www.givemevibes.com Open in urlscan Pro
2606:4700:3035::ac43:d8f0 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.givemevibes.com/padres-dodgers/12860/
Submission: On September 13 via manual (September 13th 2022, 4:23:16 pm UTC) from IN — Scanned from DE

Summary HTTP 119 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 16 domains to perform 119 HTTP transactions. The main IP is 2606:4700:3035::ac43:d8f0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.givemevibes.com.
TLS certificate: Issued by E1 on July 19th 2022. Valid for: 3 months.

This is the only time www.givemevibes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	2606:4700:303... 2606:4700:3035::ac43:d8f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:ea:... 2a02:26f0:ea:4a7::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:400c:c0c::78	15169 (GOOGLE) (GOOGLE)
1	66.102.1.154 66.102.1.154	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:17::9	15169 (GOOGLE) (GOOGLE)
1	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
119	26

25 2606:4700:3035::ac43:d8f0 (United States)

ASN13335 (CLOUDFLARENET, US)

www.givemevibes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:ea:4a7::4469 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::78 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:17::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5ednde.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 174	453 KB
25	givemevibes.com www.givemevibes.com	345 KB
20	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 350 gcdn.2mdn.net — Cisco Umbrella Rank: 1210 r4---sn-4g5ednde.c.2mdn.net — Cisco Umbrella Rank: 581459	221 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373 bid.g.doubleclick.net — Cisco Umbrella Rank: 622	112 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	61 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 480 fonts.googleapis.com — Cisco Umbrella Rank: 120 imasdk.googleapis.com — Cisco Umbrella Rank: 456	160 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 8291	2 KB
3	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 689 tps.doubleverify.com — Cisco Umbrella Rank: 688	109 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 19	2 KB
3	wp.com c0.wp.com — Cisco Umbrella Rank: 7979 stats.wp.com — Cisco Umbrella Rank: 3365 pixel.wp.com — Cisco Umbrella Rank: 2898	33 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	88 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5202	914 B
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2143	71 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 972	650 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2119	350 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	73 KB
119	16

	Domain	Requested by
25	www.givemevibes.com	www.givemevibes.com
20	tpc.googlesyndication.com	googleads.g.doubleclick.net www.givemevibes.com tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
17	s0.2mdn.net	www.givemevibes.com s0.2mdn.net
15	pagead2.googlesyndication.com	www.givemevibes.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	mc.yandex.com	2 redirects www.givemevibes.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	r4---sn-4g5ednde.c.2mdn.net	www.givemevibes.com
2	csi.gstatic.com	imasdk.googleapis.com
2	cdn.doubleverify.com	s0.2mdn.net www.givemevibes.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	mc.yandex.ru	1 redirects www.givemevibes.com
1	www.google.com	tpc.googlesyndication.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	googleads4.g.doubleclick.net	www.givemevibes.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	pixel.wp.com	www.givemevibes.com
1	stats.wp.com	www.givemevibes.com
1	www.googletagmanager.com	www.givemevibes.com
1	ajax.googleapis.com	www.givemevibes.com
1	c0.wp.com	www.givemevibes.com
119	29

This site contains links to these domains. Also see Links.

Domain
givemevibes.com
wpastra.com

Subject Issuer	Validity	Valid
*.givemevibes.com E1	`2022-07-19` - `2022-10-17`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-09-06` - `2022-11-15`	2 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.givemevibes.com/padres-dodgers/12860/
Frame ID: 06BC5377F9A1DE670A7CB30350DD7982
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20190131/zrt_lookup.html
Frame ID: BF6716C58B7104A0CBCA28968D46E085
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6074512008324795&output=html&adk=1812271804&adf=3025194257&lmt=1663086192&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.givemevibes.com%2Fpadres-dodgers%2F12860%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663086192085&bpp=8&bdt=613&idt=265&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1290748830709&frm=20&pv=2&ga_vid=606665054.1663086192&ga_sid=1663086192&ga_hid=2137624118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1937596444855670&tmod=342279473&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=294
Frame ID: D45BF68BDE932D91F13711F84B0E7E79
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6074512008324795&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663086192&rafmt=1&to=qs&pwprc=9203507082&psa=0&format=1200x280&url=https%3A%2F%2Fwww.givemevibes.com%2Fpadres-dodgers%2F12860%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663086192093&bpp=2&bdt=621&idt=290&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1290748830709&frm=20&pv=1&ga_vid=606665054.1663086192&ga_sid=1663086192&ga_hid=2137624118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1937596444855670&tmod=342279473&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sgTs6KhtY1&p=https%3A//www.givemevibes.com&dtd=297
Frame ID: 9051E79E9F62277500545D9004819D3A
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/zrt_lookup.html?fsb=1
Frame ID: 721F74F1AF4EE9C88FA2A30AFBD86CF5
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/zrt_lookup.html?fsb=1
Frame ID: 449CA12616F0401A1DF2431CB55DF418
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220908/r20110914/abg_lite_fy2021.js
Frame ID: 4C86FD5F1C444137B5A67EC29D157252
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2560E59D95FE123D1E7CBDC984D75096
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Frame ID: CC4494328C10C64C7B59DFBAD4A771B8
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
Frame ID: 7591A64D5EB702586C96A32B5284DB9C
Requests: 16 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3065.js
Frame ID: B01F9D4BC57CB73F9D3FE5E191B38155
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: FC4BCD5066C83B114565E4433D648AAE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4ED91E58AD1F8CACC42F873DAD513D2E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EE9450D0703C3E12182311283902F752
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found – Givemevibes

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

119
Requests

97 %
HTTPS

81 %
IPv6

16
Domains

29
Subdomains

26
IPs

5
Countries

1730 kB
Transfer

5191 kB
Size

14
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://givemevibes.com/
Title: HOME

Search URL Search Domain Scan URL

URL: https://wpastra.com/
Title: Astra WordPress Theme

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9760.Vb4DKn0EqJ5_PLx1fwhOR8hVrQ2pjLV9FVuRc7L6RlyEtIZP51UHtkKSuU-GrlN6.9m9rerY6unEFsqAcbobp9VoCICw%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9760.eOAyvdBHGMwo7q9EWL_tDh9f3DEgUinpP4X-73oDp70cFUA-YVmZsdiVLQ0jLlB1mqUgsxjbb3bcsSZAYIYJbg%2C%2C.SWzU31yvcSEl80KEm1b1QYwYyv0%2C

Request Chain 41

https://mc.yandex.com/watch/83496901?wmode=7&page-url=https%3A%2F%2Fwww.givemevibes.com%2Fpadres-dodgers%2F12860%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%3A494%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A994305996891%3Ahid%3A17110953%3Az%3A0%3Ai%3A20220913162312%3Aet%3A1663086192%3Ac%3A1%3Arn%3A710427418%3Arqn%3A1%3Au%3A1663086192457449568%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1663086191341%3Ads%3A1%2C63%2C57%2C5%2C%2C0%2C%2C449%2C1%2C%2C%2C%2C583%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1663086193%3At%3APage%20not%20found%20%E2%80%93%20Givemevibes&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/83496901/1?wmode=7&page-url=https%3A%2F%2Fwww.givemevibes.com%2Fpadres-dodgers%2F12860%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%3A494%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A994305996891%3Ahid%3A17110953%3Az%3A0%3Ai%3A20220913162312%3Aet%3A1663086192%3Ac%3A1%3Arn%3A710427418%3Arqn%3A1%3Au%3A1663086192457449568%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1663086191341%3Ads%3A1%2C63%2C57%2C5%2C%2C0%2C%2C449%2C1%2C%2C%2C%2C583%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1663086193%3At%3APage%20not%20found%20%E2%80%93%20Givemevibes&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 94

https://gcdn.2mdn.net/videoplayback/id/5473a6f5f3c75b16/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1694622194/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/4C6BEE2D1CE6542C780AA45CEAF6A1B07B951C7F.74AC3EEA8F24F65D5FED9D833DA79781B61A76FD/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5ednde.c.2mdn.net/videoplayback/id/5473a6f5f3c75b16/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1694622194/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/025688502AAC41E46A6CE86AA8F82143E09C360F.7D686338EE15FB3D070D45A5D4627CD2D2336379/key/cms1/cms_redirect/yes/mh/p2/mip/2001:ac8:20:303::203e/mm/42/mn/sn-4g5ednde/ms/onc/mt/1663085838/mv/m/mvi/4/pl/49/file/file.mp4

119 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request / Show response
www.givemevibes.com/padres-dodgers/12860/ 67 KB
14 KB 123ms
58ms Document
text/html 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4003118ea2267bb2a78ee2edf816535b7d944dea3af50a42e879913f72f1709f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 74a239d86838badf-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 13 Sep 2022 16:23:11 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://www.givemevibes.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQyzGr8DJn1WLyITORGrgNMAUn74d5DQfRgzyKhlpDwlWPTF9NBqssnH1nxk%2FbAsS1ww3QM%2BHepS%2F1V7Ykg1E31P4XB2%2B1hg6NiW0SgwoXNz1kBN2NElK3VFijT%2F6bNI0CVIaAEiw0%2BsdpPGvItwvkem"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

GET
H2 200 8e86b79bb3c029fafc3671d62aabda01.css
www.givemevibes.com/wp-content/litespeed/css/ 69 KB
12 KB 143ms
134ms Stylesheet
text/css 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-content/litespeed/css/8e86b79bb3c029fafc3671d62aabda01.css?ver=c674c
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae463704d8ed8b862c7a339119a83aec69612ed10d99875e395c7348ebdb3cac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 16:23:04 GMT
server: cloudflare
etag: W/"1142d-6320ae68-1fc7ba;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rXw35Wxjj7coS9NFomSao26Zhqg9MavqFiOc3n%2FEI%2B6j18JQSNWKHploPZiqepCI38nD4jz9jfim7IztcSGbsY%2BVB9DLSukBsw5RwfPenOS5RbEUpcf0Id14nNCw54DBSADn1sVtMchf4EMF5%2B73500"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239d8f9aabadf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Sep 2022 16:23:11 GMT

GET
H2 200 e9ba4a94b5fa45ab861f56e2913024d1.css
www.givemevibes.com/wp-content/litespeed/css/ 87 KB
12 KB 131ms
115ms Stylesheet
text/css 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-content/litespeed/css/e9ba4a94b5fa45ab861f56e2913024d1.css?ver=024d1
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89ceeaea2b372ba34b7278368a4f401ea1878872b63ed57383d689368939aeb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 16:23:04 GMT
server: cloudflare
etag: W/"15b53-6320ae68-1fc7c1;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SEsxF7CFmkOcoVU8edRPSio3BaPorBYjYb%2Bwv3S2KhIxVo%2F2KPNkDwxDyR5BuI%2FiIQyGyglWKTDRGxKrC9QcZhaLI58zmoCYTpd3XT0HR%2FOcmU7D45VJXm1%2FUMss%2FgxMp0aNN78V4zDOVTnKBLrvjHBM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239d90a02badf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Sep 2022 16:23:11 GMT

GET
H2 200 ec86f90cc2c17c54fbba7d6116f45586.css
www.givemevibes.com/wp-content/litespeed/css/ 11 KB
3 KB 128ms
112ms Stylesheet
text/css 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-content/litespeed/css/ec86f90cc2c17c54fbba7d6116f45586.css?ver=45586
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b4f23113e81b19af7503f478d4050d71f74555533325f312d8730708b064153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 16:23:04 GMT
server: cloudflare
etag: W/"2c9a-6320ae68-1fc7c5;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGHzpsZeKbck63U6LeH7UG5Ih8ZHX9V6IIexyIJ0QDhGS2vOM%2BpNylpVt4DMeYoStTw42BCcOd2UnD%2FJfCU1gU%2By8Z%2FAUUcN5nXazymwBXQDYXKwGwSd31uaGZfUOztN3NT1%2FyR8hVm7i7vinntCrpc7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239d90a07badf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Sep 2022 16:23:11 GMT

GET
H2 200 ee43da24c6313b4acb6763172b3dc6af.css
www.givemevibes.com/wp-content/litespeed/css/ 4 KB
1 KB 195ms
179ms Stylesheet
text/css 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-content/litespeed/css/ee43da24c6313b4acb6763172b3dc6af.css?ver=dc6af
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 16:23:04 GMT
server: cloudflare
etag: W/"105a-6320ae68-1fc7c7;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhHFwED97l6eo84cM7oravtHrlV2qkUHfC3DxBosdicijh%2B8kjnNwWH1VgCo1e%2FlZn8T%2FSjTT6ZJU2xuff0dSD%2BPTOzpvdPq2HFolbev9DtjfBVpuFuDleILCLBSaINt3%2B2sJrNvaV14ddRcSilX5hMq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239d90a09badf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Sep 2022 16:23:11 GMT

GET
H2 200 bd2f0749224d8c3cd77d5397153f04f6.css
www.givemevibes.com/wp-content/litespeed/css/ 2 KB
1 KB 137ms
122ms Stylesheet
text/css 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-content/litespeed/css/bd2f0749224d8c3cd77d5397153f04f6.css?ver=a6d64
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69533ad5d487783e19c1f034e9ddb042a7faf987e37545e6514bbd451ea10328

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 16:23:04 GMT
server: cloudflare
etag: W/"8a8-6320ae68-1fc7c9;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ie0wou%2FPeZlnzj7M2uKbqM35JFejM6L4HRNSeLT%2Bce9CW2lYUWdB%2B%2FMIaDt4VXUj%2BFdAv2mN%2FvaYf6pJYLdzqUxeBlul3hmwGJa%2FTibgZQizdFmvWbuAxCOR3f7eimW55SJAG2cO0%2B%2FYds1n6A9jmg5I"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239d90a0cbadf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Sep 2022 16:23:11 GMT

GET
H2 200 186b966615fa49d6617a92fca5828abe.css
www.givemevibes.com/wp-content/litespeed/css/ 882 B
717 B 204ms
189ms Stylesheet
text/css 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-content/litespeed/css/186b966615fa49d6617a92fca5828abe.css?ver=802dd
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3c948a216530521f3cd0575e075c9f20308f610a9d2e0e2499f5c5ef30f58f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 16:23:04 GMT
server: cloudflare
etag: W/"372-6320ae68-1fc7cc;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sqnk6%2F8UPGB6FbiOb1HLeDqoxSDoZrCZlLLFUWlHjq7iLr8YE7ouMJG5qFRESRj6XU2kRu0nKZZLzTxh9lFz8kbMYgbINpmor3UNIJ%2BBjohF5q8LEDe3SlLQELW7d8PxgCIftX61WpDVFALnlW%2Bqkv2X"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239d90a0ebadf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Sep 2022 16:23:11 GMT

GET
H2 200 7774da2b5df501ef439ecd94124497b8.css
www.givemevibes.com/wp-content/litespeed/css/ 84 KB
17 KB 146ms
131ms Stylesheet
text/css 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-content/litespeed/css/7774da2b5df501ef439ecd94124497b8.css?ver=497b8
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f360f910960c86fffa05e031405facfd6747640412fa387f829eaf68731548e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 16:23:04 GMT
server: cloudflare
etag: W/"14ee2-6320ae68-1fc7cf;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcNR4NLtNCWWqhnTVgcvQDqi4UjVm%2Bel1zOHvzBsEiRAPpZvkKZJzPLL0HDVbNLBGVuZ72ggR1%2BXUYfYfT6rTQfHeSW%2FnUaBIQYvVwtelKU7sKBcIMInkWSpuvkL77mj%2FEXlpSs0gXFeIZ9irNC%2B9DyR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239d90a11badf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Sep 2022 16:23:11 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/6.0.2/wp-includes/js/jquery/ 87 KB
30 KB 105ms
25ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery.min.js

Requested by

Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 13 Sep 2023 16:23:11 GMT

GET
H2 200 7e81d332bc9e3b492bb5b6a1afe2f10e.js Show response
www.givemevibes.com/wp-content/litespeed/js/ 11 KB
5 KB 126ms
111ms Script
application/x-javascript 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-content/litespeed/js/7e81d332bc9e3b492bb5b6a1afe2f10e.js?ver=2f10e
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b5f4f75baa3e2e2826110e5ee4a78cca53b1aaf03c8227570149ca7aaeb24c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 16:23:04 GMT
server: cloudflare
etag: W/"2bd9-6320ae68-1fc7d4;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=us7FpApqjNcPfVwZ%2BUVENTJsfz32VIuG6v2cJNE6TDegrpCo%2BY7gqkviis0GRWmvyueZfjIlLIJKnR9rWCb3v3kcbsg2j%2FFvDTZKXOPTwZ%2BrpBK4%2Fy4pmBK0HbaKecqzdM5lU5YI2QV2Rw%2BXnYuMeBdL"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239d90a14badf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Sep 2022 16:23:11 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 97ms
22ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:17:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 16:17:58 GMT

GET
H2 200 63c9a1123e0ed4ead38eb07df7754f5c.js Show response
www.givemevibes.com/wp-content/litespeed/js/ 513 KB
139 KB 170ms
155ms Script
application/x-javascript 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-content/litespeed/js/63c9a1123e0ed4ead38eb07df7754f5c.js?ver=54f5c
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f00d5aa0b56411ac8a0321fd53a992f6419a8482f6cc2a35f99a458d6617d1ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 16:23:04 GMT
server: cloudflare
etag: W/"8031b-6320ae68-1fc7d7;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OB5%2FFsb6b%2B3%2FOnTc%2BvD6QuSFE4zrRRgFinvirUrBsFNpAYdKuOxKk5nqemXW%2BxRGKHZY8AMvNEltWZ%2BROc5VilGwcXqMzDVw%2FHENs%2BB5Hj%2FkAAiJfmNGpA7UKJCtuwEHanrbzk28jGfHZ98wghNaWk8P"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239d90a16badf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Sep 2022 16:23:11 GMT

GET
H2 200 8cd1e8d9fa41239ff83c9eeb890dbfa4.js Show response
www.givemevibes.com/wp-content/litespeed/js/ 176 KB
47 KB 202ms
188ms Script
application/x-javascript 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-content/litespeed/js/8cd1e8d9fa41239ff83c9eeb890dbfa4.js?ver=dbfa4
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 838946e7249e6b3fc2d000ee67dbc91cd380c6835c8c95390fac9c3646c1b2a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 16:23:04 GMT
server: cloudflare
etag: W/"2c0fd-6320ae68-1fc7d9;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lNELEBFrtTZShCPIJeFz5EFpwYJfMav81zN7ZyC0WZeLHGX17veYpbjgFQtOGhzy8h%2Bvfrh6Go2VRJQjgr2TJCg35sT0Fha5R4UBsdol%2FWYl83njWGbv2tUgeMO%2B6FZxOTEC%2F5LiF7bU%2FCPO3Hj2S1VJ"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239d90a18badf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Sep 2022 16:23:11 GMT

GET
H2 200 04a54843d4b204600f798a3d1a199e88.js Show response
www.givemevibes.com/wp-content/litespeed/js/ 3 KB
2 KB 211ms
197ms Script
application/x-javascript 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-content/litespeed/js/04a54843d4b204600f798a3d1a199e88.js?ver=99e88
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0dfaa882fdf7a4a81ab8a503d794e78cf7c3a5cb8f1f9f9721f40d4a7db4fe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 16:23:04 GMT
server: cloudflare
etag: W/"bc4-6320ae68-1fc7dd;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uzr1RGZ0uetSWPwXESt5fmO9pdPo0kE64U4YP1%2F577OpVdiGGSKB50piu%2FgoXKhLQa7fB1fxupWmnZLNKYNoBQ8Aq1Q0VEh0l7gpxPkO%2FLaPz0p0ALHnISJlpznd8qahHFR498y3C3F5YCPtV0ePnGGb"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239d91a56badf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Sep 2022 16:23:11 GMT

GET
H2 200 ac24f267e9223719d4fb298f87f9e687.js Show response
www.givemevibes.com/wp-content/litespeed/js/ 3 KB
2 KB 146ms
132ms Script
application/x-javascript 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-content/litespeed/js/ac24f267e9223719d4fb298f87f9e687.js?ver=9e687
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e53ba871f89ab3562d024d898fb735f38328bf92caddf69027e2b66cd73af310

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 16:23:04 GMT
server: cloudflare
etag: W/"a38-6320ae68-1fc7e3;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPlw1hsKHF37t%2BRj3UO3k1%2BF%2FWUCYWCAxbbyRtyWQa9Mb8IwCTHdhCRDtn1JXzpW%2BjNryBb4OiAWi7qz97rC1qHJ1NYGD%2FXp6eP4WR9qVdK%2F1WutTfwwz8eCRg%2FnE6kpK%2B5XycRJ2%2F8%2FaLUAbKqnVbZv"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239d91a5abadf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Sep 2022 16:23:11 GMT

GET
H2 200 e94cc07d9d2af57fe2310b6828a3ea45.js Show response
www.givemevibes.com/wp-content/litespeed/js/ 30 KB
11 KB 184ms
170ms Script
application/x-javascript 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-content/litespeed/js/e94cc07d9d2af57fe2310b6828a3ea45.js?ver=3ea45
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 510d383f9be2e5b324e219f71f611caf9a7d4aef55135e4f53d1bc251d2541fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 16:23:04 GMT
server: cloudflare
etag: W/"76e4-6320ae68-1fd93a;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qMRfff3a4c%2FXOkfB3tzRDA%2FbH0H9xe6qrunBNFu7rbCesk27VIjsVezwi%2FIL5JOgNUE%2Bnwix94XIfAlOfRSZ8Jpt6a6%2BJO4PTKF626nfVMdp9wm7143ElkEm7f2cVTyp0nPRvHpbV4HXUKdZKECWDZo"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239d91a5fbadf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Sep 2022 16:23:11 GMT

GET
H2 200 4d26835cd09b5f6ab0abfd2b87b3df75.js Show response
www.givemevibes.com/wp-content/litespeed/js/ 25 KB
7 KB 186ms
172ms Script
application/x-javascript 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-content/litespeed/js/4d26835cd09b5f6ab0abfd2b87b3df75.js?ver=3df75
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c527c84dd1fa9771c652976862ad7c490937f8f79d9998d5fcdc841507be977

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 16:23:04 GMT
server: cloudflare
etag: W/"636a-6320ae68-1fdcdb;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5vf%2BbXYAPvnU9HZgt%2BFDAxQpQrGXrCzWQxirCsyGEThQ6xJungh13nb61yKPucm73JEaBkxSsjLQfbTRE59c0oqyU6Lr9fzeO%2F1SjXkex%2BHYON1kFgfiFY3JWTegYIScZ%2F7ZqzFogv9hr8VN64wJWXV"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239d91a62badf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Sep 2022 16:23:11 GMT

GET
H2 200 cd5036100eeaf8a271e4ab3c9176b883.js Show response
www.givemevibes.com/wp-content/litespeed/js/ 3 KB
2 KB 150ms
136ms Script
application/x-javascript 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-content/litespeed/js/cd5036100eeaf8a271e4ab3c9176b883.js?ver=6b883
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d97a1730c39805a7127eb0fc118a53e8d6b080e7268728742689ea056d404389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 16:23:04 GMT
server: cloudflare
etag: W/"dfd-6320ae68-1fdce8;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BbEJsr5UYQmGz83rF49mw6ujxKfDkw5mLUYUhLFePBGEFL36Jwd8WPsim9jEhI6lFCQfjNSKTgcENzGNyyv1M527aaq0oi6l%2B0QqvzHFeEaTs%2FKis5WpKK%2FXkIHBOqIvhH8UZyPbwmMTiwBoz8xNaE9"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239d91a65badf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Sep 2022 16:23:11 GMT

GET
H2 200 7b099517b25a5c3aa5522ed69f552719.js Show response
www.givemevibes.com/wp-content/litespeed/js/ 140 KB
40 KB 212ms
198ms Script
application/x-javascript 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-content/litespeed/js/7b099517b25a5c3aa5522ed69f552719.js?ver=52719
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 805d1826238dbb5802b648330beb8f3f8ccc9b047e3e88aca83a1de81b3d7d27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 16:23:04 GMT
server: cloudflare
etag: W/"23188-6320ae68-1fdcea;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PRUlLg1VNGLXHEiMt44OQvxn4wtxG%2F0tiK8wd8bYyO6yYLCoPBI3nNCY5vWIwiq9mg4h8S0Ptkj4Lj2MYT1ikyBTsT1caiPgWFnUuU4hSeHEWz221WpyhIyEuYyAqKvPcJaO7HCEiocrK%2FjQfXNfCdG"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239d91a67badf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Sep 2022 16:23:11 GMT

GET
H2 200 5bede84c62ef0891cdd77b3b33778605.js Show response
www.givemevibes.com/wp-content/litespeed/js/ 26 KB
8 KB 183ms
169ms Script
application/x-javascript 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-content/litespeed/js/5bede84c62ef0891cdd77b3b33778605.js?ver=78605
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dfa467a15133295c90e7981709a599e40a9c8a3b62c4449d12996012b03146d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 16:23:04 GMT
server: cloudflare
etag: W/"68c0-6320ae68-1fdcf0;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Md0cuY%2Bl4Z4e2tMQlQCYBlIxxltrLHBmWaj0PU12gfJEUUXKUyQQR5uWlv425P6O8PFZMc%2FKMouXEZYSnyJNi9KNd2Azq9DfNge3%2FMCjPS2pDXRYAb5HUk5nVbqiBxzIA%2FH9Y99er8dzDPoES6aOLFTE"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239d91a69badf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Sep 2022 16:23:11 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
57 KB 182ms
108ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41fb89c7089735d036a1d928aedb685343ad78f4077a2fc8ec6679888a5ab36f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57639
x-xss-protection: 0
server: cafe
etag: 14434138814932871187
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 16:23:11 GMT

GET
H3 200 givemevibes.png
www.givemevibes.com/wp-content/uploads/2020/12/ 3 KB
3 KB 52ms
37ms Image
image/png 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.givemevibes.com/wp-content/uploads/2020/12/givemevibes.png
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8be378896e7fcdbf42fb1fe30125c234a673e6db7243204507e2a8a5795ad611

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 404147
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2832
last-modified: Fri, 18 Feb 2022 22:05:33 GMT
server: cloudflare
etag: "6210182d-b10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrV43UW4NL%2FabbFOdcx2jc74qEc7myNSRjjLn6qvCSUdyoq7fg7fJcL0pn7TLy0CohPqGNLV5BUKJXCJB2a07gsR54BT8JGPSv8pYSDNT6YHDL%2FXNf7xf7fDGr%2B5I%2F%2B5UUOg6Br7uuY%2FA%2FjhBc5vTGzG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 74a239dafbceba9d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 206 KB
73 KB 90ms
32ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7GDHT1MRVD

Requested by

Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bfc90612f44192187d6af79c8a43ae7463619f5932f13821ce826e9b0d01e001

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74241
x-xss-protection: 0
expires: Tue, 13 Sep 2022 16:23:11 GMT

GET
H3 200 64f09ab5501b986697cb9d7fdc9aea40.js Show response
www.givemevibes.com/wp-content/litespeed/js/ 10 KB
3 KB 93ms
93ms Script
application/x-javascript 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-content/litespeed/js/64f09ab5501b986697cb9d7fdc9aea40.js?ver=d37da
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62ce18b0b2fc8e96a360fe63778c85e60ae5b920b8a0a80ea65c8b3d3d09b178

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 16:23:04 GMT
server: cloudflare
etag: W/"289f-6320ae68-1fdcf1;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0PMw16wpqzMjwB9cwU9LYGQIa8FEZQRTwzy%2BxHFpA8LXgnK3PzDGhvxtZl1Dl1ZUD%2BzzHJ5rSa1VEq1KuwXm%2BF0dTrh1T6HOBGSSwAIbxi7kzUkNyMydAxWuXLg4fJ%2F1t9fhkA2UAci8waaFWBy32pgL"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239da9b03ba9d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Sep 2022 16:23:11 GMT

GET
H3 200 2224bc8464e7b10b9beeddc57a8d11b9.js Show response
www.givemevibes.com/wp-content/litespeed/js/ 687 B
890 B 98ms
98ms Script
application/x-javascript 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-content/litespeed/js/2224bc8464e7b10b9beeddc57a8d11b9.js?ver=d11b9
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fc27c139e75b3366370163dcb8451384a850dacce310af205c75c0ce86d264e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 16:23:04 GMT
server: cloudflare
etag: W/"2af-6320ae68-1fdcf3;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rq6XZOmE6Roq1t3gugGkoxLuYznofl%2BtK%2FXpXEF4ifOp6O4bC3QAy%2Ftu%2FA25YELV%2B8OEJbG7ziUVlR5aWdRsCIH0kktdI2vlCfE2dRLgkWgqpTDsG9M1U%2F%2FllBxATjNlcKAXT5y%2BCf2WPsjm3WaTaID"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239da9b05ba9d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Sep 2022 16:23:11 GMT

GET
H3 200 7ee832d9869183a7d673b7ec6c7be139.js Show response
www.givemevibes.com/wp-content/litespeed/js/ 9 KB
3 KB 110ms
94ms Script
application/x-javascript 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-content/litespeed/js/7ee832d9869183a7d673b7ec6c7be139.js?ver=a7549
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0013c97074c679815231f1ab3b61d31efb77402942c32f54d80589e3296197e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 16:23:05 GMT
server: cloudflare
etag: W/"25d1-6320ae69-1fdcf4;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GiTJApxGbkBhAjx9eKGKaMjlLpSSauzOQYdoIT%2FY3t5HLTAcjQSpS1bNdNximWdb0DjQugU74NH9wTJbG4wDx6bcXDLA1YUKtUMscOZxXbm6qURFEl4axXYfu4aguVOyro437gQ4590P0ZllU60jdcoV"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239dafbc7ba9d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Sep 2022 16:23:11 GMT

GET
H3 200 59e0c3e6802d27deeb3b9c82c22d39aa.js Show response
www.givemevibes.com/wp-content/litespeed/js/ 12 KB
4 KB 108ms
92ms Script
application/x-javascript 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-content/litespeed/js/59e0c3e6802d27deeb3b9c82c22d39aa.js?ver=88117
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d06a4b0b8fe46f56987ef57986870c9a47b72a64cc99ab182d5596136c90916f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 16:23:05 GMT
server: cloudflare
etag: W/"2fb4-6320ae69-1fdcf5;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RzWPauWxmxRgFBt%2F7PVmjWmTQqCadWdQWseC7VBF8PuygU67kM%2BPQ5WJavcDtN3y7P6t9l7%2BI3yht3cM%2FLhThyujTRP5T9YhThftgEPcPxByZkT2J5FepaeVnoESDtfAmtyRF75y4grtKygS7DIWsi5%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239dafbcbba9d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Sep 2022 16:23:11 GMT

GET
H2 200 e-202237.js Show response
stats.wp.com/ 9 KB
3 KB 79ms
18ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202237.js
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc: HIT hhn
date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 03 Sep 2023 22:05:59 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.givemevibes.com/wp-includes/js/ 18 KB
5 KB 112ms
108ms Script
application/x-javascript 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/padres-dodgers/12860/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 12 Sep 2022 19:09:33 GMT
server: cloudflare
etag: W/"48b9-631f83ed-11df38;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AMp6PPFxjSIz5sBORlTxdookmkLUdlPeUXPkFmEoj%2F%2F%2BcSZu4qDowo7aOppz0zx7zSpjNGOcnSL3zOftSu9Mvh2Aoex7D1%2FFN0wdJlmqZsHUZTw24WFdX3FEYDjsztABXN0z94H2I5wo6mYuUC4bkG5O"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239dafbcfba9d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Sep 2022 16:23:11 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 205 KB
71 KB 504ms
128ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d09935c94b4577fff4e1de0daf084674937f708d4fcfcf689d131d5d9b5a7852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:12 GMT
content-encoding: br
last-modified: Thu, 25 Aug 2022 15:41:08 GMT
etag: "63076de4-118f0"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71920
expires: Tue, 13 Sep 2022 17:23:12 GMT

GET
H3 200 astra.woff
www.givemevibes.com/wp-content/themes/astra/assets/fonts/ 3 KB
2 KB 108ms
107ms Font
application/font-woff 2606:4700:3035::ac43:d8f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemevibes.com/wp-content/themes/astra/assets/fonts/astra.woff
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5

Request headers

Referer: https://www.givemevibes.com/padres-dodgers/12860/
Origin: https://www.givemevibes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 12 Sep 2022 22:47:35 GMT
server: cloudflare
etag: W/"ce8-631fb707-2f98e2;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLwYEvVW9p1pTfHZSBYO96fMOrcBuTylgcuIFzyHtlnrAoSRtKwYZ%2FmPp%2FIHR4QzJnLzxm%2B%2B8%2BEJ9d9q0LER%2B0DsrTFqMQBsG%2BqJZkOiJABdSv0%2FVgvW1jf8m83QWBaialvtPoaOeRRYrtUhK7ne6wD6"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a239db0bfaba9d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 36ms
18ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A11.3.1&blog=78821520&post=0&tz=0&srv=www.givemevibes.com&host=www.givemevibes.com&ref=&fcp=494&rand=0.1231906523644799
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Sep 2022 16:23:11 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

POST
H2 204 collect
region1.google-analytics.com/g/ 0
350 B 153ms
24ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7GDHT1MRVD&gtm=2oe970&_p=2137624118&cid=606665054.1663086192&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663086192&sct=1&seg=0&dl=https%3A%2F%2Fwww.givemevibes.com%2Fpadres-dodgers%2F12860%2F&dt=Page%20not%20found%20%E2%80%93%20Givemevibes&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7GDHT1MRVD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 16:23:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.givemevibes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 346 KB
122 KB 109ms
72ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6074512008324795&plah=www.givemevibes.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

741ea6752615f0621e3908c7552984905d35eb9e7dc0a9ae1d2315daf9cdc463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124747
x-xss-protection: 0
server: cafe
etag: 14178485492968659462
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 16:23:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220908/r20190131/ Frame BF67 10 KB
5 KB 67ms
15ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220908/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.givemevibes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3410
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 15:26:22 GMT
etag: 8616628553774171045
expires: Tue, 27 Sep 2022 15:26:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
650 B 106ms
26ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.givemevibes.com&callback=_gfp_s_&client=ca-pub-6074512008324795

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6074512008324795&plah=www.givemevibes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

237417d9aab9cc39c441f8c1b69adf343b3e1696d9d94e107e6a11bee174db25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 206
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 97ms
24ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.givemevibes.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Sep 2022 16:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 99ms
27ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.givemevibes.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Sep 2022 16:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D45B 189 KB
53 KB 538ms
503ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6074512008324795&output=html&adk=1812271804&adf=3025194257&lmt=1663086192&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.givemevibes.com%2Fpadres-dodgers%2F12860%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663086192085&bpp=8&bdt=613&idt=265&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1290748830709&frm=20&pv=2&ga_vid=606665054.1663086192&ga_sid=1663086192&ga_hid=2137624118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1937596444855670&tmod=342279473&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=294

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e7a62f5966e6dccecfe34460d5a35c2c52a20c7e4a9de430bff7dc0e265da39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.givemevibes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 54735
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 16:23:12 GMT
expires: Tue, 13 Sep 2022 16:23:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9051 81 KB
29 KB 691ms
660ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6074512008324795&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663086192&rafmt=1&to=qs&pwprc=9203507082&psa=0&format=1200x280&url=https%3A%2F%2Fwww.givemevibes.com%2Fpadres-dodgers%2F12860%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663086192093&bpp=2&bdt=621&idt=290&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1290748830709&frm=20&pv=1&ga_vid=606665054.1663086192&ga_sid=1663086192&ga_hid=2137624118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1937596444855670&tmod=342279473&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sgTs6KhtY1&p=https%3A//www.givemevibes.com&dtd=297

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99491e2b1eb422eeca9ff0a192f2ee475fd64e16ac36f7a17241d097cd4f8c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.givemevibes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30005
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 16:23:13 GMT
expires: Tue, 13 Sep 2022 16:23:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9760.Vb4DKn0EqJ5_PLx1fwhOR8hVrQ2pjLV9FVuRc7L6RlyEtIZP51UHtkKSuU-GrlN6.9m9rerY6unEFsqAcbobp9VoCICw%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9760.eOAyvdBHGMwo7q9EWL_tDh9f3DEgUinpP4X-73oDp70cFUA-YVmZsdiVLQ0jLlB1mqUgsxjbb3bcsSZAYIYJbg%2C%2C.SWzU31yvcSEl80KEm1b1QYwYyv0%2C

75 B
75 B

64ms
63ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9760.eOAyvdBHGMwo7q9EWL_tDh9f3DEgUinpP4X-73oDp70cFUA-YVmZsdiVLQ0jLlB1mqUgsxjbb3bcsSZAYIYJbg%2C%2C.SWzU31yvcSEl80KEm1b1QYwYyv0%2C

Requested by

Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:12 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9760.eOAyvdBHGMwo7q9EWL_tDh9f3DEgUinpP4X-73oDp70cFUA-YVmZsdiVLQ0jLlB1mqUgsxjbb3bcsSZAYIYJbg%2C%2C.SWzU31yvcSEl80KEm1b1QYwYyv0%2C
date: Tue, 13 Sep 2022 16:23:12 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 76ms
64ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:12 GMT
last-modified: Thu, 25 Aug 2022 15:42:57 GMT
etag: "63076e51-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Sep 2022 17:23:12 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/83496901/
Redirect Chain

https://mc.yandex.com/watch/83496901?wmode=7&page-url=https%3A%2F%2Fwww.givemevibes.com%2Fpadres-dodgers%2F12860%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%...
https://mc.yandex.com/watch/83496901/1?wmode=7&page-url=https%3A%2F%2Fwww.givemevibes.com%2Fpadres-dodgers%2F12860%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Af...

420 B
501 B

69ms
68ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/83496901/1?wmode=7&page-url=https%3A%2F%2Fwww.givemevibes.com%2Fpadres-dodgers%2F12860%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%3A494%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A994305996891%3Ahid%3A17110953%3Az%3A0%3Ai%3A20220913162312%3Aet%3A1663086192%3Ac%3A1%3Arn%3A710427418%3Arqn%3A1%3Au%3A1663086192457449568%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1663086191341%3Ads%3A1%2C63%2C57%2C5%2C%2C0%2C%2C449%2C1%2C%2C%2C%2C583%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1663086193%3At%3APage%20not%20found%20%E2%80%93%20Givemevibes&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

04eb0a2eea8638f191623a34ab620fc8906955df8f365bfc60abeeff0fd86cfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 16:23:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 13-Sep-2022 16:23:12 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.givemevibes.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 420
x-xss-protection: 1; mode=block
expires: Tue, 13-Sep-2022 16:23:12 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 16:23:12 GMT
last-modified: Tue, 13-Sep-2022 16:23:12 GMT
location: /watch/83496901/1?wmode=7&page-url=https%3A%2F%2Fwww.givemevibes.com%2Fpadres-dodgers%2F12860%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%3A494%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A994305996891%3Ahid%3A17110953%3Az%3A0%3Ai%3A20220913162312%3Aet%3A1663086192%3Ac%3A1%3Arn%3A710427418%3Arqn%3A1%3Au%3A1663086192457449568%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1663086191341%3Ads%3A1%2C63%2C57%2C5%2C%2C0%2C%2C449%2C1%2C%2C%2C%2C583%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1663086193%3At%3APage%20not%20found%20%E2%80%93%20Givemevibes&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.givemevibes.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 13-Sep-2022 16:23:12 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 149 KB
53 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cdb88c645bffac88f6377b2f91996ef9fc0d5635a14e6cd27faef749e2ef4ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54578
x-xss-protection: 0
server: cafe
etag: 11462983680215675404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 16:23:13 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 65ms
25ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.givemevibes.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Sep 2022 16:23:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 63ms
26ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.givemevibes.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Sep 2022 16:23:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/ Frame 721F 10 KB
4 KB 19ms
16ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.givemevibes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74713
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 19:38:00 GMT
etag: 8616628553774171045
expires: Mon, 26 Sep 2022 19:38:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/ Frame 449C 10 KB
4 KB 19ms
17ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.givemevibes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74713
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 19:38:00 GMT
etag: 8616628553774171045
expires: Mon, 26 Sep 2022 19:38:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 9051 6 KB
1 KB 89ms
32ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6074512008324795&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663086192&rafmt=1&to=qs&pwprc=9203507082&psa=0&format=1200x280&url=https%3A%2F%2Fwww.givemevibes.com%2Fpadres-dodgers%2F12860%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663086192093&bpp=2&bdt=621&idt=290&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1290748830709&frm=20&pv=1&ga_vid=606665054.1663086192&ga_sid=1663086192&ga_hid=2137624118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1937596444855670&tmod=342279473&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sgTs6KhtY1&p=https%3A//www.givemevibes.com&dtd=297

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 16:14:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 13 Sep 2022 16:23:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Sep 2022 16:23:13 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/ Frame 9051 2 KB
983 B 83ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:20:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 16:20:45 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/ Frame 9051 23 KB
10 KB 67ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220908/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 15013890920676311251
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 16:08:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/ Frame 9051 3 KB
1 KB 67ms
31ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:20:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 16:20:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/ Frame 9051 17 KB
8 KB 71ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7592
x-xss-protection: 0
server: cafe
etag: 7248493764890666469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 16:20:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9051 142 KB
44 KB 113ms
48ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44876
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662981969255015"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Sep 2022 16:23:13 GMT

GET
H2 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame 9051 33 KB
14 KB 69ms
27ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 15:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 15:06:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9051 0
0 95ms
92ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgL-LcK4gY63rH8aTygXMxrbgB8PV7KZsuKGwjuIQ576Ov-opEAEgp8n_Z2CV4pCCoAegAf-__PwDyAEJqQJ7M9XT6Q2xPqgDAcgDywSqBP0BT9AUeNu_wBrs-PlUaFmTrZZWL3-L9PNVIF49yoO4gi5Xnma-HZsyuFND64xpLZt79h4UnvSaqKs8vPlkAuJrNE1uDbJeZA5mJIKpRFujeNRbz0K42n7SrnXtcq3K-K0pCRQHYk3MGI5tEISd8x0wgVF_h0mfflrAWlntqH672i3hPJcBzNAYE16pkEil3ECJdGC3QEsQvUvHHv245A6J-Tn75Z32b9Y1UeAbGExU4R0ulTw-UDI3YC1KfRFeq8jJt8b234Kvz0gWo2-fOiQOgOjrbDtDuP7c2-BfLa3PlClMubPVurGS8Gra57gsbDGd9qV1lp2xzh5s4PBExcAEnqG3uIgEoAYugAfpv4MDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ-dMG0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMDiBQD0BUBgBcBshccChoIABIUcHViLTYwNzQ1MTIwMDgzMjQ3OTUYAA&sigh=pUvGNxCZjTc&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6074512008324795&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663086192&rafmt=1&to=qs&pwprc=9203507082&psa=0&format=1200x280&url=https%3A%2F%2Fwww.givemevibes.com%2Fpadres-dodgers%2F12860%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663086192093&bpp=2&bdt=621&idt=290&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1290748830709&frm=20&pv=1&ga_vid=606665054.1663086192&ga_sid=1663086192&ga_hid=2137624118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1937596444855670&tmod=342279473&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sgTs6KhtY1&p=https%3A//www.givemevibes.com&dtd=297
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 13 Sep 2022 16:23:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Sep 2022 16:23:13 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 721F 4 KB
709 B 75ms
45ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 16:20:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 13 Sep 2022 16:23:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Sep 2022 16:23:13 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/elements/html/ Frame 721F 19 KB
8 KB 58ms
33ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220908/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec9ae04448369cfd061688be0e2203a5696e42a15d1c179e7ba7849acb2c63cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:21:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8353
x-xss-protection: 0
server: cafe
etag: 17005385338368023289
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 16:21:32 GMT

GET
H2 200 2728354180183721846
tpc.googlesyndication.com/simgad/12263313056858373421/ Frame 9051 10 KB
10 KB 54ms
31ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12263313056858373421/2728354180183721846?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb9e1f299842e5b2324e0a3602e8b48f55913556da888ae39979a4b23741425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:56:00 GMT
x-content-type-options: nosniff
age: 444433
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10371
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 12:35:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Sep 2023 12:56:00 GMT

GET
H2 200 2728354180183721846
tpc.googlesyndication.com/simgad/15272552105876085972/ Frame 9051 1 KB
1 KB 55ms
32ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15272552105876085972/2728354180183721846?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

857581cd9687fed44940bc427ce2d28865b33dde3d95e199299dd029dc8d1881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:02:34 GMT
x-content-type-options: nosniff
age: 346839
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1172
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 15:19:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Sep 2023 16:02:34 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 449C 0
0 423ms
74ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNd0e8BUksDF3S5VkE6loyiaC4PVPUMt0tNjkkXIkrB5F0dsjNqnfNX9H6dRxrp7Uzsrpj4SyruAmcvHrLQrVcbfFdaGJkqBh6dnKqlUxuq0EKZ1T5KTobm4bnXaFFe2kD5I5oyckC1O7D7IgSUoSq2-I118Opm63KAvC7yiCBnsGPKhoQiTBQMAoc84dfFC_-5J4V_7rGeF1rg2dp1nLQuQAQP2UTHa3KPV2OkU5GceL6F07tw37yxasquxtqUNQWplGdDa8dUkTEf4pEcLovHr-KqE6U1avFQLnLM2H8ZRQQOf5C6-edutv8X_0JoFE5jUFVe_Vhf0HdvDeXTfFG25l1VezE7Zs-p2J4ia1U-wh21nGFVX0grq4EmVfM3M3AOjl5UDj98NQjgZfuFH0G14Bco0lAbO2QBSNikvsFgCRf7Uoor1rmLg45eXUHYlYfK4ssLxiWGMZe8Eo7wt8D-kGg6ChwvD9jKHJhqHIJ2JWknpJ8O9gW1AW8LkRB8qbOvMgUzU58-7GosBBV0_BFB8S7FlfAWZRzsj4D5gLxNkfwgvVy-r2pU31AK9uUbzcl30erKSfL1q3QHIfl_t_gVptG86NFIsdgqhE_r9Oe7_4D8EftgkQ75xjyAhdSoyAI9Gk_cTpsoTXEPqmI_UBVXWpyJS6nTtIPaacuInEwVUCXmPicX5X8_aYeFdK0J_Z5WpfG2YxObTzD8HsLzFIUZBdjNwmjVcbJOe0J_9HIyBOHP5hca78lqVyD9VBZ1Ew9JbLmYKiVi4PqeTlyl79ikApVK-DEGIV-w5ZumbOSwb1f6GiP5fOEhCXZoWZdjZJkytBwF4suyVitB2FMsVsAoII29iue5jzAyhVTwEN9WuIPFx48S07yTbZGM9P_1me6De06_qRbxhLltPCNb_uelOGwWYqCTJSimidTgLi0ooN99rzQPnx1iloccyfh_8m6aYjd0RK1uBMKOSqmlQ1CYfLu-bT9pe1lohwRhvgpf2rKbdIutpLYMR9WMLivsdAUJ0rg-m9rMNXX3wLeiTbrbaXZY_TcCZ4C&sai=AMfl-YTT53rEVSpBHtr1jOHK8P-yFLr2eOo9uED50pTtv1OJByREHxSu5NhuzA&sig=Cg0ArKJSzGuYWYkGVq5mEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 13 Sep 2022 16:23:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 13 Sep 2022 16:23:13 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 449C 106 KB
38 KB 377ms
19ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 13:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9644
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Sep 2022 13:42:29 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 449C 41 KB
15 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 07:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31826
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 07:32:47 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/ Frame 449C 34 KB
14 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e35ea6f8a65c6f25070a3de3b07d449b5aafa41d0672d17ed2767f119efc6533

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14092
x-xss-protection: 0
server: cafe
etag: 292519285270446817
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 16:12:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/ Frame 449C 3 KB
1 KB 45ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:20:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 16:20:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 449C 142 KB
44 KB 64ms
60ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44876
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662981969255015"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Sep 2022 16:23:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/ Frame 449C 17 KB
7 KB 46ms
42ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7592
x-xss-protection: 0
server: cafe
etag: 7248493764890666469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 16:20:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/ Frame 449C 23 KB
9 KB 54ms
51ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220908/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 15013890920676311251
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 16:08:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/ Frame 4C86 23 KB
9 KB 313ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220908/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 15013890920676311251
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 16:08:03 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4C86 8 KB
716 B 68ms
24ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 16:20:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 13 Sep 2022 16:23:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Sep 2022 16:23:13 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/ Frame 4C86 14 KB
3 KB 310ms
17ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:45:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:14:04 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/ Frame 4C86 357 KB
123 KB 311ms
18ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

253d9f8f590d4a7587f9ea63e6a1ec9a58800359dfb311dbf9d793bcfd46b128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126309
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:45:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:14:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/ Frame 4C86 17 KB
7 KB 314ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7592
x-xss-protection: 0
server: cafe
etag: 7248493764890666469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 16:22:01 GMT

GET
DATA 200
OK truncated
/ Frame 9051 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 397b3a8e788ea5459a3c9e517b41c71198a907e1e8bbe244c117f46091dd1a51

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2560 22 KB
8 KB 33ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 31826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 07:32:47 GMT
expires: Wed, 13 Sep 2023 07:32:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9051 15 KB
15 KB 242ms
33ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 102956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 11:47:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9051 15 KB
16 KB 222ms
17ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 212012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Sep 2023 05:29:41 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9051 15 KB
15 KB 216ms
22ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 462082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 08:01:51 GMT

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame CC44 36 KB
16 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 21:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Sep 2023 21:29:55 GMT

GET
DATA 200
OK truncated
/ Frame 449C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d39fdc7bb291d13266c59bac9efd5c521875f7ce8e2cd9acdf564186b072110

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 449C 8 KB
4 KB 352ms
34ms Script
application/javascript 2a02:26f0:ea:4a7::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13361095&cmp=25152005&sid=443002&plc=341442084&num=&adid=&advid=8650961&adsrv=1&btreg=533301858&btadsrv=doubleclick&crt=161389764&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:4a7::4469 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 57da8124a94581b52791bfd227954c582002ed07c22f48ebce43d33af4b22be7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 16:23:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Sep 2022 14:57:03 GMT
Server: Microsoft-IIS/10.0
ETag: "8089541581c7d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3314

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/ Frame 7591 5 KB
2 KB 152ms
116ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b514cb89ff3b01b52524153ff2de2033ec3d0624e237d0eab7d114fb6bde11a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 498593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1677
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 21:53:20 GMT
expires: Thu, 07 Sep 2023 21:53:20 GMT
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 4C86 0
327 B 324ms
44ms Ping
image/gif 2a00:1450:400c:c0c::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l80ekvv0&c=8378919592190&slotId=4189459796095&qqid=CLXA8O2WkvoCFY7juwgd-IUGAw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::78 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 16:23:14 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C86 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CVzXicK4gY7XIHo7H7_UP-IuaGMGftIhsxYPm2aIQ99KivcABEAEgp8n_Z2CV4pCCoAegAaOU_PAoyAEFqQKFLiZrIW1tPqgDAcgDmwSqBPsBT9DpWI8PxLCrfLzstEmaVkaP_13ceUSO0ir-plLOMNk36x2TQY1aFLb5XTXd_PVK_MbQ5XPGe2PWqWDQCfS0G6PArn_48g6b9DrsG1Tc1ryRg90XQCECMIOU_YuRCbUEfr41AAtw80_UzWOCGFQx13x2Rks8uUi3dxpQ72_J_D3_6vKwZMBxWn0xdiNIs56b59LfSowNow_q_IgQaUwS7xdIONZrm4u15P41Tyg6ah3tiGqgPjuC1hkCfz8xdXyTu30L26p07ibojvvh5li83YvVhaWH71QVWymkRaIGgXaYkjU1Y6AtfoDS-Nbx6Af14TV-BUUoer9Qm-7ABIeZoJmGBOAEA5AGAaAGdoAHo8zM0AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE8yypRDIE9DGg-ED2BMKiBQF2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1663086193748&ai=CVzXicK4gY7XIHo7H7_UP-IuaGMGftIhsxYPm2aIQ99KivcABEAEgp8n_Z2CV4pCCoAegAaOU_PAoyAEFqQKFLiZrIW1tPqgDAcgDmwSqBPsBT9DpWI8PxLCrfLzstEmaVkaP_13ceUSO0ir-plLOMNk36x2TQY1aFLb5XTXd_PVK_MbQ5XPGe2PWqWDQCfS0G6PArn_48g6b9DrsG1Tc1ryRg90XQCECMIOU_YuRCbUEfr41AAtw80_UzWOCGFQx13x2Rks8uUi3dxpQ72_J_D3_6vKwZMBxWn0xdiNIs56b59LfSowNow_q_IgQaUwS7xdIONZrm4u15P41Tyg6ah3tiGqgPjuC1hkCfz8xdXyTu30L26p07ibojvvh5li83YvVhaWH71QVWymkRaIGgXaYkjU1Y6AtfoDS-Nbx6Af14TV-BUUoer9Qm-7ABIeZoJmGBOAEA5AGAaAGdoAHo8zM0AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE8yypRDIE9DGg-ED2BMKiBQF2BQB0BUB-BYBgBcB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 16:23:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 4C86 27 KB
16 KB 330ms
64ms XHR
text/xml 66.102.1.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-B68HvcDlbLpRhbX5WTbzLMLwrbj63qpzRVs2pveDLDCdLOZ0f9ZhEuj-pyRC5EAnx2RT5-pLUqpHM7j4WyUD-El09bXQ&cry=1&dbm_d=AKAmf-B5WQV-40Ro_n49yCoxfZdCJT2N0AF5oroXJ_Li_4Avp4rgIsy3JXnqBwhTWH4alx__MAjRTQsdmx3s7EwMWv-0uupXyH-nUJ4RI8PKEgDw8TNXo3AuwF6DHZ0XUUnxv0j4AUgKZMxMnoOYJoBtQUrf4vixMMNZYcJJHBwZa-kXIVzZzeTJg8maGWvakvxWD_ywYkyvOvwsQFkRzUfZ99JMCTc9RTD832qPweMBe-9NSHkyEpv2k85EoyUX7WEUcXulblTyx0BjX2xPKF-q1xY9i0plLp8kOp78m1893TV2IseOKWLxqzfUo_fL7PPeBb3WmIARBJHvx3KgUCYgfcGDdTQTfFT7M9cxRe1Hzn4yroozuIK9CC7fyDU5V6v7-i9DeL_-Us_4WzKlmU02tdsdakVI079ER6zPJV9qR76nDX4ngyA9WE8zq7DtNLq2VvfZoyD-odhXHCOJQxgQHVLhPbuiaLaWz7cJ9eaNLuH470TYZGYsikuPnsQAtmL6HlTwcK0EYmodzubOlsb2hUi82PZT4yBNDEJludlg59vSW5FTLJY2V5FN_H12W9qJ8AUvLYcegVntOuStapaI0DPaR-pfHgf8q_3WJEtAtUeqIhrK9g53QUccu_tMnXFodQotOavBBjwu2Fg5NRz2Q1oJZOtqSAc5HC9tdlXHsWu4ehCl6lacNemioFTgZ7j3RTTDxcbLKuGZy6-JUw0cNwGuS7BvOZREwYbAw7xllkhutseHib714O7gnc74c_z1gqCs7H-OGNj9cNlO45jo_5r7Kn7Sa19QBOwjavylPbNjJGTgRe0Ze3FjIsrHN53eUPkBkfCvByW3-X9668m_axKu4VLhRt593aCDMBGcRNvGL1H6Gmcn5dIrK8YVcEatT7bI9WrPoV5qXVZw8sQ0fYVukoiQJ4Mf30HimCPtyRbw3DRLNiQGzkp-MdHSPksbmqf7TFyeDAoJvRYuYwPTuDp1LygJl75aThZAwU9QCUdJScyrwZ4Rptz1hqRgP4O6R9E0mlCjnORYz_fQDLJgW_FgPwDpS-7ds899gENLh0TFEz4e8jRrqFSHWZiLJXUtXRc4SbJGVqyfrswp_qbM0803DXuW4AIXtLMtAN7E0PXHfPhqJhm53dyAlj6LAyMkwZ_x4K5y5tjsqQAHbpXGH8QzH81Z_8e8dPeyJJ3Jo6QTItkoYjBahJu211uIxrJlcOkRTczJYkSKnqrr7b-KEn85gxx0nyJp66KesngFmp9JA9g-d-H7C3KfF62citBfkO493_3Wcl7d6RL9sVd_RBR39QWKrz3wugAhj9bOfupl9moPIsyO9cQ30x5TRfuYNwNdubzmPYnAyjuwS1TC1rW6mRdPC0Q5_tZJtTYOxI3IxnCgmw2POJ5OtgThvXF2ajg_TN9qww_qAiq0cwSbE5TzNA_occfbfbkvlpGjcvrhNlzXJGU59-G8BiIZ2IV_keLfUQBtA-daq_MUItdz2SayBb4JSea4BN1ghQPlOYtM1veZgQWgNnHRFpY_JX9zIXeaU1hpHhlCkIHkMTVe3ODHdEmZO7NsMQkDGdVMGtlAmOM3w3k4-FagEEMtAbTboYMxiCohnDTL6MZkSGZApJ2dmz7swKhjNEvoihiEvDvKij2sBhZ53zhGJAjso1ZGgtE25K5JDyLp4KNGvhvZHOdnJrUXHk_Fkg5fMI236mxNrkA9xkmAJYQq8kDJTP1IkgjsSUeqRKZS1w966EXUtb9VjhHhP5G8WUBWrXpjMpAjuettTswQ0fRCyzrciKy3-GWlmiCXjDh4paL0ebRG5xZRbPMqg_Viy8tk9GRScjtXZA01geIBTVjIZ2Dy_OEWcv1lF5PQIkqsnJphQvtYNDaDh4n1T-m84ZSUIcCFvyj9S_pl47uGRsn-7tTif3q68TReUwms-vvkdeEHZQdTqqZah-K0Ll6g8vzck_Fq53kBvilibAlRsG7E9WegXr7-fthP1F6I_AKvVdjR587LnbKtXsiXuT7QIU_eMV0VbYDnWM4Hj6FyOevMUgO3BFFdYV3sv4hkUEeqghO6th4rucljOHU2bcG9HkyStixipNYLs-IG09qZCERcZm3Zba1PFnRXPVKtvqCkGPXNxJHb-RG8I_wMXrVO_LPpKagYMrY6s5-DmLKJGSbnP_7MNQJQigqBOw28S6F9C3ySrjgNFDSIoUh5Y1G5d_CPt_DWFfktkSU-KcdMHguFHmdvhi7t-DI9fmr-n6NqI6LD3v56il8P05lSXDx46Rpd1aPOfDL8_PGU2qulgEavqeGkTXzy1M8HA62Z5KaHMXcOUitJff3WJ88LOZOwA2eJCCA8-M7NpSCG0RWKGECJZ9pD-mRNgX13yalwlv5K8SYWjx1kIsAvmuRLRByaNNlWNzYJZc2TJTCRbQTE5CCG53XYstk1oY3tZVXJcJxrkylOQbrt_1zQ2OqXGUKVrd5FAOtefRU0Q00ZT4YrR8jMiBfZ5FbykyEA-cS_5LHD8W6Yl_XErEjEsRQn916YfQ8winnEkzPtsxbJd97qZ5cPGOyOX-arYbHCIhMS_qCP0PNrq8BaSWzGCFwSFL_8475C58rlALKibvyhaiIWKDxcyFk8txZemEclyoZRHpXW1jOE0wMVDgFSNTw_D5L_OldTpp6ThV_3rC5prNpEdjcloqddJATjk8NxF1IF04BKDOeBd_aHUsokA-AwnpAMB7Kb98rOkc17EDWGWOgvZV4W32VbyTJ6XPdAMHZPi75z4BeRlGaBqUuPMTGioyDWuovPDKkiQXt_qNo-M_en-8PY7cOHJ-aBZb1lEl2sUwsqaihPDaifpCK14R_DWQX4a6UTMvdoKkiGEMMCILccwd-XKwa94Y7HlIbGVyD5OCKa0vDLDUV3HDfxOdWbH4g1NchLh2afQ8ymI6ACVwlqM4jj1zdBn3_E2WGwrfWFYH_qKXiJVWN3w8OS-FwVkcMpLcUIcWJ7YrmJQZDKcQDxogMm-oWEKdFbq9HcgqUEiVYJkWk1d73N33hHkdYO5ETnq316I3kTkigvwrC03gRl9gAML7p-CyZmafb23p3R2Ya6G5A_DFWq9UWbG4zcD88ecs7AlUOc9fRxyQOcoCo3J_1qeSA0Ll9tKcZRa9s0EPcI4WH7qAv90UPY0MPUr7d4vYm-l0tkK_PlrKQqt7Wj6OqqGZHSq3n1QpiDqoE3b12EAn1GoW5n6km1BeAzfBsR0o4Cxb7fJSzUMdKz1FQ8Bcz8dm1hmVnLDnXGGdG1zIiOjXIN8SuLGAwU0C7rPbBGsi8AxSYwJy5O2vjS28PFuSyBPEedUHFkivu9l-2owGl5XV7Q0Iy_BZV2vgY32KNB3qfJnl-4MkeI414uMDvC_kWmhUv9qQNixHl0fUAoZQ7UQ0R_mDF148NCmkY-5rZ3Ul1xqd50Ixdw_-NWkXY2NmVeYl9kjXZyFvSNe5g22UgSrIrrZGZ8-YTeRcahXQ&cid=CAASBORoa4o&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f154.1e100.net

Software

cafe /

Resource Hash

c2612a41b528f93e3a76ed81d65c38d0d8f896706e15e14658fd399287fb5b10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15613
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2560 36 KB
16 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 21:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Sep 2023 21:29:55 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/styles/ Frame 7591 6 KB
2 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/styles/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5ca0bf742f07d04a8d0d989c0d3f094bc395db2632a0239cd94a1b41dd64ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106168
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1867
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Sep 2023 10:53:46 GMT

GET
H3 200 brand.css
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/ Frame 7591 2 B
50 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/brand.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106168
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Sep 2023 10:53:46 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7591 60 KB
24 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Sep 2022 16:23:14 GMT

GET
H3 200 easepack_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7591 2 KB
1 KB 250ms
249ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/easepack_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1356
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:22:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Sep 2022 16:23:14 GMT

GET
H3 200 initialLoader.min.js Show response
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/scripts/ Frame 7591 4 KB
2 KB 19ms
19ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/scripts/initialLoader.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27f5b100c25a8ef97876750b81222227c7d5ff0da6626d5fdfa8d4819738d4d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106168
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1989
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Sep 2023 10:53:46 GMT

GET
H3 200 fontfaceobserver.standalone.js Show response
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/scripts/ Frame 7591 4 KB
2 KB 18ms
18ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/scripts/fontfaceobserver.standalone.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e1adee22626162c0fb089096a3bd419c5a57d50043e31bf6e7b2ea292f6341f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 504379
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1674
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Sep 2023 20:16:55 GMT

GET
H3 200 logic.js Show response
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/scripts/ Frame 7591 7 KB
2 KB 17ms
17ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/scripts/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3bfeb759bc33e947ceffcc57d70d164017bcb0426647bc7115caeecd9ac74b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 504379
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2185
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Sep 2023 20:16:55 GMT

GET
H/1.1 200
OK dv-measurements3065.js Show response
cdn.doubleverify.com/ Frame B01F 545 KB
105 KB 38ms
38ms Script
application/javascript 2a02:26f0:ea:4a7::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3065.js
Requested by: Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:4a7::4469 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e6247a40d5a539486cf837c8fa793e51beab82727fa19c59edd21f8ab389a61e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 16:23:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Sep 2022 10:40:07 GMT
Server: Microsoft-IIS/10.0
ETag: "809dad305dc7d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106952

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 4C86 41 KB
15 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 08:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29075
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 08:18:39 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-4g5ednde.c.2mdn.net/videoplayback/id/5473a6f5f3c75b16/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1694622194/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 4C86
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/5473a6f5f3c75b16/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1694622194/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r4---sn-4g5ednde.c.2mdn.net/videoplayback/id/5473a6f5f3c75b16/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1694622194/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

416ms
68ms

Fetch
video/mp4

2a00:1450:4001:17::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5ednde.c.2mdn.net/videoplayback/id/5473a6f5f3c75b16/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1694622194/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/025688502AAC41E46A6CE86AA8F82143E09C360F.7D686338EE15FB3D070D45A5D4627CD2D2336379/key/cms1/cms_redirect/yes/mh/p2/mip/2001:ac8:20:303::203e/mm/42/mn/sn-4g5ednde/ms/onc/mt/1663085838/mv/m/mvi/4/pl/49/file/file.mp4

Requested by

Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/

Protocol

HTTP/1.1

Server

2a00:1450:4001:17::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 16:23:14 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4363824
Last-Modified: Thu, 25 Aug 2022 08:37:27 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 13 Sep 2022 16:23:14 GMT

Redirect headers

date: Tue, 13 Sep 2022 16:23:14 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 651
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r4---sn-4g5ednde.c.2mdn.net/videoplayback/id/5473a6f5f3c75b16/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1694622194/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/025688502AAC41E46A6CE86AA8F82143E09C360F.7D686338EE15FB3D070D45A5D4627CD2D2336379/key/cms1/cms_redirect/yes/mh/p2/mip/2001:ac8:20:303::203e/mm/42/mn/sn-4g5ednde/ms/onc/mt/1663085838/mv/m/mvi/4/pl/49/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame FC4B 23 KB
9 KB 17ms
16ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 12:45:18 GMT
expires: Wed, 13 Sep 2023 12:45:18 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js Show response
pagead2.googlesyndication.com/bg/ Frame FC4B 36 KB
16 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 15:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15929
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Sep 2023 15:06:50 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame B01F 1008 B
875 B 316ms
26ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=181&ttfrms=45&brid=3&brver=105.0.5195.102&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D8%3AG6%3E6G%3A36D%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D8%3AG6%3E6G%3A36D%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6EU2%26C%3Dl9EEADTbpTauTauHHH%5D8%3AG6%3E6G%3A36D%5D4%40%3ETauA25C6D%5C5%40586CDTau%60age_Tau&srcurlD=0&aUrlD=-1&ssl=https:&dfs=594&ddur=353&uid=1663086194308585&jsCallback=dvCallback_1663086194308489&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.102%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=124&winw=1005&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3065&tgjsver=3065&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20220908%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-6074512008324795%26fa%3D1%26ifi%3D4%26uci%3Da!4%26xpc%3DR4bCA3Iwy4%26p%3Dhttps%253A%2F%2Fwww.givemevibes.com&fcifrms=5&brh=2&sdf=2&dvp_epl=281&noc=4&nav_pltfrm=Win32&ctx=13361095&cmp=25152005&sid=443002&plc=341442084&crt=161389764&btreg=533301858&btadsrv=doubleclick&adsrv=1&advid=8650961&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=388388234709.1343&dvp_tukv=10394170484.368015&dvp_uuid=27398944044.410072&dvp_strhd=0.7000007629394531&dvpx_strhd=0.7000007629394531&dvp_tuid=819965697937
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3065.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 39edbec05e5685adae9a0791091c29958dce1a456a1999b3eca61c84a15294e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 16:23:14 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: close
Expires: 09/12/2022 16:23:14

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9051 42 B
64 B 98ms
58ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssGXieUZYS_872Sa9aHOsWh1uyn726M4qHgr_01qtiqBvx-VuoLZ94IL72OJEy73r0_3EklPqcBjIFj2jdmh_Xjrw-1erVSjXaFOrqDRPZCDHDiEzGZM7ypRuFMQTlhAUs3T4HZlV3y_jah8UWLxZ8lFPhtV7QCyIZ006-5FU7P2BZPCrlvdzXHFNG95UnyXyGXPjd6N0dbecYcQi_nWWtBGM5zqRfkhC6t8NRy6W5QDcrTipnPI02c-QMtG2sA-CC6GH0whU-3j-_MMwCiGMf7-fT0wC9evtzxoVt9tF16B4Z1oCX-7Z01eRN9p1nR4MC8FQ3g-GiGUa1AyJQAO6Q6g1b3h9B5BbQv_xRMF7hc5PAf_YbtXhSV8oImdM_zBW3THO-Na6Ryltg_pla6284XYKMwSa2XzlQ1pVM3A5iFpklUtbvBzObEl5VRnvaqPBEudGDgU_Map8RbCedZkC5L7IPy3zJngJ2dcU4ccS2-x5yPVr0lgP6Y4dzSHhzeXndIPnYsNYkqC6fbgUS-cxxGyEJ12Re17IVTQeze4adWjW8CDAu2hDEEoWP8cY5A3SPtDPGPcltDvshbDGQGjZF5mFFnkWb5c_Aqtfso3fFUXoz-A_A61V4Ysc_nLYdVOYJAWyT1YWtrcHc4TCKuZ5uKqiRV4OSJm5yp2H-8L96prvtMHC8Nyros69mwcUZ_cCqwr_CkrMK_Mr9NsEp-VWEbyonbZAA-KeWWn8MqTZtY_8TgSNuUl7zUJioUQAQLdwKm8z7_kH0Os8r4vO2qxkHNwKxaST_wimMgtK67eAK_PXlECjXF6LLVgtFJ_hCTU2apFduRUVIcA0l8HVv69XPr2nxxN1L-5eH9za0mIr3dLoXRdpuklyBMckarUtWwlLR0r5qU-fALU1W5oF78L_csQsEA5cdGsUrWshYQ7FdagRgviJQww1tp1fW-7A1J7kjv4MtfsqZUfxXaKcNh07mOu1zPdOKbMGcFNR2-SOtywEmUfzGaqG5iAEe6cvKvb7N3d6YBs0m_LYEp8oZUUfT6&sai=AMfl-YQe-ATpVLxoZiemg36gEtE7CJ6Dt66ufqy07ZaIjr6NAMdNwH39x3WH4GKwt9UDHp_RrlGomr3hCFWTOmiAg_8JpfaV5Hctzg&sig=Cg0ArKJSzHehU1UZ-G-3EAE&id=lidar2&mcvt=1132&p=0,0,280,1200&mtos=1132,1132,1132,1132,1132&tos=1132,0,0,0,0&v=20220912&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2767623100&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663086192391&rpt=991&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 16:23:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 chevron.png
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/images/ Frame 7591 190 B
217 B 18ms
18ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/images/chevron.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/styles/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 10:37:51 GMT
x-content-type-options: nosniff
age: 366323
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Sep 2023 10:37:51 GMT

GET
H3 200 aldine_light.woff2
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/fonts/ Frame 7591 24 KB
24 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/fonts/aldine_light.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/styles/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:49:22 GMT
x-content-type-options: nosniff
age: 545632
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24316
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Sep 2023 08:49:22 GMT

GET
H3 200 config.js Show response
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/config/ Frame 7591 594 B
411 B 24ms
23ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/config/config.js?r=0.17474434018599871

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/scripts/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64a782fe60790bf7d4635909cd7a771ab5d6747b36222d415f1d38ba7b091211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 383
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Sep 2023 16:23:14 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2560 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BecHbcK4gY7bIHo7H7_UP-IuaGAAAAAA4AeAEAg&bg=!mJulm9_NAAZTikH4c4o7ACkAdvg8WqLHo_eAKa_y9QrSX6b2M5yAbQTT-KPGpP9bt71wx_5M4CPcOQIAAADMUgAAAC5oAQcKAGjlhB3X-1Y6rhTTzgWek1a9MpEEtmKbIwVrty1OH0RmJg7bxBVyR680bw2lhObnZaONt3_NeNR8VKvffUNlRNKzkpFOosJYzZ9b1kaqjuUrYq6yw5-YYatUkZ90Vr-_SGPKaPHXRR6WiJkDGJR6813VoaGmI4zAGNM_N9yuVlaPBeSJ72xFQQRR-_WQQ2Qbp91nK4R3r2ViVsPUWmzcAMoWwHVNm7jswqzmnXUIOs5QGjOt2D5j_mBnazBB8XF1O2Qk76PLYJdAz5bKTZ5R_5cdq9uJxXpcg34PkabtTd4beEBUnV6OiaHh_faEKtUGlZTGOkBh9FqWSL3d8XOrpFg8itkvyUdaIj1BamhlX5mBLFJDqhmGI03qegIs8af3YtDjEe-l2EVx53pdgRG-INuCjzn1yLsPogL1w6TmeJKIWah7nNZhneNiFXj_WaJFSDw9SfdYhATT-FaRZrGrxrfY7aKg7gKrk-ZpWbRrMt1PleTHPbq8UVCyI-Xg1tnlw0HXyks1-Jb_NDV9NryJmjGVPVNoQMI0kNZlbmzqLXXgrd1Yl5oMqKdGqJH0-P1MpWeHEfL7YZIEI9EA2uLF1mnsHLMimS04UTal6EP7OOQJbKj5yAAsyrntUTmoZfjJ7ZvlJ0XTS_Con9zfN7f2Fs2OPqelOir0jQ9nkJO8cl9mgufJ6MGqozWSUnHOb_UEIUqg5dgdDr07IUDx2FEiXAki6Ksj5mR1ANyceLQH-oVtAteasjk2DcJxW7mvNP9WMYEDEqMtZ9sY0p9zknlb_u-64cvpPgKxjuKG0pwnE7XL1Ybxud382dmO4Bz84jzxeDq1p4c61gCiwWDvDdG3lCD_LGQ8PIW30YYuzesGzdLiwL4WBOtar7Wj3Xw3kijzKjOwo_L3v3Iw5dWImTn22bYdk0xcIsFEEnk1O_gQN9GCF0mE8iTdqI_FnDhvprxsJn7J3W7eJeirmH2sG5T_Qg7Hvj78zTxKtCK73K3SDsPXLsZ3FDpIOCMenMfHbyNtdXP_1_Kie52BUvhzvQkgzaTT1_ieLciTxzhe2gbuSPdDZN8CSFaC3ZLCkd173ePduBs7Yl3YqvEzsUOWpRV071B_y0DS9V7iCgkzFOJWUgOZehmU64Z__nsnIzEkynv1RKPJ5_h_rQNpQL9F1unbdbcHURR9U0izWRFa1jFDJ07cKLkTPA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 16:23:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 yellowChildRun.jpg
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/images/ Frame 7591 20 KB
20 KB 18ms
17ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/images/yellowChildRun.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4894fb425afcd49fb62d006fb1b78f897ebe54fd7c68f44edb5d3ad7ed6965e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:55:58 GMT
x-content-type-options: nosniff
age: 170836
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20798
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 16:55:58 GMT

GET
H3 200 connector.png
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/images/ Frame 7591 74 KB
74 KB 20ms
20ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/images/connector.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 21:53:21 GMT
x-content-type-options: nosniff
age: 498593
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76141
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Sep 2023 21:53:21 GMT

GET
H3 200 introLogo.png
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/images/ Frame 7591 85 B
112 B 23ms
23ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/images/introLogo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a600a6c0810f7fdcd49ec30e999d0be7677c058fe0eb7c8700cc27eb5f92af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:16:55 GMT
x-content-type-options: nosniff
age: 504379
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Sep 2023 20:16:55 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/images/ Frame 7591 3 KB
3 KB 22ms
22ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae20544a2912eeb20cb1749fa9c97c4e3586ef0dc9579b729f656e85d86e23ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:55:58 GMT
x-content-type-options: nosniff
age: 170836
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2887
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 16:55:58 GMT

GET
H3 200 aldine_light_italic.woff2
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/fonts/ Frame 7591 26 KB
26 KB 18ms
17ms Font
font/woff2 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/fonts/aldine_light_italic.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/styles/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:55:58 GMT
x-content-type-options: nosniff
age: 170836
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26720
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 16:55:58 GMT

GET
H3 206 file.mp4
r4---sn-4g5ednde.c.2mdn.net/videoplayback/id/5473a6f5f3c75b16/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1694622194/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 4C86 141 KB
0 42ms
16ms Media
video/mp4 2a00:1450:4001:17::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.givemevibes.com
URL: https://www.givemevibes.com/padres-dodgers/12860/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:17::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 13 Sep 2022 16:23:14 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4363823/4363824
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4363824
expires: Tue, 13 Sep 2022 16:23:14 GMT
last-modified: Thu, 25 Aug 2022 08:37:27 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 66ms
66ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220908&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96014d5f439ca11955ea7cc548baace6ad7cd8bfe29aa93fdd82419e06bb32dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Sep 2022 16:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11199
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC4B 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BYaPLcq4gY_3QA9Th1gbgioigDAAAAAA4AeAEAg&bg=!VFelVxPNAAZTikH4c4o7ACkAdvg8WhDGK3KafKuWX9TieXYFN3Qjk9js6UJoNtEZvKH1ByT_ImTzKgIAAAD0UgAAAAJoAQcKAGUBfGFs6t76tpauXQMAPI-Vuc9SvL6XG-swbwPr6s-WtJG80iylN8VVZzNaChD-zqPP0dRu4WAy1Id1ykgYT9KknndpEawWTj2sgzzJsKsI7gkmNmmRdF_8KA0bYPU7FgE6ZFXL6ZkDKZLboj1zwnFDhJYLw-gYuKZhFT6EgOjcw_2JSM5wiu-qpveD_Qww_eQ12rcSgMniwbII0MVzI-hcWLc4fF1PP537m0yOCiTn9nGVMUrLjTtBUOyps3M8xCw134v_DI1qVaLe1mVMe3qDjJSCWOMrwAE9Mj7OAYtGDr2TQe4O9KW9TrkgrXONiEa6-OfB7Og3OjMvPia65wo1QP1Zi2-lMOX_sNjoqzwLM0_huuAEGYCJPyDYHWEgmk4jvzpNGvA0TM8IwExZ3OW6GaMG_6W9Ry3PbP1dElTuPdXVyRsOGEBa9u6vtoP5tflnDhNkug0Ph7imGeJiATVEb3WhqJygStvUI2kL2SMMAowswTUTF4QLRRMGbxy8RKF4WPvsK0Ypd3DCdSYNZA8yeQMY1VK6r_KLyGBfJWMn1GG-FJIub627V7nAO6MBG6ZS4MULw1r8OwqoxerFn1G7WBZKJiozk6KVa6tTYSeXCdT461ziALhakWpK239kmZNZOUTqciT_48S5-HwhyQ6x_AXPjxlX60W_h6R0TM5WC0h8j-33DqhiD0exWuuT8EsRe_icm4Ckg1BQD49SuEJljC03j85tqXW1YYfOYsnjgI_Xcj5574b_9Hm1hzMH2DUFenTjmWL3RGUThlyI19uc55nhrsG916QUPzzpa2wE_Ny10q6ccArDPQLLvV8t0daV57JEDHlNKPAI1EBfG9yzJDI1z20VQC_5NazAr2DU0htvJ8h0eRb-cjmvScQTlagWf-zy_Su9CCw05bE1ttAglQ6cPxy6Z_NFIeAREDumIWybzxPtqreUob_2xd1uSG8Pys731TfsLxAVqGacS0qsEwyqgsozbydVOcBCVvjyk7qaK9TcsGcgJuSJybbICBy9JprARI3kU1SgAJVb_ygbXgpcpzdpKiy-JO-nvB2CYAt3is1BzBNz9Lw_-_NgGjS0GAHv-173G2To_1UUrNUbXgOQvXgH_K4OhQ6hrP7MzDu7HplykynJr7aTsPPXOFTGaSvAYSFPK0mvjr4-SfRu_8bMseVgrzzFnVUbqMv4hAc-r47MWXTjaAPMMl7iVloA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 16:23:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Sep 2022 16:23:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4ED9 13 KB
5 KB 28ms
25ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.givemevibes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 15:13:53 GMT
expires: Wed, 13 Sep 2023 15:13:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EE94 783 B
1 KB 77ms
30ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bb3f6d471d5bb350b0c38d2c1443ba68496ece16c7bcd842594bb6c7ea5093f3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-24nr0VAjH7-kS6TpUvRfZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.givemevibes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-24nr0VAjH7-kS6TpUvRfZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 16:23:14 GMT
expires: Tue, 13 Sep 2022 16:23:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 4ED9 36 KB
16 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 21:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Sep 2023 21:29:55 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 4C86 0
17 B 103ms
44ms Ping
image/gif 2a00:1450:400c:c0c::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l80ekvva&c=8378919592190&slotId=4189459796095&qqid=CLXA8O2WkvoCFY7juwgd-IUGAw&fb=outstream-lima&gpm_i=5&gpm_c=5&gpm_a=5&smb=1000&br=966&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=7&vhc=0&msm=1&aits=0%2C18%2C692%2C342%2C343%2C344%2C345&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0c::78 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 16:23:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EE94 0
0 51ms
50ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220908&jk=1937596444855670&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4ED9 0
10 B 16ms
15ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?YePCZg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:23:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
53ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220908&jk=1937596444855670&bg=!5eal5qLNAAZTikH4c4o7ACkAdvg8Wg0QDatJLCgLyWp-dI-AyLq5VsbbsMvNvoGgmDWbrMISE4TqUAIAAACTUgAAAANoAQcKAJN0m7MIVBz03jlHrHxbIHyBk59gQoo06GUkn0hCsEmUDNbBPbti61uxEjLwlPtJcTDyB-xeI4WyyWsbIp0HARVoZjJt69gLxGuTxGSjzfrvGszcpbI4NYbRwoXVNqi5f5pyVJ8mP82L2R8ADKePdAqN_dTOl-wVV2K1ab19Q3r7rlw1bptz1iXO37UIGn3jATejCtOZAsWBBy1dOyWIFWM42PXRVr5FV8mKIaQdS2XzYv1kDESXgF0UFVVTbNrkrPNMWMCoQJsGkjuDhvDbdyxfbKqPBWUSkpL7PYQ2M4haAlrUIIyWwm8qRDmTIGVnhCkPoPKZ4FfvTlS-YEJJXlbg6cKDu5J4J-5gbVBAGAT4DlKu27lNfQX2QfxB1vjWPQb9zIy4cKw8QATZO7KRzxwjJCUEfP1b3W1sWzMy1T-8toqdsRyrsAKHDvLx1FZsGE4vMzfNPUA6tNF018GM1oOvOl7rtEyU87MttqwbfigbmFPRj_JZg9leKb-g_ipybdBEXacNrfj9IcXlLrRiiOQweB_TO0_TgyQYv80VGcg66Vc4yIx4s13oP71B4KrO3Zp7Whi1fVl716MGZBK3TW-2lHIf-_KDnJzdWdZXuqsY4ZUx2L_Ma-isA_xEomCzzkyHyv-jFMurIrfoZzWs0dMnBeTASKd6mrInhmyqTki4hMeDJnaMuHmiUNuPFkU7BrHG-qTvQo0DMebTsdJZb31bxxQr4h2fnvXVTrTrLWyozE4BFtvYhz9WKpCFoZtC6Tb9nBmtQleh2WjhhMhmCXGmL211Mc2ckkzwKcsAAqlCM3kUK2G19ef_HZozXpF4yh9i_gR-ZDzzGNMUuHXC_UvWJBvNnYqD809X8A9JI_VDeJN4danmr-s35ppwMLIZ9wsRNz_d6xj_GOKOEHgWN_UFgnAdiwObSLON_vijZx2U2mdNazJFHp58idhFi3xHfztRnmTeipXorJjsWdIXoUvdTG35tqIniJin15_inM3y8-DQX0BMmGDy8gDHsHuj_Ie3yxTNZOQUqAb5PsFPSYK17tM8R0qMxtZ-MAXEzPk_8dnOGF31B4YMFnMnspH6tL5VA28j_UrZ_pxaQJmzNhwsWKqngu7NNLRTQJNADfKCTIF1h4psp8N9_gz7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givemevibes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 449C 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJaDrqdUoS8wFoeA6CWbvFTakVk1IW7USxNN5Tw1TmaEPJ4U_vKjjLw2qjxcIiNbWADJLjpq7QQsNR0P8z1RHiMl_taURtBOoMCgKzJ9UpEC_2zHjgDea8DBrwAGKmhdgRTD6gJNSCRDjMUh3XFiNXr1Dllzzc86jTHxxLNFplczB1Sdugvch1aivUvp56gw&sai=AMfl-YRcY6XF5PTbBN8o5pJNqxtoaZhcu1gOD1DQZ4yWGlP8chnNvUndaSNb2drWcmD69SiNrQRn-_OKHyZ_&sig=Cg0ArKJSzD7T_R1nyRXgEAE&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220912&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663086193122&rpt=1568&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 16:23:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.givemevibes.com/	1970-01-20 15:34:06	Name: _ga_7GDHT1MRVD Value: GS1.1.1663086192.1.0.1663086192.0.0.0
.givemevibes.com/	1970-01-20 15:34:06	Name: _ga Value: GA1.1.606665054.1663086192
.givemevibes.com/	1970-01-20 14:43:42	Name: _ym_uid Value: 1663086192457449568
.givemevibes.com/	1970-01-20 14:43:42	Name: _ym_d Value: 1663086192
.givemevibes.com/	1970-01-20 15:19:42	Name: __gads Value: ID=70925dca9c229801-22b3a4d31ece0024:T=1663086192:RT=1663086192:S=ALNI_MYPX0CUPJAoLxQJWHdgHfoE4t1B2w
.givemevibes.com/	1970-01-20 05:59:18	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 05:58:06	Name: sync_cookie_csrf Value: 1473067014fake
.mc.yandex.ru/	1970-01-20 05:58:06	Name: sync_cookie_csrf Value: 2126996910fake
.yandex.com/	1970-01-20 14:43:42	Name: yandexuid Value: 9041489441663086192
.yandex.com/	1970-01-20 14:43:42	Name: yuidss Value: 9041489441663086192
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 306161771663086192
.yandex.com/	1970-01-20 15:34:06	Name: i Value: 7oiHA2KQDE1k3A7h+kcdj5mh7xnLR/iHG1M85NvfDbFXYOTCOXJcZ/mPv4Z3/DEWF55SRPLnrSNOwN8gzLaoRGjc1qA=
.yandex.com/	1970-01-20 14:43:42	Name: ymex Value: 1694622192.yrts.1663086192#1694622192.yrtsi.1663086192
.doubleclick.net/	1970-01-20 15:19:42	Name: IDE Value: AHWqTUlOnOLOe8dD5Qmut39vQ4jKRpVeOPTtrtAw6YyKefY5-jKKhzpAKuz5x__CbvA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.givemevibes.com/padres-dodgers/12860/ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9760.eOAyvdBHGMwo7q9EWL_tDh9f3DEgUinpP4X-73oDp70cFUA-YVmZsdiVLQ0jLlB1mqUgsxjbb3bcsSZAYIYJbg%2C%2C.SWzU31yvcSEl80KEm1b1QYwYyv0%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
bid.g.doubleclick.net
c0.wp.com
cdn.doubleverify.com
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
r4---sn-4g5ednde.c.2mdn.net
region1.google-analytics.com
s0.2mdn.net
stats.wp.com
tpc.googlesyndication.com
tps.doubleverify.com
www.givemevibes.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.185.98
192.0.76.3
192.0.77.37
2001:4860:4802:32::36
2606:4700:3035::ac43:d8f0
2a00:1450:4001:17::9
2a00:1450:4001:801::2003
2a00:1450:4001:801::2008
2a00:1450:4001:802::200a
2a00:1450:4001:806::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2006
2a00:1450:4001:812::200a
2a00:1450:4001:813::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:400c:c0c::78
2a02:26f0:ea:4a7::4469
2a02:6b8::1:119
34.149.12.213
66.102.1.154
0013c97074c679815231f1ab3b61d31efb77402942c32f54d80589e3296197e8
03a600a6c0810f7fdcd49ec30e999d0be7677c058fe0eb7c8700cc27eb5f92af
04eb0a2eea8638f191623a34ab620fc8906955df8f365bfc60abeeff0fd86cfc
0d39fdc7bb291d13266c59bac9efd5c521875f7ce8e2cd9acdf564186b072110
0dfa467a15133295c90e7981709a599e40a9c8a3b62c4449d12996012b03146d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498
1cdb88c645bffac88f6377b2f91996ef9fc0d5635a14e6cd27faef749e2ef4ac
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
237417d9aab9cc39c441f8c1b69adf343b3e1696d9d94e107e6a11bee174db25
253d9f8f590d4a7587f9ea63e6a1ec9a58800359dfb311dbf9d793bcfd46b128
27f5b100c25a8ef97876750b81222227c7d5ff0da6626d5fdfa8d4819738d4d9
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
2b5f4f75baa3e2e2826110e5ee4a78cca53b1aaf03c8227570149ca7aaeb24c0
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
397b3a8e788ea5459a3c9e517b41c71198a907e1e8bbe244c117f46091dd1a51
39edbec05e5685adae9a0791091c29958dce1a456a1999b3eca61c84a15294e2
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
4003118ea2267bb2a78ee2edf816535b7d944dea3af50a42e879913f72f1709f
41fb89c7089735d036a1d928aedb685343ad78f4077a2fc8ec6679888a5ab36f
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
510d383f9be2e5b324e219f71f611caf9a7d4aef55135e4f53d1bc251d2541fa
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57da8124a94581b52791bfd227954c582002ed07c22f48ebce43d33af4b22be7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5fc27c139e75b3366370163dcb8451384a850dacce310af205c75c0ce86d264e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ce18b0b2fc8e96a360fe63778c85e60ae5b920b8a0a80ea65c8b3d3d09b178
64a782fe60790bf7d4635909cd7a771ab5d6747b36222d415f1d38ba7b091211
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
69533ad5d487783e19c1f034e9ddb042a7faf987e37545e6514bbd451ea10328
6b514cb89ff3b01b52524153ff2de2033ec3d0624e237d0eab7d114fb6bde11a
6cb9e1f299842e5b2324e0a3602e8b48f55913556da888ae39979a4b23741425
6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00
6f360f910960c86fffa05e031405facfd6747640412fa387f829eaf68731548e
741ea6752615f0621e3908c7552984905d35eb9e7dc0a9ae1d2315daf9cdc463
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
7c527c84dd1fa9771c652976862ad7c490937f8f79d9998d5fcdc841507be977
7e1adee22626162c0fb089096a3bd419c5a57d50043e31bf6e7b2ea292f6341f
805d1826238dbb5802b648330beb8f3f8ccc9b047e3e88aca83a1de81b3d7d27
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
838946e7249e6b3fc2d000ee67dbc91cd380c6835c8c95390fac9c3646c1b2a2
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
857581cd9687fed44940bc427ce2d28865b33dde3d95e199299dd029dc8d1881
87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929
89ceeaea2b372ba34b7278368a4f401ea1878872b63ed57383d689368939aeb9
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b4f23113e81b19af7503f478d4050d71f74555533325f312d8730708b064153
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
8be378896e7fcdbf42fb1fe30125c234a673e6db7243204507e2a8a5795ad611
96014d5f439ca11955ea7cc548baace6ad7cd8bfe29aa93fdd82419e06bb32dd
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99491e2b1eb422eeca9ff0a192f2ee475fd64e16ac36f7a17241d097cd4f8c53
9e7a62f5966e6dccecfe34460d5a35c2c52a20c7e4a9de430bff7dc0e265da39
a0dfaa882fdf7a4a81ab8a503d794e78cf7c3a5cb8f1f9f9721f40d4a7db4fe5
a3bfeb759bc33e947ceffcc57d70d164017bcb0426647bc7115caeecd9ac74b5
a3c948a216530521f3cd0575e075c9f20308f610a9d2e0e2499f5c5ef30f58f9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ae20544a2912eeb20cb1749fa9c97c4e3586ef0dc9579b729f656e85d86e23ce
ae463704d8ed8b862c7a339119a83aec69612ed10d99875e395c7348ebdb3cac
bb3f6d471d5bb350b0c38d2c1443ba68496ece16c7bcd842594bb6c7ea5093f3
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bfc90612f44192187d6af79c8a43ae7463619f5932f13821ce826e9b0d01e001
c2612a41b528f93e3a76ed81d65c38d0d8f896706e15e14658fd399287fb5b10
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b
d06a4b0b8fe46f56987ef57986870c9a47b72a64cc99ab182d5596136c90916f
d09935c94b4577fff4e1de0daf084674937f708d4fcfcf689d131d5d9b5a7852
d97a1730c39805a7127eb0fc118a53e8d6b080e7268728742689ea056d404389
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e35ea6f8a65c6f25070a3de3b07d449b5aafa41d0672d17ed2767f119efc6533
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e53ba871f89ab3562d024d898fb735f38328bf92caddf69027e2b66cd73af310
e5ca0bf742f07d04a8d0d989c0d3f094bc395db2632a0239cd94a1b41dd64ab1
e6247a40d5a539486cf837c8fa793e51beab82727fa19c59edd21f8ab389a61e
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5
ec9ae04448369cfd061688be0e2203a5696e42a15d1c179e7ba7849acb2c63cb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00d5aa0b56411ac8a0321fd53a992f6419a8482f6cc2a35f99a458d6617d1ea
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4894fb425afcd49fb62d006fb1b78f897ebe54fd7c68f44edb5d3ad7ed6965e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

www.givemevibes.com Open in urlscan Pro 2606:4700:3035::ac43:d8f0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

119 Requests

97 %HTTPS

81 %IPv6

16 Domains

29 Subdomains

26 IPs

5 Countries

1730 kBTransfer

5191 kBSize

14 Cookies

2 Outgoing links

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.givemevibes.com Open in urlscan Pro
2606:4700:3035::ac43:d8f0 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

97 %
HTTPS

81 %
IPv6

16
Domains

29
Subdomains

26
IPs

5
Countries

1730 kB
Transfer

5191 kB
Size

14
Cookies

119 HTTP transactions
2 data transactions