efb000005b7a3302000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 64e343119dd205b7-FRA

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C4D2 52 KB
17 KB 1776ms
6ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://garydemar.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=1626091424495893470; icu=ChgIlYlLEAoYAiACKAIwofTuhAY4AkACSAIQofTuhAYYAQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 03 May 2021 04:58:05 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 12 May 2021 11:21:12 GMT
Age: 22968
X-Served-By: cache-lga21963-LGA, cache-fra19161-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 193481
X-Timer: S1620818472.422093,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame BA39 52 KB
17 KB 1787ms
6ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://garydemar.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=1626091424495893470; icu=ChgIlYlLEAoYAiACKAIwofTuhAY4AkACSAIQofTuhAYYAQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 03 May 2021 04:58:05 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 12 May 2021 11:21:12 GMT
Age: 22968
X-Served-By: cache-lga21963-LGA, cache-fra19161-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 193482
X-Timer: S1620818472.433702,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 iframe Show response
mantodea.mantisadnetwork.com/prebid/ Frame BB1C 332 B
571 B 118ms
118ms Document
text/html 52.22.66.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1620818465232&secure=true&version=9&uuid=0cc331e4-d8f1-405b-a9b9-2eb57293253a&title=Gary%20DeMar&url=https%3A%2F%2Fgarydemar.com%2F
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.66.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: f3380615c986f6f5e493ac0251aa4780641349a4f1c339cf2d8bad448716bcc5

Request headers

:method: GET
:authority: mantodea.mantisadnetwork.com
:scheme: https
:path: /prebid/iframe?tz=-120&buster=1620818465232&secure=true&version=9&uuid=0cc331e4-d8f1-405b-a9b9-2eb57293253a&title=Gary%20DeMar&url=https%3A%2F%2Fgarydemar.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://garydemar.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

date: Wed, 12 May 2021 11:21:10 GMT
content-type: text/html; charset=utf-8
content-length: 332
x-powered-by: Express
vary: Origin
access-control-allow-credentials: true
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: -1
etag: W/"14c-RejFYze9DUB8+T1jVE7YzMusxTA"

GET
H/1.1 200 Cookie set sync_iframe Show response
sync.bfmio.com/ Frame 7E5E 217 B
548 B 3417ms
95ms Document
text/html 3.228.45.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.bfmio.com/sync_iframe?ifg=1&id=f1e98ef0-7c63-47ca-981a-2dfd2f2feaa9&gdpr=0&gc=&gce=1&us_privacy=
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.45.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a

Request headers

Host: sync.bfmio.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://garydemar.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

Access-Control-Allow-Origin: *
Content-Type: text/html
Date: Wed, 12 May 2021 11:21:13 GMT
Set-Cookie: __io_cid=fc6bae24f6382bc3441d554ab6bcbe5dd9c7af12; Domain=.bfmio.com; Max-Age=31536000; Expires=Thu, 12-May-2022 07:21:14 GMT-0400; Path=/; SameSite=None; Secure
Content-Length: 217
Connection: keep-alive

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 4098 0
0 13ms
13ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://garydemar.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

date: Wed, 12 May 2021 11:21:10 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 0a01e83eff000005b7eebf6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 64e343119ddc05b7-FRA

GET
H/1.1 200
OK userSync.html Show response
in-appadvertising.com/api/ Frame 69D0 5 KB
2 KB 97ms
97ms Document
text/html 169.63.109.126
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://in-appadvertising.com/api/userSync.html?p=-1&s=-1&u=https://garydemar.com/
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.63.109.126 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: nginx/1.0.15 /
Resource Hash: bd746210d6f5a233d28679c0a24e457f790cb1cc3b3e04c04bdcd7b057598496

Request headers

Host: in-appadvertising.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://garydemar.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

Server: nginx/1.0.15
Date: Wed, 12 May 2021 11:21:10 GMT
Content-Type: text/html
Last-Modified: Thu, 04 Feb 2021 20:47:09 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Wed, 12 May 2021 12:21:10 GMT
Cache-Control: max-age=3600
Access-Control-Allow-Origin: *
Content-Encoding: gzip

GET
H/1.1 200 Cookie set sync_iframe Show response
sync.bfmio.com/ Frame 5C09 217 B
548 B 3418ms
97ms Document
text/html 3.228.45.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.bfmio.com/sync_iframe?ifg=1&id=f1e98ef0-7c63-47ca-981a-2dfd2f2feaa9&gdpr=0&gc=&gce=1&us_privacy=
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.45.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a

Request headers

Host: sync.bfmio.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://garydemar.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

Access-Control-Allow-Origin: *
Content-Type: text/html
Date: Wed, 12 May 2021 11:21:13 GMT
Set-Cookie: __io_cid=2b2671535d2f660fdb2bfdfabe6cc0e9bbfa2b42; Domain=.bfmio.com; Max-Age=31536000; Expires=Thu, 12-May-2022 07:21:14 GMT-0400; Path=/; SameSite=None; Secure
Content-Length: 217
Connection: keep-alive

GET
H2 200 iframe Show response
mantodea.mantisadnetwork.com/prebid/ Frame DE5C 332 B
571 B 96ms
96ms Document
text/html 52.22.66.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1620818465728&secure=true&version=9&uuid=0cc331e4-d8f1-405b-a9b9-2eb57293253a&title=Gary%20DeMar&url=https%3A%2F%2Fgarydemar.com%2F
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.66.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: f3380615c986f6f5e493ac0251aa4780641349a4f1c339cf2d8bad448716bcc5

Request headers

:method: GET
:authority: mantodea.mantisadnetwork.com
:scheme: https
:path: /prebid/iframe?tz=-120&buster=1620818465728&secure=true&version=9&uuid=0cc331e4-d8f1-405b-a9b9-2eb57293253a&title=Gary%20DeMar&url=https%3A%2F%2Fgarydemar.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://garydemar.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

date: Wed, 12 May 2021 11:21:10 GMT
content-type: text/html; charset=utf-8
content-length: 332
x-powered-by: Express
vary: Origin
access-control-allow-credentials: true
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: -1
etag: W/"14c-RejFYze9DUB8+T1jVE7YzMusxTA"

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1645 281 B
554 B 7ms
7ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://garydemar.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KOLDGRKS-G-GW8A; rsid=1|GdCqMVQW/e7eWy+6n8k7DE/csJlhLqCtjC1RTpP3Ow50wYWQNGmPQsSdY7jlho/RRR2s2jWpYWSoeROXM2OqBxj7tEAFiUAC4F8vbvGAe05m/Tr8XPABacX4SL/aMTCYHr2Y+hQPaXu0ov5eZw==; ses2=; ses15=; vis2=183890^2; audit=1|naVuGyos1qp8mOclwl4fcivFDs1mPax1RsOjAPR/4NnqCQr5PA/JbXQWEsYCaWMgaNgdOVL2Yy+XEFJOwdW9M7KpUjWTmmg0; vis15=183890^2; pux=2249%3D99588%262307%3D99588%262974%3D99588%263778%3D99588%262249-DV360-Hosted%3D99588%26idl%3D99588%26brx%3D99588%26goog%3D99588%26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 12 May 2021 11:21:10 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 usersync.html Show response
ad-cdn.technoratimedia.com/html/ Frame 3AFC 16 KB
5 KB 21ms
9ms Document
text/html 152.199.22.191
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.30.0
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2F8) /
Resource Hash: 688e1a13a6ab7e1a00ca53de2288ddc2abcaedb690040b04803cd22ce9334332

Request headers

:method: GET
:authority: ad-cdn.technoratimedia.com
:scheme: https
:path: /html/usersync.html?src=prebid_prebid_4.30.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://garydemar.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tads_uid=GDPR
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 701
cache-control: max-age=900
content-type: text/html; charset=UTF-8
date: Wed, 12 May 2021 11:21:10 GMT
etag: "41cc-5c10be1c2e300"
expires: Wed, 12 May 2021 11:36:10 GMT
last-modified: Wed, 28 Apr 2021 17:41:00 GMT
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server: ECAcc (frd/E2F8)
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-varnish: 165805332
content-length: 5388

GET
H/1.1 200
OK userSync.html Show response
in-appadvertising.com/api/ Frame D65F 5 KB
2 KB 185ms
91ms Document
text/html 169.63.109.126
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://in-appadvertising.com/api/userSync.html?p=-1&s=-1&u=https://garydemar.com/
Requested by: Host: cdn.tpdads.com
URL: https://cdn.tpdads.com/publisher-data/garydemar.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.63.109.126 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: nginx/1.0.15 /
Resource Hash: bd746210d6f5a233d28679c0a24e457f790cb1cc3b3e04c04bdcd7b057598496

Request headers

Host: in-appadvertising.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://garydemar.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garydemar.com/

Response headers

Server: nginx/1.0.15
Date: Wed, 12 May 2021 11:21:10 GMT
Content-Type: text/html
Last-Modified: Thu, 04 Feb 2021 20:47:09 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Wed, 12 May 2021 12:21:10 GMT
Cache-Control: max-age=3600
Access-Control-Allow-Origin: *
Content-Encoding: gzip

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2dfe9745-436f-47c1-9cd5-ad3c5115ad8c%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
https://prebid.a-mo.net/setuid?A=2dfe9745-436f-47c1-9cd5-ad3c5115ad8c&D=&bidder=appnexus&uid=1626091424495893470

0
140 B

90ms
90ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=2dfe9745-436f-47c1-9cd5-ad3c5115ad8c&D=&bidder=appnexus&uid=1626091424495893470
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:10 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:10 GMT
X-Proxy-Origin: 159.48.53.232; 159.48.53.232; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.170:80
AN-X-Request-Uuid: 6398575e-ef61-4554-82ed-8fd920221e6d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid.a-mo.net/setuid?A=2dfe9745-436f-47c1-9cd5-ad3c5115ad8c&D=&bidder=appnexus&uid=1626091424495893470
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2dfe9745-436f-47c1-9cd5-ad3c5115ad8c%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2dfe9745-436f-47c1-9cd5-ad3c5115ad8c%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
https://prebid.a-mo.net/setuid?A=2dfe9745-436f-47c1-9cd5-ad3c5115ad8c&D=&bidder=pubmatic&uid=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6

0
119 B

90ms
90ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=2dfe9745-436f-47c1-9cd5-ad3c5115ad8c&D=&bidder=pubmatic&uid=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:10 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy

Redirect headers

Location: https://prebid.a-mo.net/setuid?A=2dfe9745-436f-47c1-9cd5-ad3c5115ad8c&D=&bidder=pubmatic&uid=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6
Date: Wed, 12 May 2021 11:21:11 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

204

verizon_video
prebid.a-mo.net/setuid/
Redirect Chain

https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=2dfe9745-436f-47c1-9cd5-ad3c5115ad8c
https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=2dfe9745-436f-47c1-9cd5-ad3c5115ad8c&apid=UP253fd476-b314-11eb-ba6b-06007d214daa
https://prebid.a-mo.net/setuid/verizon_video?uid=UP253fd476-b314-11eb-ba6b-06007d214daa&gdpr=0&gdpr_consent=

0
123 B

90ms
90ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/verizon_video?uid=UP253fd476-b314-11eb-ba6b-06007d214daa&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:10 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy

Redirect headers

Date: Wed, 12 May 2021 11:21:11 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://prebid.a-mo.net/setuid/verizon_video?uid=UP253fd476-b314-11eb-ba6b-06007d214daa&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2dfe9745-436f-47c1-9cd5-ad3c5115ad8c%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2dfe9745-436f-47c1-9cd5-ad3c5115ad8c%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://prebid.a-mo.net/setuid?A=2dfe9745-436f-47c1-9cd5-ad3c5115ad8c&D=&bidder=sovrn&uid=551f214718c7774a4261473f

0
141 B

91ms
91ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=2dfe9745-436f-47c1-9cd5-ad3c5115ad8c&D=&bidder=sovrn&uid=551f214718c7774a4261473f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:11 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy

Redirect headers

Date: Wed, 12 May 2021 11:21:11 GMT
Server: nginx
Location: https://prebid.a-mo.net/setuid?A=2dfe9745-436f-47c1-9cd5-ad3c5115ad8c&D=&bidder=sovrn&uid=551f214718c7774a4261473f
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2dfe9745-436f-47c1-9cd5-ad3c5115ad8c%26D%3D%26bidder%3Dindex_rtb%26uid%3D
https://prebid.a-mo.net/setuid?A=2dfe9745-436f-47c1-9cd5-ad3c5115ad8c&D=&bidder=index_rtb&uid=YJu6IvRXwsi6g5kJoJsNzAAA%261165

0
114 B

90ms
90ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=2dfe9745-436f-47c1-9cd5-ad3c5115ad8c&D=&bidder=index_rtb&uid=YJu6IvRXwsi6g5kJoJsNzAAA%261165
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:10 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:11 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://prebid.a-mo.net/setuid?A=2dfe9745-436f-47c1-9cd5-ad3c5115ad8c&D=&bidder=index_rtb&uid=YJu6IvRXwsi6g5kJoJsNzAAA%261165
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 321
Expires: Wed, 12 May 2021 11:21:11 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1645 30 KB
9 KB 8ms
7ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: dc768aa956cc3e7c9c11f91c45b70c8ee63ef9ee80249f762c37397085c70b94

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 21:43:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=19340
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9238
Expires: Wed, 12 May 2021 16:43:30 GMT

GET
H/1.1 200
OK date.js Show response
in-appadvertising.com/t/ Frame 69D0 28 B
718 B 176ms
92ms Script
application/javascript 169.63.109.126
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://in-appadvertising.com/t/date.js
Requested by: Host: in-appadvertising.com
URL: https://in-appadvertising.com/api/userSync.html?p=-1&s=-1&u=https://garydemar.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.63.109.126 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: 771ee5e8f64ad490f015fcd79047851899996caf7f36c8998311a538393219ae

Request headers

Referer: https://in-appadvertising.com/api/userSync.html?p=-1&s=-1&u=https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 May 2021 11:21:10 GMT
Server: nginx/1.19.4
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Cache-Control: private, max-age=31536000
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With
Expires: Thu, 12 May 2022 11:21:10 GMT

GET
H/1.1 200
OK dloc Show response
in-appadvertising.com/ut/ Frame 69D0 22 B
455 B 308ms
132ms Script
application/javascript 169.63.109.126
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://in-appadvertising.com/ut/dloc
Requested by: Host: in-appadvertising.com
URL: https://in-appadvertising.com/api/userSync.html?p=-1&s=-1&u=https://garydemar.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.63.109.126 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: 163920f59b2eb1f006c82f03728f40a910936393deecbbb516fca7f79a11d0dd

Request headers

Referer: https://in-appadvertising.com/api/userSync.html?p=-1&s=-1&u=https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:10 GMT
Content-Encoding: gzip
Server: nginx/1.19.4
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,OPTIONS,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With
Expires: 0

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame DE5C 23 KB
9 KB 7ms
7ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1620818465728&secure=true&version=9&uuid=0cc331e4-d8f1-405b-a9b9-2eb57293253a&title=Gary%20DeMar&url=https%3A%2F%2Fgarydemar.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:10 GMT
content-encoding: gzip
etag: "9iaPKZLFg6XYoMRMhilE8g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 19 May 2021 11:21:10 GMT

GET
H2

200

query
ecs.mantisadnetwork.com/sync/pixel/ Frame DE5C
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=edbb1adf-a410-4e9c-9562-b671118e78f5

35 B
152 B

118ms
109ms

Image
image/gif

52.22.66.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=edbb1adf-a410-4e9c-9562-b671118e78f5
Requested by: Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1620818465728&secure=true&version=9&uuid=0cc331e4-d8f1-405b-a9b9-2eb57293253a&title=Gary%20DeMar&url=https%3A%2F%2Fgarydemar.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.66.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:10 GMT
x-powered-by: Express
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:10 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=edbb1adf-a410-4e9c-9562-b671118e78f5
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 241

GET
H2 200 rules-p-8p-p7hkcWNjJm.js Show response
rules.quantcount.com/ Frame DE5C 3 B
428 B 15ms
15ms Script
application/javascript 2600:9000:2190:5a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-8p-p7hkcWNjJm.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:28:01 GMT
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
age: 28391
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:14:17 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: Bgw_qoHDCi0wizX1jkVZs2F-9qG_ulxZes3C5m0-ylhkmWye31Z4eA==

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame BB1C 23 KB
9 KB 8ms
7ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1620818465232&secure=true&version=9&uuid=0cc331e4-d8f1-405b-a9b9-2eb57293253a&title=Gary%20DeMar&url=https%3A%2F%2Fgarydemar.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:10 GMT
content-encoding: gzip
etag: "9iaPKZLFg6XYoMRMhilE8g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 19 May 2021 11:21:10 GMT

GET
H2

200

query
ecs.mantisadnetwork.com/sync/pixel/ Frame BB1C
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=edbb1adf-a410-4e9c-9562-b671118e78f5

35 B
152 B

112ms
112ms

Image
image/gif

52.22.66.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=edbb1adf-a410-4e9c-9562-b671118e78f5
Requested by: Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1620818465232&secure=true&version=9&uuid=0cc331e4-d8f1-405b-a9b9-2eb57293253a&title=Gary%20DeMar&url=https%3A%2F%2Fgarydemar.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.66.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:10 GMT
x-powered-by: Express
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:10 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=edbb1adf-a410-4e9c-9562-b671118e78f5
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 241

GET
H2 200 rules-p-8p-p7hkcWNjJm.js Show response
rules.quantcount.com/ Frame BB1C 3 B
430 B 12ms
11ms Script
application/javascript 2600:9000:2190:5a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-8p-p7hkcWNjJm.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:28:01 GMT
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
age: 28391
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:14:17 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: gYLNqn4JpuEuQNieRMBF3zlNN-tdEfTgEw4Z0hEGLSVjaOpa9cEMJQ==

GET
H2 200 pixel;r=1578089644;labels=property.5d14f0c63bb9c40007c8a737;rf=0;a=p-8p-p7hkcWNjJm;url=https%3A%2F%2Fmantodea.mantisadnetwork.com%2Fprebid%2Fiframe%3Ftz%3D-120%26buster%3D1620818465728%26secure%3Dt...
pixel.quantserve.com/ Frame DE5C 35 B
210 B 9ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1578089644;labels=property.5d14f0c63bb9c40007c8a737;rf=0;a=p-8p-p7hkcWNjJm;url=https%3A%2F%2Fmantodea.mantisadnetwork.com%2Fprebid%2Fiframe%3Ftz%3D-120%26buster%3D1620818465728%26secure%3Dtrue%26version%3D9%26uuid%3D0cc331e4-d8f1-405b-a9b9-2eb57293253a%26title%3DGary%2520DeMar%26url%3Dhttps%253A%252F%252Fgarydemar.com%252F;ref=https%3A%2F%2Fgarydemar.com%2F;uht=2;fpan=1;fpa=P0-732355218-1620818470793;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;d=mantodea.mantisadnetwork.com;je=0;sr=1600x1200x24;dst=1;et=1620818470793;tzo=-120;ogl=

Requested by

Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1620818465728&secure=true&version=9&uuid=0cc331e4-d8f1-405b-a9b9-2eb57293253a&title=Gary%20DeMar&url=https%3A%2F%2Fgarydemar.com%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:10 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=341283936;labels=property.5d14f0c63bb9c40007c8a737;rf=0;a=p-8p-p7hkcWNjJm;url=https%3A%2F%2Fmantodea.mantisadnetwork.com%2Fprebid%2Fiframe%3Ftz%3D-120%26buster%3D1620818465232%26secure%3Dtr...
pixel.quantserve.com/ Frame BB1C 35 B
210 B 9ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=341283936;labels=property.5d14f0c63bb9c40007c8a737;rf=0;a=p-8p-p7hkcWNjJm;url=https%3A%2F%2Fmantodea.mantisadnetwork.com%2Fprebid%2Fiframe%3Ftz%3D-120%26buster%3D1620818465232%26secure%3Dtrue%26version%3D9%26uuid%3D0cc331e4-d8f1-405b-a9b9-2eb57293253a%26title%3DGary%2520DeMar%26url%3Dhttps%253A%252F%252Fgarydemar.com%252F;ref=https%3A%2F%2Fgarydemar.com%2F;uht=2;fpan=1;fpa=P0-777727133-1620818470802;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;d=mantodea.mantisadnetwork.com;je=0;sr=1600x1200x24;dst=1;et=1620818470802;tzo=-120;ogl=

Requested by

Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1620818465232&secure=true&version=9&uuid=0cc331e4-d8f1-405b-a9b9-2eb57293253a&title=Gary%20DeMar&url=https%3A%2F%2Fgarydemar.com%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:10 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK date.js Show response
in-appadvertising.com/t/ Frame D65F 28 B
718 B 185ms
93ms Script
application/javascript 169.63.109.126
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://in-appadvertising.com/t/date.js
Requested by: Host: in-appadvertising.com
URL: https://in-appadvertising.com/api/userSync.html?p=-1&s=-1&u=https://garydemar.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.63.109.126 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: 98b2f934d200cabd982c4e3424573139f39f9087f5f05f831a556f1c018b6981

Request headers

Referer: https://in-appadvertising.com/api/userSync.html?p=-1&s=-1&u=https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 May 2021 11:21:10 GMT
Server: nginx/1.19.4
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Cache-Control: private, max-age=31536000
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With
Expires: Thu, 12 May 2022 11:21:10 GMT

GET
H/1.1 200
OK dloc Show response
in-appadvertising.com/ut/ Frame D65F 22 B
455 B 243ms
139ms Script
application/javascript 169.63.109.126
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://in-appadvertising.com/ut/dloc
Requested by: Host: in-appadvertising.com
URL: https://in-appadvertising.com/api/userSync.html?p=-1&s=-1&u=https://garydemar.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.63.109.126 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: 163920f59b2eb1f006c82f03728f40a910936393deecbbb516fca7f79a11d0dd

Request headers

Referer: https://in-appadvertising.com/api/userSync.html?p=-1&s=-1&u=https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:11 GMT
Content-Encoding: gzip
Server: nginx/1.19.4
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,OPTIONS,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With
Expires: 0

GET
H2 200 lightXButton.png
cdn.tpdads.com/images/ 2 KB
2 KB 9ms
9ms Image
image/png 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tpdads.com/images/lightXButton.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3341801f6d6cb3841e2a1da80d1724ad38a15d0ccfb5f170be2bba85bd6c0352

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:10 GMT
last-modified: Thu, 19 Dec 2019 18:55:34 GMT
server: AkamaiNetStorage
etag: "bb05a0102233c6d2db7911c603e45b1c:1576781734.32679"
content-type: image/png
cache-control: max-age=342810
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 2048
expires: Sun, 16 May 2021 10:34:40 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
1 KB 95ms
95ms XHR
application/json 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=360&height=202&pubid=169497&tagid=953497&crid=5558925&noaop=3&sortOrderType=0&cb=1620818470998&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1225&pt=1893674285&tz=120&viewable=true&ddast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2047445&dpubid=191877&abtst=206725b_vA!206725b_vA!adh5c-1_vA!insc_vA!nrlc_vA!rvf1_vA!spa2_vA!ul90398-358_vB&mPre=0.033&cirf=https%3A%2F%2Fgarydemar.com&en=1&subu=4
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.5/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 331183264776467eefe453841610de92211eaa2d65aadb15e93940247b8bbb4e

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

date: Wed, 12 May 2021 11:21:11 GMT
content-encoding: gzip
access-control-allow-origin: https://garydemar.com
machineid: 1420
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra19133-FRA
pragma: no-cache
server: nginx
x-timer: S1620818471.000658,VS0,VE89
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

204
No Content

us Show response
in-appadvertising.com/ut/ Frame 69D0
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=111&redir=https%3A%2F%2Fin-appadvertising.com%2Fut%2Fus%3Fv%3D2%26trint%3Dgkg3k(o42%26usr%3D%7BuserId%7D
https://in-appadvertising.com/ut/us?v=2&trint=gkg3k(o42&usr=9cfa26ba-9ab7-49c8-bbf4-90209daf48ca-609bba26-5553

0
299 B

98ms
98ms

Script
text/plain

169.63.109.126
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://in-appadvertising.com/ut/us?v=2&trint=gkg3k(o42&usr=9cfa26ba-9ab7-49c8-bbf4-90209daf48ca-609bba26-5553
Requested by: Host: in-appadvertising.com
URL: https://in-appadvertising.com/api/userSync.html?p=-1&s=-1&u=https://garydemar.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.63.109.126 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://in-appadvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:11 GMT
Server: nginx/1.19.4
Access-Control-Allow-Methods: GET,OPTIONS,POST
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:10 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://in-appadvertising.com/ut/us?v=2&trint=gkg3k(o42&usr=9cfa26ba-9ab7-49c8-bbf4-90209daf48ca-609bba26-5553
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7078 8 KB
3 KB 30ms
13ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159543&userIdMacro=PM_UID&&predirect=https%3A%2F%2Fin-appadvertising.com%2Fut%2Fus%3Fv%3D6%26trint%3Dgkg3k(o42%26usr%3DPM_UID
Requested by: Host: in-appadvertising.com
URL: https://in-appadvertising.com/api/userSync.html?p=-1&s=-1&u=https://garydemar.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://in-appadvertising.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://in-appadvertising.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=53812
Expires: Thu, 13 May 2021 02:18:03 GMT
Date: Wed, 12 May 2021 11:21:11 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/159543/3258/ Frame 69D0 284 KB
87 KB 30ms
12ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/159543/3258/pwt.js
Requested by: Host: in-appadvertising.com
URL: https://in-appadvertising.com/api/userSync.html?p=-1&s=-1&u=https://garydemar.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ce2a25fe5920db9f54fbf945677d938b0976ffaa1c2ebc5dd16d214726167f95

Request headers

Referer: https://in-appadvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Feb 2021 21:24:25 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "11c0e4f-471b5-5bad9cb5895b3"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=28048
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 88540
Expires: Wed, 12 May 2021 19:08:39 GMT

GET
H/1.1

204
No Content

us Show response
in-appadvertising.com/ut/ Frame D65F
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=111&redir=https%3A%2F%2Fin-appadvertising.com%2Fut%2Fus%3Fv%3D2%26trint%3Dekg3k(o6H%26usr%3D%7BuserId%7D
https://in-appadvertising.com/ut/us?v=2&trint=ekg3k(o6H&usr=9cfa26ba-9ab7-49c8-bbf4-90209daf48ca-609bba26-5553

0
299 B

91ms
91ms

Script
text/plain

169.63.109.126
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://in-appadvertising.com/ut/us?v=2&trint=ekg3k(o6H&usr=9cfa26ba-9ab7-49c8-bbf4-90209daf48ca-609bba26-5553
Requested by: Host: in-appadvertising.com
URL: https://in-appadvertising.com/api/userSync.html?p=-1&s=-1&u=https://garydemar.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.63.109.126 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://in-appadvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:11 GMT
Server: nginx/1.19.4
Access-Control-Allow-Methods: GET,OPTIONS,POST
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:10 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://in-appadvertising.com/ut/us?v=2&trint=ekg3k(o6H&usr=9cfa26ba-9ab7-49c8-bbf4-90209daf48ca-609bba26-5553
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5495 8 KB
3 KB 11ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159543&userIdMacro=PM_UID&&predirect=https%3A%2F%2Fin-appadvertising.com%2Fut%2Fus%3Fv%3D6%26trint%3Dekg3k(o6H%26usr%3DPM_UID
Requested by: Host: in-appadvertising.com
URL: https://in-appadvertising.com/api/userSync.html?p=-1&s=-1&u=https://garydemar.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://in-appadvertising.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://in-appadvertising.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=53812
Expires: Thu, 13 May 2021 02:18:03 GMT
Date: Wed, 12 May 2021 11:21:11 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/159543/3258/ Frame D65F 284 KB
87 KB 20ms
7ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/159543/3258/pwt.js
Requested by: Host: in-appadvertising.com
URL: https://in-appadvertising.com/api/userSync.html?p=-1&s=-1&u=https://garydemar.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ce2a25fe5920db9f54fbf945677d938b0976ffaa1c2ebc5dd16d214726167f95

Request headers

Referer: https://in-appadvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Feb 2021 21:24:25 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "11c0e4f-471b5-5bad9cb5895b3"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=28048
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 88540
Expires: Wed, 12 May 2021 19:08:39 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame E4BF 38 KB
14 KB 10ms
8ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159543&userIdMacro=PM_UID&&predirect=https%3A%2F%2Fin-appadvertising.com%2Fut%2Fus%3Fv%3D6%26trint%3Dgkg3k(o42%26usr%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159543&userIdMacro=PM_UID&&predirect=https%3A%2F%2Fin-appadvertising.com%2Fut%2Fus%3Fv%3D6%26trint%3Dgkg3k(o42%26usr%3DPM_UID
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159543&userIdMacro=PM_UID&&predirect=https%3A%2F%2Fin-appadvertising.com%2Fut%2Fus%3Fv%3D6%26trint%3Dgkg3k(o42%26usr%3DPM_UID

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=69193
Expires: Thu, 13 May 2021 06:34:24 GMT
Date: Wed, 12 May 2021 11:21:11 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 4F0A 38 KB
14 KB 13ms
13ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159543&userIdMacro=PM_UID&&predirect=https%3A%2F%2Fin-appadvertising.com%2Fut%2Fus%3Fv%3D6%26trint%3Dekg3k(o6H%26usr%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159543&userIdMacro=PM_UID&&predirect=https%3A%2F%2Fin-appadvertising.com%2Fut%2Fus%3Fv%3D6%26trint%3Dekg3k(o6H%26usr%3DPM_UID
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159543&userIdMacro=PM_UID&&predirect=https%3A%2F%2Fin-appadvertising.com%2Fut%2Fus%3Fv%3D6%26trint%3Dekg3k(o6H%26usr%3DPM_UID

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=69193
Expires: Thu, 13 May 2021 06:34:24 GMT
Date: Wed, 12 May 2021 11:21:11 GMT
Connection: keep-alive
Vary: Accept-Encoding

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 67ms
23ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgarydemar.com%2F&domain=in-appadvertising.com&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://in-appadvertising.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://in-appadvertising.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1545
date: Wed, 12 May 2021 11:21:11 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 69D0
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgarydemar.com%2F&domain=in-appadvertising.com&cw=1
https://mug.criteo.com/sid?cpp=yRfU33xlai9Fd3BGZnMrYVpySlpTTWhiOFMzYWxFVmlWYUNtTDFWaDdNdmJ0eXhHWGtEejdXd3hRZDFGeU8xQVI3cXo5WitidFdaQzVwVkx2bHZCeGlQbk1xUkJNdWlrb2FGZTVhNnhWekF1Y1FXaEY0dEFGNG5yd0ZaZC...

408 B
673 B

40ms
15ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=yRfU33xlai9Fd3BGZnMrYVpySlpTTWhiOFMzYWxFVmlWYUNtTDFWaDdNdmJ0eXhHWGtEejdXd3hRZDFGeU8xQVI3cXo5WitidFdaQzVwVkx2bHZCeGlQbk1xUkJNdWlrb2FGZTVhNnhWekF1Y1FXaEY0dEFGNG5yd0ZaZC9vdERwTzUxc2FpT1A3cm1VcjBDSEdzd2tLcDltWWw3Vno3WnVwMGJ5Nm9rVWJ4bUo1WkxmVytmTEhGZHRjWVY2TmY5WjI1VEFyMk5ZS0FEakZ6b05LMlZHUDA5aStKTS9tRlgwM1FxamdJc09ub1BsQzVFWUZ3REgrbE1sbHJHS2ZUWHg5ZG5DR21mSzBKaHYra0x2b0l1UExPaFZ3bUR1N21naDBDcDBReDVkTnA4UmZmND18&cppv=2

Requested by

Host: in-appadvertising.com
URL: https://in-appadvertising.com/api/userSync.html?p=-1&s=-1&u=https://garydemar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

29220abfb0b23ebaa90458cd0e36f7a8a082ee4e9d083b34d2ec54dfd6b5cdf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://in-appadvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 12 May 2021 11:21:15 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2927
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 12 May 2021 11:21:10 GMT
location: https://mug.criteo.com/sid?cpp=yRfU33xlai9Fd3BGZnMrYVpySlpTTWhiOFMzYWxFVmlWYUNtTDFWaDdNdmJ0eXhHWGtEejdXd3hRZDFGeU8xQVI3cXo5WitidFdaQzVwVkx2bHZCeGlQbk1xUkJNdWlrb2FGZTVhNnhWekF1Y1FXaEY0dEFGNG5yd0ZaZC9vdERwTzUxc2FpT1A3cm1VcjBDSEdzd2tLcDltWWw3Vno3WnVwMGJ5Nm9rVWJ4bUo1WkxmVytmTEhGZHRjWVY2TmY5WjI1VEFyMk5ZS0FEakZ6b05LMlZHUDA5aStKTS9tRlgwM1FxamdJc09ub1BsQzVFWUZ3REgrbE1sbHJHS2ZUWHg5ZG5DR21mSzBKaHYra0x2b0l1UExPaFZ3bUR1N21naDBDcDBReDVkTnA4UmZmND18&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://in-appadvertising.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1777
content-length: 567
expires: 0

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame E4BF 6 KB
6 KB 54ms
18ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=95796035&p=159543&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 3cc53569e7f55c189de60d1d29144599bfd216a7bc377ffbe52c8ac354e29d12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:11 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 28ms
22ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgarydemar.com%2F&domain=in-appadvertising.com&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://in-appadvertising.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://in-appadvertising.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1385
date: Wed, 12 May 2021 11:21:10 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame D65F
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgarydemar.com%2F&domain=in-appadvertising.com&cw=1
https://mug.criteo.com/sid?cpp=2D5xTXxUMktTUWRtWEhINFlxKzRYQ3lXSXVQZ0FtMm9YWHlSMC9uYjRHRHVsTkdVTmNMSmZEQXZzbXZqdU9XVkRJUWlUOHZrTGRlci9ZTFlzcXhhZ1JQTGxBKzBQQ1c0SGdLdkJWSmR0ZEpnQXEwNGYyblFiR21oamRXQW...

425 B
682 B

41ms
15ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=2D5xTXxUMktTUWRtWEhINFlxKzRYQ3lXSXVQZ0FtMm9YWHlSMC9uYjRHRHVsTkdVTmNMSmZEQXZzbXZqdU9XVkRJUWlUOHZrTGRlci9ZTFlzcXhhZ1JQTGxBKzBQQ1c0SGdLdkJWSmR0ZEpnQXEwNGYyblFiR21oamRXQWFlZytBUURNNkc5dzF1UkNiMzZxSGhRUTBpaUpqT1MvUmtEUkNwZVladERPUEdWZlJ3R2QwSDB1TjF2Mm9hdVUxM2dJUmFzam11Zms5c2gzT3lsdzIzZmxLVGVNNVA4Y0ZTWGE3Sm1jbW80NlRnLzZCa2dOZDhHVXFzMGtOL0F0T05GVWFyV0oyejJINjRFOUhoeitWbkxvcmo4dEdvMWgwVndZL3RNMjM0Q1BOdHROYTIxOD18&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

3b97286afaba44e459fdc0a143070948b5a1e0c9d67d1eb580597cb1b046dbd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://in-appadvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 12 May 2021 11:21:15 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3324
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 12 May 2021 11:21:11 GMT
location: https://mug.criteo.com/sid?cpp=2D5xTXxUMktTUWRtWEhINFlxKzRYQ3lXSXVQZ0FtMm9YWHlSMC9uYjRHRHVsTkdVTmNMSmZEQXZzbXZqdU9XVkRJUWlUOHZrTGRlci9ZTFlzcXhhZ1JQTGxBKzBQQ1c0SGdLdkJWSmR0ZEpnQXEwNGYyblFiR21oamRXQWFlZytBUURNNkc5dzF1UkNiMzZxSGhRUTBpaUpqT1MvUmtEUkNwZVladERPUEdWZlJ3R2QwSDB1TjF2Mm9hdVUxM2dJUmFzam11Zms5c2gzT3lsdzIzZmxLVGVNNVA4Y0ZTWGE3Sm1jbW80NlRnLzZCa2dOZDhHVXFzMGtOL0F0T05GVWFyV0oyejJINjRFOUhoeitWbkxvcmo4dEdvMWgwVndZL3RNMjM0Q1BOdHROYTIxOD18&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://in-appadvertising.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1891
content-length: 567
expires: 0

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6A82
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=

42 B
505 B

1079ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6; chkChromeAb67Sec=1; DPSync3=1621987200%3A201_227_226_221; SyncRTB3=1621641600%3A63%7C1623369600%3A203%7C1622073600%3A35%7C1621987200%3A189_99_204_3_176_54_166_55_81_88_231_220_22_165_230_7_71_8_13_56_161_234_21%7C1621382400%3A67_223_2_15
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Wed, 12 May 2021 11:21:10 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 10-Aug-2021 11:21:10 GMT; path=/
X-lat: amspug008:0:256
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
expires: Wed, 12 May 2021 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 4517
x-powered-by: ASP.NET
date: Wed, 12 May 2021 11:21:11 GMT
content-length: 205

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 9DB9
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3286743539914541343

42 B
769 B

137ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3286743539914541343
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6; chkChromeAb67Sec=1; DPSync3=1621987200%3A201_227_226_221; SyncRTB3=1621641600%3A63%7C1623369600%3A203%7C1622073600%3A35%7C1621987200%3A189_99_204_3_176_54_166_55_81_88_231_220_22_165_230_7_71_8_13_56_161_234_21%7C1621382400%3A67_223_2_15
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Wed, 12 May 2021 11:21:11 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-3286743539914541343; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 11-Jun-2021 11:21:11 GMT; path=/ PugT=1620818471; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 11-Jun-2021 11:21:11 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 10-Aug-2021 11:21:11 GMT; path=/
X-lat: lhrpug010:0:328
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3286743539914541343
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame EA9F
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961362325721512080

42 B
771 B

342ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961362325721512080
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6; chkChromeAb67Sec=1; DPSync3=1621987200%3A201_227_226_221; SyncRTB3=1621641600%3A63%7C1623369600%3A203%7C1622073600%3A35%7C1621987200%3A189_99_204_3_176_54_166_55_81_88_231_220_22_165_230_7_71_8_13_56_161_234_21%7C1621382400%3A67_223_2_15; KRTBCOOKIE_409=22966-vgZke26FDg7zV9XiLdorWyzJ; PugT=1620818471; PUBMDCID=3; KRTBCOOKIE_336=5844-3286743539914541343; KTPCACOOKIE=true; KRTBCOOKIE_153=19420-S9DSkR-B2cNQgt3KStHGkBiCipJQhtiRGdWX2amm&KRTB&22979-S9DSkR-B2cNQgt3KStHGkBiCipJQhtiRGdWX2amm; KRTBCOOKIE_57=22776-1626091424495893470; KRTBCOOKIE_80=16514-CAESELT8Bm6bxLrR-_prX7ZM44k&KRTB&22987-CAESELT8Bm6bxLrR-_prX7ZM44k&KRTB&23025-CAESELT8Bm6bxLrR-_prX7ZM44k; KRTBCOOKIE_188=3189-9cfa26ba-9ab7-49c8-bbf4-90209daf48ca-609bba26-5553; SPugT=1620814138
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Wed, 12 May 2021 11:21:10 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_1101=23040-6961362325721512080; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 11-Jun-2021 11:21:10 GMT; path=/ PugT=1620818470; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 11-Jun-2021 11:21:10 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 10-Aug-2021 11:21:10 GMT; path=/
X-lat: amspug020:0:687
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Wed, 12 May 2021 11:21:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6961362325721512080; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961362325721512080

GET
H/1.1

200
OK

redir Show response
rtb-csync.smartadserver.com/ Frame 1ACD
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJMUswN0JOM1FBQUN6TVZKQWZydw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJMUswN0JOM1FBQUN6TVZKQWZydw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAI1K07BN3QAACzMVJAfrw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAI1K07BN3QAACzMVJAfrw&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAI1K07BN3QAACzMVJAfrw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...

43 B
163 B

25ms
24ms

Document
image/gif

185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAI1K07BN3QAACzMVJAfrw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host: rtb-csync.smartadserver.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Wed, 12 May 2021 11:21:13 GMT
content-type: image/gif
transfer-encoding: chunked

Redirect headers

Date: Wed, 12 May 2021 11:21:14 GMT
location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAI1K07BN3QAACzMVJAfrw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame C855 43 B
408 B 2798ms
13ms Document
image/gif 173.231.181.122
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Wed, 12 May 2021 11:21:14 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-3
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0ABF
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

0
411 B

14ms
14ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: PUBMDCID=3; KRTBCOOKIE_1101=23040-6961362325721512080; KRTBCOOKIE_1235=23226-a382a870-2c60-4997-883f-e1840c999caf-tuct7953fa0:$UID; KRTBCOOKIE_218=22978-YJu6IgAA8ROL1gA4&KRTB&23194-YJu6IgAA8ROL1gA4&KRTB&23209-YJu6IgAA8ROL1gA4&KRTB&23244-YJu6IgAA8ROL1gA4; KRTBCOOKIE_27=16735-uid:fdb7609b-ba23-4800-b75a-f11636779b99&KRTB&16736-uid:fdb7609b-ba23-4800-b75a-f11636779b99&KRTB&23019-uid:fdb7609b-ba23-4800-b75a-f11636779b99&KRTB&23114-uid:fdb7609b-ba23-4800-b75a-f11636779b99; KRTBCOOKIE_22=14911-2737028165033390562; KRTBCOOKIE_1074=22956-e_e15125bd-8100-497a-a6bf-0baf597d46bc; KRTBCOOKIE_377=6810-edbb1adf-a410-4e9c-9562-b671118e78f5&KRTB&22918-edbb1adf-a410-4e9c-9562-b671118e78f5&KRTB&23031-edbb1adf-a410-4e9c-9562-b671118e78f5; PugT=1620818470
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Wed, 12 May 2021 11:21:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-lat: amspug019:2:209
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Encoding: gzip

Redirect headers

set-cookie: viewer_token=8f482bf5-c707-420c-8a2a-474cf467fe2b; path=/; domain=csync.loopme.me; Expires=Sat, 12-Jun-2021 11:21:14 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length: 0
date: Wed, 12 May 2021 11:21:14 GMT
server: _

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame C6B5
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5294794443
https://sync.1rx.io/usersync/tradedesk/536422bc-387f-41da-abf9-4111a0c1e8a4
https://sync.targeting.unrulymedia.com/csync/RX-7df12ed4-f03f-4b73-81a1-e5ab6d2c6977-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7df12ed4-f03f-4b73-81a1-e5ab6d2c6977-003

42 B
849 B

13ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7df12ed4-f03f-4b73-81a1-e5ab6d2c6977-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Wed, 12 May 2021 11:21:14 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_594=17105-RX-7df12ed4-f03f-4b73-81a1-e5ab6d2c6977-003&KRTB&17107-RX-7df12ed4-f03f-4b73-81a1-e5ab6d2c6977-003; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 10-Aug-2021 11:21:14 GMT; path=/ PugT=1620818474; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 11-Jun-2021 11:21:14 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 10-Aug-2021 11:21:14 GMT; path=/
X-lat: amspug001:0:378
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Wed, 12 May 2021 11:21:15 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-7df12ed4-f03f-4b73-81a1-e5ab6d2c6977-003%22%7D; path=/; expires=Thu, 12 May 2022 11:21:15 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7df12ed4-f03f-4b73-81a1-e5ab6d2c6977-003
etag: RX7df12ed4f03f4b7381a1e5ab6d2c6977003

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 76BB
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=vgZke26FDg7zV9XiLdorWyzJ

42 B
775 B

434ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=vgZke26FDg7zV9XiLdorWyzJ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6; chkChromeAb67Sec=1; DPSync3=1621987200%3A201_227_226_221; SyncRTB3=1621641600%3A63%7C1623369600%3A203%7C1622073600%3A35%7C1621987200%3A189_99_204_3_176_54_166_55_81_88_231_220_22_165_230_7_71_8_13_56_161_234_21%7C1621382400%3A67_223_2_15
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Wed, 12 May 2021 11:21:11 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_409=22966-vgZke26FDg7zV9XiLdorWyzJ; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 11-Jun-2021 11:21:11 GMT; path=/ PugT=1620818471; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 11-Jun-2021 11:21:11 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 10-Aug-2021 11:21:11 GMT; path=/
X-lat: lhrpug009:0:514
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: openresty
date: Wed, 12 May 2021 11:21:11 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=vgZke26FDg7zV9XiLdorWyzJ; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=vgZke26FDg7zV9XiLdorWyzJ
strict-transport-security: max-age=0; includeSubDomains;

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame 3BC0 42 B
992 B 51ms
26ms Document
image/gif 2606:4700:3039::6815:c038
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c038 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Wed, 12 May 2021 11:21:11 GMT
content-type: image/gif
content-length: 42
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0a01e84157000097e4aab4a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64e343155da597e4-FRA

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 7B11
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
446 B

174ms
165ms

Document
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=ahnoeUm5abnAyuoETMB9xpXWuZbUtX6ZbHZcZa1k2l9J
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Wed, 12 May 2021 11:21:11 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aOnseFSyZaRGRT8vnQXv1JeZdCfUfZcxgtI5pRUm7crsZckrjfSrYQIsZcTMXdAbkI0qoNZcynFBWZbAHXW7IuKxO1g; path=/; domain=.tribalfusion.com; expires=Tue, 10-Aug-2021 11:21:11 GMT; SameSite=None; Secure; ANON_ID_old=aOnseFSyZaRGRT8vnQXv1JeZdCfUfZcxgtI5pRUm7crsZckrjfSrYQIsZcTMXdAbkI0qoNZcynFBWZbAHXW7IuKxO1g; path=/; domain=.tribalfusion.com; expires=Tue, 10-Aug-2021 11:21:11 GMT;
cf-cache-status: DYNAMIC
cf-request-id: 0a01e8421b000005c4d60ab000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64e343169ea605c4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Wed, 12 May 2021 11:21:11 GMT
content-type: text/html
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 4851
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=ahnoeUm5abnAyuoETMB9xpXWuZbUtX6ZbHZcZa1k2l9J; path=/; domain=.tribalfusion.com; expires=Tue, 10-Aug-2021 11:21:11 GMT; SameSite=None; Secure; ANON_ID_old=ahnoeUm5abnAyuoETMB9xpXWuZbUtX6ZbHZcZa1k2l9J; path=/; domain=.tribalfusion.com; expires=Tue, 10-Aug-2021 11:21:11 GMT;
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 0a01e84158000005c4d6098000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64e343155be705c4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 80FB
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=F1jC7PpJWa0w&pid=557219

1 B
463 B

1007ms
13ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=F1jC7PpJWa0w&pid=557219
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6; chkChromeAb67Sec=1; DPSync3=1621987200%3A201_227_226_221; SyncRTB3=1621641600%3A63%7C1623369600%3A203%7C1622073600%3A35%7C1621987200%3A189_99_204_3_176_54_166_55_81_88_231_220_22_165_230_7_71_8_13_56_161_234_21%7C1621382400%3A67_223_2_15
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Wed, 12 May 2021 11:21:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1
Connection: keep-alive
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 10-Aug-2021 11:21:10 GMT; path=/
X-lat: amspug002:0:340
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-stage-0
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=F1jC7PpJWa0w&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 1835 0
44 B 3332ms
102ms Document
text/plain 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.deepintent.com
:scheme: https
:path: /usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Wed, 12 May 2021 11:21:13 GMT
server: b

GET
H/1.1 204
No Content us
in-appadvertising.com/ut/ Frame EB89 0
0 100ms
98ms Document
text/plain 169.63.109.126
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://in-appadvertising.com/ut/us?v=6&trint=gkg3k(o42&usr=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.63.109.126 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash

Request headers

Host: in-appadvertising.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: TR_INT_T=ekg3k(o6H
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx/1.19.4
Date: Wed, 12 May 2021 11:21:11 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,OPTIONS,POST
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With
Expires: 0
Pragma: no-cache
Cache-Control: no-cache

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E4BF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XBpYkY4OQnK9rvb9y7309g%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

4278ms
7ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=53808
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Thu, 13 May 2021 02:18:03 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame E4BF 95 B
305 B 47ms
39ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 64e343153f1664fd-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a01e84144000064fd2409a000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame E4BF
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

29ms
28ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Hjørring, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:10 GMT
frontend-id: 12
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:10 GMT
frontend-id: 4
location: /pubmatic/1/info2?sType=sync&sExtCookieId=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame E4BF
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6&addseg=11,34,40

7 B
147 B

48ms
14ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6&addseg=11,34,40
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:14 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Wed, 12 May 2021 11:21:14 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6&addseg=11,34,40
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame E4BF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUMxQTU4OTEtOEUwRS00MjcyLUJEQUUtRjZGRENCQkRGNEY2&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

573ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:11 GMT
X-lat: lhrpug008:0:273
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame E4BF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELT8Bm6bxLrR-_prX7ZM44k&google_cver=1

42 B
855 B

555ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELT8Bm6bxLrR-_prX7ZM44k&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:11 GMT
X-lat: lhrpug015:0:506
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELT8Bm6bxLrR-_prX7ZM44k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame E4BF 43 B
609 B 3076ms
17ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:14 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 11 May 2021 11:21:14 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame E4BF
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=edbb1adf-a410-4e9c-9562-b671118e78f5

42 B
882 B

1164ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=edbb1adf-a410-4e9c-9562-b671118e78f5
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:10 GMT
X-lat: amspug020:0:467
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:11 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=edbb1adf-a410-4e9c-9562-b671118e78f5
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame E4BF
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1503707112516374900

42 B
801 B

14ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1503707112516374900
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:12 GMT
X-lat: amspug009:0:345
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:14 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1503707112516374900
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame E4BF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:fdb7609b-ba23-4800-b75a-f11636779b99&gdpr=0&gdpr_consent=

42 B
946 B

1140ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:fdb7609b-ba23-4800-b75a-f11636779b99&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:11 GMT
X-lat: amspug016:0:389
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Wed, 12 May 2021 11:21:08 GMT
Server: MT3 3709 11aaa92 master zrh-pixel-x4
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:fdb7609b-ba23-4800-b75a-f11636779b99&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 12 May 2021 11:21:07 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame E4BF
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1626091424495893470&gdpr=0&gdpr_consent=

42 B
769 B

537ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1626091424495893470&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:11 GMT
X-lat: lhrpug008:0:405
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:11 GMT
X-Proxy-Origin: 159.48.53.232; 159.48.53.232; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.228:80
AN-X-Request-Uuid: 5deb1add-7ab7-40f6-93fc-91d40a775973
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1626091424495893470&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E4BF 43 B
661 B 3991ms
3985ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:21:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 4
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame E4BF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-G0rzLjtE2uW4lfIOS4vgMKU.4n98CNo-~A&gdpr=0&gdpr_consent=

0
418 B

76ms
19ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-G0rzLjtE2uW4lfIOS4vgMKU.4n98CNo-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 10:08:58 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 12 May 2021 11:21:11 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-G0rzLjtE2uW4lfIOS4vgMKU.4n98CNo-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame E4BF
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
https://x.bidswitch.net/sync?dsp_id=59&user_id=757a3ded-0258-4b8e-91c7-bba2f6a31956&ssp=pubmatic
https://x.bidswitch.net/ul_cb/sync?dsp_id=59&user_id=757a3ded-0258-4b8e-91c7-bba2f6a31956&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=97323ff6-a126-4519-84be-c87a5a68d850&gdpr=&gdpr_consent=&gdpr_pd=

1 B
745 B

13ms
13ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=97323ff6-a126-4519-84be-c87a5a68d850&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:14 GMT
X-lat: amspug003:0:630
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=97323ff6-a126-4519-84be-c87a5a68d850&gdpr=&gdpr_consent=&gdpr_pd=
date: Wed, 12 May 2021 11:21:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame E4BF
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=S9DSkR-B2cNQgt3KStHGkBiCipJQhtiRGdWX2amm

42 B
843 B

524ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=S9DSkR-B2cNQgt3KStHGkBiCipJQhtiRGdWX2amm
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:11 GMT
X-lat: lhrpug018:0:410
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:11 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=S9DSkR-B2cNQgt3KStHGkBiCipJQhtiRGdWX2amm
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame E4BF
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2737028165033390562&gdpr=0&gdpr_consent=&us_privacy=

1 B
727 B

1147ms
13ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2737028165033390562&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:10 GMT
X-lat: amspug009:0:443
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2737028165033390562&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 12 May 2021 11:21:10 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame E4BF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJu6IgAA8ROL1gA4&gdpr=0&gdpr_consent=

1 B
809 B

1131ms
13ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJu6IgAA8ROL1gA4&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:11 GMT
X-lat: amspug013:0:351
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:11 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620818471.238405,VS0,VE0
x-served-by: cache-hhn4078-HHN
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJu6IgAA8ROL1gA4&gdpr=0&gdpr_consent=
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame E4BF
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:07d32107-5844-438e-b777-f891f7ec1912&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
505 B

14ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:07d32107-5844-438e-b777-f891f7ec1912&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:11 GMT
X-lat: amspug005:0:394
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:07d32107-5844-438e-b777-f891f7ec1912&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Wed, 12 May 2021 11:21:12 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame E4BF 0
104 B 88ms
61ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=5C1A5891-8E0E-4272-BDAE-F6FDCBBDF4F6&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:11 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame E4BF
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=9cfa26ba-9ab7-49c8-bbf4-90209daf48ca-609bba26-5553&gdpr=0&gdpr_consent=

42 B
800 B

586ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=9cfa26ba-9ab7-49c8-bbf4-90209daf48ca-609bba26-5553&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:11 GMT
X-lat: lhrpug015:0:485
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:10 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=9cfa26ba-9ab7-49c8-bbf4-90209daf48ca-609bba26-5553&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame E4BF
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1626091424495893470

42 B
505 B

1013ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1626091424495893470
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:11 GMT
X-lat: amspug012:0:278
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:11 GMT
X-Proxy-Origin: 159.48.53.232; 159.48.53.232; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.196:80
AN-X-Request-Uuid: e85e7d70-50c5-48c8-801d-dd2b8383ab54
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1626091424495893470
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame E4BF
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_e15125bd-8100-497a-a6bf-0baf597d46bc

42 B
790 B

1150ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_e15125bd-8100-497a-a6bf-0baf597d46bc
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:21:11 GMT
X-lat: amspug015:0:348
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_e15125bd-8100-497a-a6bf-0baf597d46bc
date: Wed, 12 May 2021 11:21:11 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 4805ms
13ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1028
date: Wed, 12 May 2021 11:21:15 GMT
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 4805ms
14ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1242
date: Wed, 12 May 2021 11:21:15 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame C4D2
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
821 B

32ms
13ms

Script
text/html

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:12 GMT
X-Proxy-Origin: 159.48.53.232; 159.48.53.232; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.56:80
AN-X-Request-Uuid: abc4e528-0221-49b5-a081-3bb75dd2a424
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:12 GMT
X-Proxy-Origin: 159.48.53.232; 159.48.53.232; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.111:80
AN-X-Request-Uuid: 047735e5-dfbb-4c6c-98f5-9a9337a115a4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame BA39
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
821 B

26ms
12ms

Script
text/html

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:12 GMT
X-Proxy-Origin: 159.48.53.232; 159.48.53.232; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.236:80
AN-X-Request-Uuid: 911b9fdf-4b2f-4104-99d4-f1137cf076a4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:12 GMT
X-Proxy-Origin: 159.48.53.232; 159.48.53.232; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.247:80
AN-X-Request-Uuid: 401b560d-b175-42dd-adfd-2576c9649763
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame 69D0 44 B
332 B 30ms
14ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1258

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159543/3258/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://in-appadvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 11:21:13 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://in-appadvertising.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 69D0 109 B
546 B 31ms
30ms XHR
application/json 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159543/3258/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 92f3b2c27655a7aa524191ec582c45f35b581394b0ffab9695c421c61e6c5903

Request headers

Referer: https://in-appadvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 11:21:13 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://in-appadvertising.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Fri, 11 Jun 2021 11:21:13 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame D65F 44 B
110 B 14ms
14ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1258

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159543/3258/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://in-appadvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 11:21:13 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://in-appadvertising.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame D65F 108 B
545 B 30ms
30ms XHR
application/json 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159543/3258/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 3eef35a4a1c5dd7a160a62a46e4d9156f427fd74ee88d2192fd7ec29f17a301c

Request headers

Referer: https://in-appadvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 May 2021 11:21:13 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://in-appadvertising.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Fri, 11 Jun 2021 11:21:13 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C4D2 0
749 B 107ms
106ms Script
text/html 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:13 GMT
X-Proxy-Origin: 159.48.53.232; 159.48.53.232; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.120:80
AN-X-Request-Uuid: 06a51419-7c19-4661-bf67-858e4b71b97c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame BA39 0
748 B 53ms
27ms Script
text/html 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:21:13 GMT
X-Proxy-Origin: 159.48.53.232; 159.48.53.232; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.85:80
AN-X-Request-Uuid: b643c8b6-c00c-42af-bb14-b987a204f9ee
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 7E5E
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
https://sync.bfmio.com/sync?pid=106&uid=536422bc-387f-41da-abf9-4111a0c1e8a4

0
589 B

99ms
98ms

Image
text/plain

3.228.45.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=106&uid=536422bc-387f-41da-abf9-4111a0c1e8a4
Requested by: Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifg=1&id=f1e98ef0-7c63-47ca-981a-2dfd2f2feaa9&gdpr=0&gc=&gce=1&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.45.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sync.bfmio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 12 May 2021 11:21:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:14 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.bfmio.com/sync?pid=106&uid=536422bc-387f-41da-abf9-4111a0c1e8a4
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 183

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 5C09
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
https://sync.bfmio.com/sync?pid=106&uid=536422bc-387f-41da-abf9-4111a0c1e8a4

0
589 B

96ms
96ms

Image
text/plain

3.228.45.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=106&uid=536422bc-387f-41da-abf9-4111a0c1e8a4
Requested by: Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifg=1&id=f1e98ef0-7c63-47ca-981a-2dfd2f2feaa9&gdpr=0&gc=&gce=1&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.45.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sync.bfmio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 12 May 2021 11:21:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:14 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.bfmio.com/sync?pid=106&uid=536422bc-387f-41da-abf9-4111a0c1e8a4
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 183

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 297ms
88ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=a382a870-2c60-4997-883f-e1840c999caf-tuct7953fa0&dnid=0e1d23181204101a&uad=88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 12 May 2021 11:21:15 GMT
Cache-Control: no-store
Server: nginx
Connection: close

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 1008 B
696 B 242ms
241ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=360&height=202&pubid=169497&tagid=953497&crid=5558925&noaop=3&sortOrderType=0&cb=1620818475997&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1225&pt=1893674285&tz=120&viewable=true&ddast=V7eMACFgMukI9Mypg0SwQukI9Mypg0SwUAAAAGBscHHcOb0Fab4WwzYiyHy8FkMRosJqPRZrDZbZZD4BjehLbaDGebEWM5XA4mi81yNRgNJ7vdYDiFkqf8HHanxyBp-oymg6ThNBtERdfbYnc4zZ6DWiBrmlx-N1ig6XT4XPd6ncPyPLncDstd43f75QAAAADwAEAl3QjxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFA4J-uAQDFgYAOu91ve1n-AQDwUAACACCAQQIg0F5YAvDRU30CAAAAAAAAAMDy____HwOgl1UhAyAy-d4D8OAD8EBUoFrECAAAAOATpgb9aFInVBZVAAAE6VYAVwAAAXlgTxGuYQAAAABjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTSgKjjQtiCOKXe0XEABg7RcQAIBN28YNAOBNAC7oCFoxGKyOgFaD1ewAAAAA7v7____1QGIyGK08nolps1hMNh7DarbxjCyG3XAyHC5mo-X2imgxfnUl6IX7Sp7yc9idHoOk6TOaDpKG02wQFV1vi93hNHsOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY8AwnC-NusJZsbIO1aLncrYXDzcytcgxHg41zudw4bG7R62P6LVebmcOwRcGAjr0ILtKJ6OgyvC5mp-fospxcnq9b57A8Ty63w_Lxuy1iieZkkU5kl31jMhitPJ6JabNYTDYew2q28Ywsht1wMhwuZqPlvuEZThbG3WAt2dgGa9FyuVsLh5uZW-UYjgYb53K5cdjcotfH9FuuNjOHYd-YTQbDxXA0G-0bs8lguBiOZqN9h87wXX3ORu847fDonJrtyeWVmQ8Kl8Hi_UlMi2l3dhBNe0enz1tWFnRG3-V79BoUnoPHNF7easfy9tlMH4cJRSwRnC7SiehlPF3EEsnTIp2ILJaRxeLYDSYzl2vk2mxmi9XKM7O4HLOVw2aYWcQSpekinegl6j82xGo5Fw3nqs1cspmsEgAAAAAAAADAEubMmwAAAACcBrFcDHe75QJAjA7pAoMAAAAAAAAUN37cQUeX4XUxOz1Hl-Xk8nzdOofleXK5HZaP321lAIiLD-bNnglirVbLGgAAQAAbAAAggFs3bwFnkhw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2047445&dpubid=191877&abtst=206725b_vA!206725b_vA!adh5c-1_vA!insc_vA!nrlc_vA!rvf1_vA!spa2_vA!ul90398-358_vB&mPre=0.033&cirf=https%3A%2F%2Fgarydemar.com&en=1&subu=4
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.5/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: f5319fd97edaa2f34fd31d58d0735a92b3587c8e998af409633274d67efdfd84

Request headers

Referer: https://garydemar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:21:16 GMT
content-encoding: gzip
server: nginx
machineid: 1431
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://garydemar.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: display.bfmio.com
URL: https://display.bfmio.com/prebid_display

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6IvRXwsi6g5kJoJsNzAAABI0AAAAB&google_push=AQvitUI3GK_DiwX717xQCMGZQwJR23-fbPppWC6W5L8Zm3Z5JiBe7klrwtwvMufGC6z-a31nnG13HPO6nJZi3GBvvp1_sGJ6orUr&google_cver=1&google_gid=CAESEH8m0Qqetvgmn7QFUXw_Ewo

Domain: um.wbtrk.net
URL: https://um.wbtrk.net/doubleclick/user/match?google_gid=CAESELsqYe5sUKbniykI2PAxRxU&google_cver=1&google_push=AQvitUJHjLg1Ov-HXmHCEg3I8Y5MeB0SwDyab8R5SkX7xczaA1q-Ls0it5iQKkvopma4X4_JgC_00b9Cb76Q5bYxfoXjWORu_K8a

Domain: ce.lijit.com
URL: https://ce.lijit.com/merge?pid=42&3pid=a382a870-2c60-4997-883f-e1840c999caf-tuct7953fa0&us_privacy=&gdpr=0&gdpr_consent=

Domain: loadus.exelator.com
URL: https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D

Verdicts & Comments Add Verdict or Comment

317 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.garydemar.com/	1970-01-19 18:13:38	Name: _gat Value: 1
.garydemar.com/	1970-01-19 18:15:04	Name: _gid Value: GA1.2.1976713418.1620818464
.doubleclick.net/	1970-01-19 18:13:39	Name: test_cookie Value: CheckForPermission
.garydemar.com/	1970-01-20 03:38:07	Name: __qca Value: P0-1994936619-1620818464742
.garydemar.com/	1970-01-20 11:44:50	Name: _ga Value: GA1.2.1473164834.1620818464

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://garydemar.com/wp-content/cache/autoptimize/js/autoptimize_809473d910a62616da3bf3fc7eb7bb66.js(Line 1) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	log	URL: https://vidstat.taboola.com/vpaid/units/90398_358/infra/cmTagINLINE_INSTREAM.js(Line 1) Message: &&& create observer class
console-api	warning	URL: https://ads.pubmatic.com/AdServer/js/pwt/159543/3258/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	warning	URL: https://ads.pubmatic.com/AdServer/js/pwt/159543/3258/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
a.tribalfusion.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
ads.yieldmo.com
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
api.rlcdn.com
assets.revcontent.com
aud.pubmatic.com
beacon.krxd.net
bh.contextweb.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
cdn.districtm.io
cdn.engine.4dsply.com
cdn.krxd.net
cdn.onesignal.com
cdn.revcontent.com
cdn.shortpixel.ai
cdn.taboola.com
cdn.tpdads.com
cds.taboola.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
consumer.krxd.net
csync.loopme.me
d1781690cbf9bb408d38ab317585bbe9.safeframe.googlesyndication.com
d5p.de17a.com
dis.criteo.com
display.bfmio.com
dmx.districtm.io
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
ecs.mantisadnetwork.com
engine.4dsply.com
eus.rubiconproject.com
fadedsnow.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
garydemar.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.revcontent.com
images.taboola.com
imprammp.taboola.com
in-appadvertising.com
loadus.exelator.com
mantodea.mantisadnetwork.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mug.criteo.com
mwzeom.zeotap.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.adnxs.com
pubmatic-match.dotomi.com
r.turn.com
rddywd.com
ri.vompatle.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.206ads.com
s.c.appier.net
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
scontent-frt3-2.xx.fbcdn.net
scontent-frx5-1.xx.fbcdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssum.casalemedia.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.mathtag.com
sync.search.spotxchange.com
sync.taboola.com
sync.targeting.unrulymedia.com
t1.taboola.com
t2.taboola.com
t3.taboola.com
t4.taboola.com
t5.taboola.com
t6.taboola.com
t7.taboola.com
t8.taboola.com
thepublisherdesk.technoratimedia.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
trends.revcontent.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
um.wbtrk.net
ups.analytics.yahoo.com
us-u.openx.net
vidstat.taboola.com
visitor.fiftyt.com
wf.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagservices.com
x.bidswitch.net
ce.lijit.com
cm.g.doubleclick.net
display.bfmio.com
loadus.exelator.com
um.wbtrk.net
104.111.230.142
104.16.68.69
13.224.103.105
13.224.95.103
13.224.95.70
13.248.242.197
136.144.59.88
139.162.78.222
141.226.124.196
141.226.124.206
141.226.124.208
141.226.124.210
141.226.124.216
141.226.124.218
141.226.124.221
141.226.124.227
141.226.224.32
141.226.228.48
142.250.185.102
142.250.185.66
142.250.186.130
150.136.26.45
151.101.114.133
151.101.114.49
151.101.13.108
151.101.13.44
151.139.128.11
152.199.22.191
159.253.128.188
159.65.197.210
162.55.6.210
169.63.109.126
172.217.23.98
173.231.181.122
174.137.133.49
178.250.2.146
178.250.2.151
18.158.81.184
18.159.8.206
18.195.155.181
18.197.99.6
185.29.133.52
185.33.221.53
185.59.220.198
185.64.189.110
185.64.189.249
185.64.190.78
185.64.190.80
185.64.190.81
185.86.137.133
185.94.180.125
188.165.137.78
192.132.33.46
198.148.27.140
199.232.137.44
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::11
213.155.156.164
213.19.147.44
213.19.162.61
216.52.2.39
23.79.143.124
2600:9000:2190:5a00:6:44e3:f8c0:93a1
2606:4700:10::ac43:db6
2606:4700:3035::6815:40f1
2606:4700:3035::ac43:c906
2606:4700:3039::6815:c038
2606:4700::6810:9f11
2606:4700::6812:c05
2606:4700::6812:e234
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:803::2001
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c04::9a
2a02:2638::1c
2a02:26f0:6c00::210:ba13
2a02:fa8:8806:16::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::300
3.124.251.221
3.126.56.137
3.216.40.132
3.228.45.187
34.120.133.55
34.240.2.137
34.246.207.243
34.98.107.212
35.186.253.211
35.201.96.126
35.201.96.133
35.244.159.8
35.244.174.68
37.157.4.40
37.252.161.190
37.252.172.37
38.91.45.7
52.203.101.119
52.208.100.147
52.22.66.224
52.49.40.147
54.77.19.59
66.155.71.149
69.173.144.138
77.243.60.138
85.114.159.118
99.81.79.244
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0b9360f23d400c0240ea9a8437e4e453ef5c70e519a33e61334537b64ca29b
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
0e3cf72d008684c0ad8cfd6c1c3199c17374cf63b47197caab88e999157e268e
0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31
0ec7e92c2c8f7d12edcb6a56c255bd2fcf48e2557b81e4fe93af6e4da4ba163c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10fb0f812b9474dfc495e72cc44e91511bcf116a26dc36dfdd9681c2b50fac59
1208a7c0cd1a8b9a4a7e45d725794864f81ca789a480becdd86eadab5ddbb433
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13e3dfa019adc5d3a7ba144426589f45743b5e73e4c8f5135d2dc0ca4afa3e78
1571e6d6e844b8aa56c9ad0f9b08b208f1d6e72573309fbec640a336619232b0
163920f59b2eb1f006c82f03728f40a910936393deecbbb516fca7f79a11d0dd
172d5d26861551dd3b36a5b957d6d7cd6b347bded00721deb5945ac4be64d42e
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18bb4fec8965c65d0237e3af2565487f00e09515c8c0a526b11c9252831e1ad1
1969cf126d14e908364108897694d804b971e858b1079ad347a0c6d320c38f09
1ab77d8a35736b5f5c4a04be103d14226b2cd36c06150fb8ed8cc39d46caa31d
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1baee2fb28ab0b023245d04ea2e5229e68bab1e495017dd9f5fd6fee2c677170
1ccd81ec94a255c34bdee7dfe83f6e30f44e5c8713351b22ea85e1e4823b0e53
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1
203de499bad05048656d8784fe5cbb58eff433ab8b6dba0be7719124fdd2da6c
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
23435b99b6465d8a941cc7c2109cbe3c84ebb208a4a018b2c5e865318e833c03
23525ed5c3926cd6db061a0f47b5c1b7b24e22c8faf634305dae9ddbd63c304f
23ab0d2a417575e9c54c0bf9c02761d0c0cfa467d36839496e0d652770a580af
250323543c900614a9068f155d4c5df5e868380969b3dc24989eae9f688caa29
25f52afbe54df1d5f364d04e58bf8e61238ff6c3c54df78c29167281a0170b17
29220abfb0b23ebaa90458cd0e36f7a8a082ee4e9d083b34d2ec54dfd6b5cdf8
2be8f56a4a70d676b427368242ce718fa41a92dd8ae5d842dac3791d5774d215
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d42a07e6f39704c9905b6a6f34314affd0c64974d006dae1c2d34ede3bb29d9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e13af4ab7f33bc40500b2c588f0bec136015eaef7f4999e5390256bc5ce3187
3102770dfcd3cf44c48e96f2176f52f82f0b05cb87a17f22812d640c2ae6309b
316873d9dc0c8f63f7815870aaade76579b16e946523184a21430bee7a6a9244
32b7a31f7150aac243f97f92fe45cdc86f8dc4cfb240b69d79c7e3246d37b31f
331183264776467eefe453841610de92211eaa2d65aadb15e93940247b8bbb4e
3341801f6d6cb3841e2a1da80d1724ad38a15d0ccfb5f170be2bba85bd6c0352
33f151572605a44f60c2671da8a837ae97734032e73751e50a980152044df54f
340792a7a42feffabbddc144fe4059013ff8af265ca9c3337933e0b633569367
3413479075f6a95ecbec39fa21e03c4fb141a7bb92a73e42530ed598541216ed
36117942c93a7718be7acdda95df16da1f653e4685a9e35fc98c8ae7593e9160
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36ef095d011c4ced97b0acef551ca36d76b95299518595dc1acab792a2344601
38027309b96ba6585e9605254e3b1b5c8417952501a1b44913236264a7b4108a
3b97286afaba44e459fdc0a143070948b5a1e0c9d67d1eb580597cb1b046dbd6
3cc53569e7f55c189de60d1d29144599bfd216a7bc377ffbe52c8ac354e29d12
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dc6f955bc25ba9de2372c0eb71fb8c36f014c444dbba5b38df3fd6a251968f2
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eef35a4a1c5dd7a160a62a46e4d9156f427fd74ee88d2192fd7ec29f17a301c
3fad3f3d6160c22a70fadf9999c8f2ce1ac2ebb8078b583e1dfd0e1b81a6b33b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4061fd54a9aaf1d5841883f83f11c031b0484ca12f7326d612500dc2b588a081
447337afd5bac4b766076baaeb2c938f0c6f90d04e3fa767dc304f54de2e433f
44d0de4f55ca10e30752ec2d82efbcdc6f2e27a89736f5bcfece90dced3ba6b0
45c0dcabe450b45971ebba5e949f29e39dfa92981e73f6a19e452acbca722cca
479670bce8e7ed603003c409a76b300e06b514b0561d8a0ee50a4af549d4b406
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a9cb95cdf07c64bbdab6e6ba8f370292f8be188c7d4c9826f985f549b551d8
48cf36689a4269e3c78869790c2f1806aad02d895fba6e3fb7121d02baf57936
4a44dc15364204a80fe80e9039455cc1608281820fe2b24f1e5233ade6af1dd5
4cbddec182c39e0a31eefe0634d8194846374085de1c30162d212b88c8b51409
4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec9599fc203d176a301536c2e091a19bc852759b255bd6818810a42c5fed14a
4ef9a18aef9847638b3b4344a0b2ebed14e84fb0aeb8ce29292af06826a2580a
4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5105235ba569aa63ba67b813f40f836f2b553b964bff365dd10d2941b579144f
51ba00b25ade1e89e9462d84cbc82b0d6542cc0353aa4989cc4c7882cd5e7d85
535fa30d7e25dd8a49f1536779734ec8286108d115da5045d77f3b4185d8f790
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549ab2f9c2dfdee4dbc7632d379c03972b3a1ef2e130fb17f29052e080a117fe
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
56bedff467d11320bc7854e68ba3a91255d1a258ce2d80e91552da740377f3d8
57d01f5f0318db462df992255e277a7a01fe876481eef8327cbe8a4fa2243abb
59587e68ed187fdfda4f5f89b3e97a64690a13463dfefc1141eaea03bebdc1eb
59c6900b99e8f08d4ce444ae4d547142b4cba8dde8800885d96753dc2d09f166
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5bb72a647bd1b0ec3b2309332b4aa8f4f126c3848070373ca25f6915740c60a0
5ea6685bce0013f2c779860b9c615fb347a68d20ce1e5871c944f3d8202dd164
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61bb6bd2aee4fd366b30d7580c48462deb89c627495bb710b1f26c03db91f0eb
6354dd4a2f8aa04f1037600e7db0210f3f01d805a566277192ff338453350abd
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
64981bd7dfc71ef43b4b6f829d146713e6a6855ff4247e74522b07b6401b8c67
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
67044fedfbf69bdbc4c2f88af9f680e7a5a5f3dce4cd80182d40d46c838bbc5e
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
688e1a13a6ab7e1a00ca53de2288ddc2abcaedb690040b04803cd22ce9334332
6a3358bb86772fadab5cf6825c6352d43f1f1352abb1cb14905d518267fd736d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b51d431df5d7f141cbececcf79edf3dd861c3b4069f0b11661a3eefacbba918
6c0489619b42dc28c6d135cf946eaea95f6206229dedbad28a2636d3525fdb3e
6c095b65f7285452e5da09a62e22f4317ec5f830a09cef936658fe6e40a52005
6cd5b6e51936a442b973660c21553dd22bd72ddc8751132a943475288113b4c0
6d971119a046fb86eeec343e50c680c36a72eb2df85521c8f343dc9678924398
6dedea14dfb1c6b9fa41b0524b7d80456fd8ced66279c40b86a97382fe1c88d8
6e169da4db8ef0fd2836b21f4f59d4e67459586637366cc1d87cf3ca387301af
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
732f2d6e7767e7978cf70554aec8f7b40d5d6da4b601e528f136473c1b965c93
73854a96802204f2318120247a7be8c22098bf32c657877d95072c85a75ec7ce
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75160d515423e74b50363e75b641edf65987ffd1dc6f3c4b45b5ea820b2efcd5
771ee5e8f64ad490f015fcd79047851899996caf7f36c8998311a538393219ae
788c3cf61e6b402191052fb6a810f94d736d521c22675a8fe2d84c6d07439980
7bab9e7add4df4001a165c3f15a68afec11c6b6dfb1866783478d2538ace82e8
7ce6eaa43f9522c3baab91fba05ac6e2b22a590c05ce26ead42c6ff3c34abd31
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629
82e76fd96be924f1b403ac3df443b63361cf0dae48400077bc085965265e75c1
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83cce140896a392c8284d04d84d02cd819a1690b9e12a5472a1d8aad4f0055e1
83e9a74bf0cdc1726bf85da7ef132157407782022011fae6c432d8cd687457d5
842d5819ddd0f7a81a34655b7241cdecb56e3ee4773bbe2d4527aa2635205ffd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87edf1d76745bef608e1b094ffa0e537e6a421ccbb1c9c44832b8d79276b0835
88284a33d8bd2082f11b26b058a1ec0c8479b03e2eff4ff3148aff2ad3311295
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a2db9896268d45d8071955ab70c5de33b97b2636b14a017d23d4ef87eba88c4
8ad012803e63980f185a7ee45c983ff2ab99b7751fc8f817f86420d620f244d9
8add9975d90befa00fd949bddf38c8fbde9e000837058684bd26366e71b3ddfb
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8be3df76f0687d5b947e2e381b30bba18efdd8de99a121a7652a7bab9e8e1833
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8cf13cc5e4cab72e0f30b8a796b8218c3de78014a0600b33633ddd42a21e83e4
8d04d589afb4347649076b47945ce3e9a1afd6e43d7acf29da1fe94aff16e48d
8d10280e8071d96d42984b8a0fe9eb713babef562cfe8e31bc28fbf65c46e126
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d67b3b9fcb0a0b4c20906860c9948f31bc0919994192abe8487ebd38efa0e96
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21
916d29998baf302ea3c88e031e6f77370ef2aff02258f1b53557599099d27cdc
9185cc2c7f5d31ab782bb14deb3a6c4808487af4f0b84e2e69c17bd592390dc1
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
91cd603636632bd428bb06ecda2e255ee736385e92cd096a8c86c2f688d70097
92f3b2c27655a7aa524191ec582c45f35b581394b0ffab9695c421c61e6c5903
949df1ccf23d571822752903501ed230b592bc352ba1dd90cee047ba37273d76
95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86
95fe8dded904122a5676bf95c1f3154ca51e3aa864a6c5952bb438c0470000d9
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
96dad9d3ef0ae246c68dec8db7628ff73f3fd5efeec6af7b82f418966b309055
98608ba0e47023cda00658b640b574e46e2b8bd9cf7807cb4061e36f67d311ae
98b2f934d200cabd982c4e3424573139f39f9087f5f05f831a556f1c018b6981
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9becf42e2e81d5b28342234e217a77744fe5326b2aa3bf71e0acdc7d30504860
9eb83620a305b5cfbd47a770dd1f649d9ae99d34becf19308f9cc75106d1b5b4
9ed923de5ded26af462b76b892d911423c761519d65631d368985d701707cba6
9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c
a0ac4bbf593c90891d9cb6f6944503b6cf1921ac4cac0a4ae38bd78bfc1745de
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a424af928b4f4864f58253695e33ae5d7e0235ab96dcb7b62b8f3d078f5c8aaf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a73fcf339640929207281fb8e038884806e2eb0840f2245694dbba1d5cc89e65
a8595386c4e441f270dbe75b781383093d2152f918e7d2d3a47f15a1d8cb5a49
a9a4c31954cc5e97b49fa05f1d5a4a4a87dff3d395a393cbba91239e646bcfe5
a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1
aad99c09cc89f6f22163b3c72fbd19e30ec500dcc89b4538dac644bfa5521938
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
ac67719605d957998af1258627cd9bb25fd9b51ba4b4e8d3863d764934d8aeff
aca746d0adf4fcbc08ce25a05bd87ce39f35b71ff02fe3cdb9d445d5d15399ec
ad68b1eebdd10516b4cd884ca26e3f2f6086efc2a025badffb5f08e7fb110807
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afdd5b03f94d18d31b86e4bdf19ad063f6917233f5605f2e4b34d055a2502b0e
b0c59bd2eacde11afe8a1f60e32086839e62d5e63bc2346ae86cc4bc52bef074
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b39a45a7512a7d7e081f144316ea20696f43d25c6c96e1799f04d9b775c7c5df
b604853c50b56960ebcbf80c785138414ccdbf21d8e8ed60d1971ce85f4c6aac
b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783
b9788323a5e4ba8d980d875eee9ae225ccef0406fd546e0284657ecde8e3fbb1
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94
b9dda5b243c92e46d0e3d3ceb4dc1782855c5ca451000f3052f47ba9cee0f315
b9ee99056cf3116c61376228c3138d17cf9f4a762d34e34f8f6009c68369da90
bd746210d6f5a233d28679c0a24e457f790cb1cc3b3e04c04bdcd7b057598496
bd8a91337109acebe6f9a4e6e283bd2f420c2cd06283e86e98a8202a3b14a551
bf231713c1a68e9030ff90129e58a32d99b65a8f6a35efdd11fbf4213b9d60ff
c03fd80ef0dc2fc2a77ddf8b724aaa8ba231df775bb9ca33ad4f5801e5c5bbdd
c2423cbc3081a6d26022031366660f7900aa5cb280fd91f7a3b80777332b1a54
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c4d1184bdb17151fd96a8048bc081de2c92a0c7fcb1ad18b47328a71892591c3
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbb3a3b486c477e5e0059c5d701ad7113dce6a0d0d443a602049472dd31c61a3
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
ce2a25fe5920db9f54fbf945677d938b0976ffaa1c2ebc5dd16d214726167f95
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d1fdc83f40b6872fbf82ad027168954ccaa7eee12c7e6fcbe52e26c36bf915de
d37a69b4d97a22c41911c610868a1db6a49a2c1050e59073e0864f75cb27fec7
d8a8dce959450ac3a76160b40029e51ead538acb22f7da376d80c96d07cbdfd4
d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dc768aa956cc3e7c9c11f91c45b70c8ee63ef9ee80249f762c37397085c70b94
dd0d263746668da857f6d38b5ffc517b25e793e566d7bccdbbcf68199a94a442
ddf6fdea6eecbb145efbdc4a2f1c02d181a8a8a8c55044a915ba8ee109b6067b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df0df39146c8995f0d40836e1e0839ad95f81ad1c9d24ba85169e3c2f0560ac1
e04319e18076afc1ee76f093349c0c5358eb875fbc2db69d13ab755b4c16b7a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74e6bd909fa4325c9b3370137a052f582a054e190069a0a03a5794067e24195
e81e3525c7db207a32f1f6a9a9bacafcaf545b6051fb720bc22adad2d75027df
e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90
ebc99b37ecdf7baeb7335087114e2889cfd08d08ff6f258884d5fc96b73f8ba9
edcd554b2553fb03cf34349152c91d4921fc4e19319fa536beb5bfe5bd954e60
edfe7e4e5d1a4300314aad7fd7c2c1367ba303806c4c3d825d2befb3fcb4d56a
ee0a7fdd5b315817774fc9f3c302bb1470236e0e177fe8ef8334c2f6f75afc1d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8
f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a
f13d5c7fda7af208007f37ea218a478457afc0ff0f800ac6c2a3fada8e6ed1d2
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f26181f12bdb0b9ab6c196e5143a8d5674358e8c78d6c286f272908af91cceca
f2692618d76da58016d85b699ad7cf915026b1d03bbdd010f12764d875d2e0f9
f2f6d277e9a00330022be2b7ef4441ed84127e2359bfe7f7800c10f294e81917
f3380615c986f6f5e493ac0251aa4780641349a4f1c339cf2d8bad448716bcc5
f5319fd97edaa2f34fd31d58d0735a92b3587c8e998af409633274d67efdfd84
f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6d913f3bbb9a25cdd47c7be4f82d7f6ad6de44b39e960a89d10da7215d89647
f77e60b8bfbfe331723e483e3d88ee51c699e2e89e76b180fb27e228208dc110
f783d5339c16ad626dead0d858931477b36d828876ebbbdd136f0cea38392e08
f7f7052522aed209361eec56a4dda3b443dd1563eaa3294598e7088bf2e900e5
f84cbc4003970cf4410a5f759b3f04ca535de9114f45a867669e05244998c630
f9682647257f497f1b61b9c1c151d12f970071a393f06bd8cbe4d0b67debf289
fd2cd6fb9c71da6a520746673ee971d553c1c987a5fd45674ba7ea3039a532e2

garydemar.com Open in urlscan Pro 2606:4700:3035::ac43:c906 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

438 Requests

98 %HTTPS

29 %IPv6

84 Domains

152 Subdomains

100 IPs

11 Countries

5929 kBTransfer

12909 kBSize

5 Cookies

17 Outgoing links

Page URL History

Redirected requests

438 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

garydemar.com Open in urlscan Pro
2606:4700:3035::ac43:c906 Public Scan

Screenshot
Live screenshot

Full Image

438
Requests

98 %
HTTPS

29 %
IPv6

84
Domains

152
Subdomains

100
IPs

11
Countries

5929 kB
Transfer

12909 kB
Size

5
Cookies

438 HTTP transactions
4 data transactions