URL: https://sirends.memo-memo.info/
Submission: On October 12 via api from US — Scanned from US

Summary

This website contacted 26 IPs in 3 countries across 16 domains to perform 108 HTTP transactions. The main IP is 162.43.120.139, located in Yokoyamacho, Japan and belongs to XSERVER Xserver Inc., JP. The main domain is sirends.memo-memo.info.
TLS certificate: Issued by R3 on October 12th 2023. Valid for: 3 months.
This is the only time sirends.memo-memo.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 162.43.120.139 131965 (XSERVER X...)
1 2607:f8b0:402... 15169 (GOOGLE)
12 2607:f8b0:402... 15169 (GOOGLE)
1 35.72.40.230 16509 (AMAZON-02)
1 2607:f8b0:402... 15169 (GOOGLE)
6 2607:f8b0:402... 15169 (GOOGLE)
10 2607:f8b0:402... 15169 (GOOGLE)
4 2607:f8b0:402... 15169 (GOOGLE)
1 2620:100:a001... 19750 (AS-CRITEO)
7 2600:141b:1c0... 20940 (AKAMAI-ASN1)
11 2620:100:a001::4 19750 (AS-CRITEO)
1 74.119.119.147 19750 (AS-CRITEO)
1 2600:9000:24f... 16509 (AMAZON-02)
1 3 172.217.13.198 15169 (GOOGLE)
1 34.233.194.100 14618 (AMAZON-AES)
1 104.126.118.248 20940 (AKAMAI-ASN1)
8 34.117.228.201 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2620:100:a001::9 19750 (AS-CRITEO)
1 2620:100:a001... 19750 (AS-CRITEO)
22 2607:f8b0:402... 15169 (GOOGLE)
2 172.217.13.130 15169 (GOOGLE)
1 35.211.246.180 15169 (GOOGLE)
1 2620:100:a001::3 19750 (AS-CRITEO)
1 2607:f8b0:402... ()
108 26
Apex Domain
Subdomains
Transfer
22 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
263 KB
21 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
299 KB
17 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 541
rtb0.doubleverify.com — Cisco Umbrella Rank: 941
rtbc-ue1.doubleverify.com — Cisco Umbrella Rank: 2582
tps.doubleverify.com — Cisco Umbrella Rank: 562
tps-dn-ue1.doubleverify.com — Cisco Umbrella Rank: 2822
tpsc-ue1.doubleverify.com
252 KB
16 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
imageproxy.us.criteo.net — Cisco Umbrella Rank: 3232
csm.us.criteo.net — Cisco Umbrella Rank: 3098
79 KB
11 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
ad.doubleclick.net — Cisco Umbrella Rank: 173
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443
68 KB
6 memo-memo.info
sirends.memo-memo.info
15 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
151 KB
3 criteo.com
ads.us.criteo.com — Cisco Umbrella Rank: 3008
cat.va.us.criteo.com — Cisco Umbrella Rank: 3268
rtb.va.us.criteo.com — Cisco Umbrella Rank: 6886
46 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
ssl.google-analytics.com — Cisco Umbrella Rank: 518
7 KB
1 google.com
www.google.com
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
5 KB
1 samplicio.us
tracker.samplicio.us — Cisco Umbrella Rank: 2218
302 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 796
562 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
606 B
1 a8.net
www15.a8.net
184 B
0 karou.jp Failed
x4.karou.jp Failed
108 16
Domain Requested by
22 s0.2mdn.net sirends.memo-memo.info
s0.2mdn.net
11 static.criteo.net ads.us.criteo.com
cdnjs.cloudflare.com
static.criteo.net
11 pagead2.googlesyndication.com sirends.memo-memo.info
pagead2.googlesyndication.com
ad.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
10 tpc.googlesyndication.com googleads.g.doubleclick.net
sirends.memo-memo.info
tpc.googlesyndication.com
pagead2.googlesyndication.com
8 cdn.doubleverify.com googleads.g.doubleclick.net
ads.us.criteo.com
cdn.doubleverify.com
sirends.memo-memo.info
s0.2mdn.net
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
sirends.memo-memo.info
6 sirends.memo-memo.info sirends.memo-memo.info
4 imageproxy.us.criteo.net ads.us.criteo.com
4 www.googletagservices.com googleads.g.doubleclick.net
cdn.doubleverify.com
www.googletagservices.com
3 ad.doubleclick.net 1 redirects ads.us.criteo.com
www.googletagservices.com
2 tpsc-ue1.doubleverify.com cdn.doubleverify.com
2 googleads4.g.doubleclick.net sirends.memo-memo.info
2 tps.doubleverify.com cdn.doubleverify.com
2 rtbc-ue1.doubleverify.com cdn.doubleverify.com
2 rtb0.doubleverify.com cdn.doubleverify.com
1 www.google.com tpc.googlesyndication.com
1 rtb.va.us.criteo.com googleads.g.doubleclick.net
1 tps-dn-ue1.doubleverify.com ads.us.criteo.com
1 csm.us.criteo.net ads.us.criteo.com
1 cdnjs.cloudflare.com ads.us.criteo.com
1 tracker.samplicio.us ads.us.criteo.com
1 d.agkn.com ads.us.criteo.com
1 cat.va.us.criteo.com ads.us.criteo.com
1 ads.us.criteo.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ssl.google-analytics.com sirends.memo-memo.info
1 www15.a8.net sirends.memo-memo.info
1 www.google-analytics.com sirends.memo-memo.info
0 x4.karou.jp Failed sirends.memo-memo.info
108 29
Subject Issuer Validity Valid
sirends.memo-memo.info
R3
2023-10-12 -
2024-01-10
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.a8.net
GlobalSign GCC R3 DV TLS CA 2020
2023-06-01 -
2024-07-02
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-01 -
2023-12-02
3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1
2023-05-07 -
2024-05-07
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-09 -
2024-01-06
3 months crt.sh
*.va.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-21 -
2023-12-17
3 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-09-07 -
2024-09-29
a year crt.sh
*.samplicio.us
Amazon RSA 2048 M01
2022-11-16 -
2023-12-15
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
*.us.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-09 -
2023-11-07
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2
2022-09-28 -
2023-10-30
a year crt.sh
www.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh

This page contains 13 frames:

Primary Page: https://sirends.memo-memo.info/
Frame ID: 5A3DAA2C0151AE32670FB8BAEC46C5A1
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: 53689DBA1BE4875E008ABDBA54216138
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240827675325272&output=html&adk=1812271804&adf=3025194257&lmt=1697153015&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fsirends.memo-memo.info%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697128868550&bpp=4&bdt=639&idt=487&shv=r20231004&mjsv=m202310040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4971281237222&frm=20&pv=2&ga_vid=2116679871.1697128868&ga_sid=1697128868&ga_hid=318293186&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801485%2C44804783%2C44805098%2C21065725&oid=2&pvsid=2910085789306659&tmod=564289721&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=515
Frame ID: 141DF3A0D08081A1AEE9ECDDB3BC916D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240827675325272&output=html&h=600&slotname=4119408137&adk=812464601&adf=2634367456&pi=t.ma~as.4119408137&w=128&fwrn=4&fwrnh=100&lmt=1697153015&rafmt=1&format=128x600&url=https%3A%2F%2Fsirends.memo-memo.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697128868554&bpp=2&bdt=643&idt=524&shv=r20231004&mjsv=m202310040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4971281237222&frm=20&pv=1&ga_vid=2116679871.1697128868&ga_sid=1697128868&ga_hid=318293186&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=417&ady=532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801485%2C44804783%2C44805098%2C21065725&oid=2&pvsid=2910085789306659&tmod=564289721&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xaQWMiIT4A&p=https%3A//sirends.memo-memo.info&dtd=530
Frame ID: 286BECC592465140788907DD7ED5A816
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240827675325272&output=html&h=280&slotname=7406286145&adk=2270771412&adf=4042884004&pi=t.ma~as.7406286145&w=631&fwrn=4&fwrnh=100&lmt=1697153015&rafmt=1&format=631x280&url=https%3A%2F%2Fsirends.memo-memo.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697128868557&bpp=1&bdt=646&idt=535&shv=r20231004&mjsv=m202310040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C128x600&nras=1&correlator=4971281237222&frm=20&pv=1&ga_vid=2116679871.1697128868&ga_sid=1697128868&ga_hid=318293186&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=552&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801485%2C44804783%2C44805098%2C21065725&oid=2&pvsid=2910085789306659&tmod=564289721&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=iGmVQOgpQl&p=https%3A//sirends.memo-memo.info&dtd=541
Frame ID: 51D0D39DC76FC5E0F0BA42E40027DF2A
Requests: 7 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&u=%7CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%26client%3Dca-pub-9240827675325272%26adurl%3D
Frame ID: 6A7708AEF15E54B7148516711C6AC2C1
Requests: 27 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dvbs_src.js?ctx=1720848&cmp=29253195&plc=357435121&sid=5265576&dvregion=0&unit=160x600
Frame ID: C1CE0CFB6E03D47324B63F06DE57EF13
Requests: 21 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4803.js
Frame ID: 48A9373F9BE5496645F1B5A33D972A59
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F6386CE87A08233E0364438172FD29EF
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
Frame ID: 7E4585B5B0018DD7300B5625FE2BDC6F
Requests: 21 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4803.js
Frame ID: 33E1F95A9560152E320B3362C151992D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0C5D3B5DD250342FBC49868225D6CD85
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 95963A3B08ED7D1677B1CD5AEE5D4FC9
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

風来のシレンDS攻略メモメモ

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

108
Requests

98 %
HTTPS

64 %
IPv6

16
Domains

29
Subdomains

26
IPs

3
Countries

1187 kB
Transfer

3161 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B30251533.372411465;dc_trk_aid=563043988;dc_trk_cid=195958998;dcopt=anid;ord=652821a56e0ccafa442e6a09068e38cc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B30251533.372411465;dc_pre=CIajy9v58IEDFdcYiAkdNzQAZA;dc_trk_aid=563043988;dc_trk_cid=195958998;dcopt=anid;ord=652821a56e0ccafa442e6a09068e38cc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=

108 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
sirends.memo-memo.info/
25 KB
6 KB
Document
General
Full URL
https://sirends.memo-memo.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.120.139 Yokoyamacho, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14138.xserver.jp
Software
nginx /
Resource Hash
ee2c7a5bf89ca71b328b28b59835e70507498d3c4e8452dd0e2bcf955d63b976

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
br
content-type
text/html
date
Thu, 12 Oct 2023 16:41:07 GMT
etag
W/"65d8-60784d8d6be8b"
last-modified
Thu, 12 Oct 2023 13:23:35 GMT
server
nginx
vary
Accept-Encoding
styles-site.css
sirends.memo-memo.info/
14 KB
3 KB
Stylesheet
General
Full URL
https://sirends.memo-memo.info/styles-site.css
Requested by
Host: sirends.memo-memo.info
URL: https://sirends.memo-memo.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.120.139 Yokoyamacho, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14138.xserver.jp
Software
nginx /
Resource Hash
85f72f8cb9af0c48a997c37c52581ce969de6d4a29a1ccb7e8b975ec57063dc9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sirends.memo-memo.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:08 GMT
content-encoding
br
last-modified
Thu, 19 May 2022 20:57:19 GMT
server
nginx
etag
W/"3723-5df639e96e9c0"
vary
Accept-Encoding
content-type
text/css
urchin.js
www.google-analytics.com/
22 KB
7 KB
Script
General
Full URL
https://www.google-analytics.com/urchin.js
Requested by
Host: sirends.memo-memo.info
URL: https://sirends.memo-memo.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sirends.memo-memo.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 04:23:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
44237
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=1209600
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6847
expires
Thu, 26 Oct 2023 04:23:51 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9240827675325272
Requested by
Host: sirends.memo-memo.info
URL: https://sirends.memo-memo.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
451ded36558671724ca59c1f62c89639c13db4df999e7cee508ae531b3a7fded
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sirends.memo-memo.info/
Origin
https://sirends.memo-memo.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51242
x-xss-protection
0
server
cafe
etag
14724503496284376664
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 12 Oct 2023 16:41:08 GMT
0.gif
www15.a8.net/
43 B
184 B
Image
General
Full URL
https://www15.a8.net/0.gif?a8mat=UFUUP+19UI7U+348+65MEA
Requested by
Host: sirends.memo-memo.info
URL: https://sirends.memo-memo.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.40.230 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-40-230.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sirends.memo-memo.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 16:41:09 GMT
Server
Apache
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
B000BN981S.09.TZZZZZZZ.jpg
sirends.memo-memo.info/img/
5 KB
5 KB
Image
General
Full URL
https://sirends.memo-memo.info/img/B000BN981S.09.TZZZZZZZ.jpg
Requested by
Host: sirends.memo-memo.info
URL: https://sirends.memo-memo.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.120.139 Yokoyamacho, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14138.xserver.jp
Software
nginx /
Resource Hash
11a4fc513e33124bd2ee8f273d906082f9e387008962390c58c127661baf5bb3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sirends.memo-memo.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:08 GMT
last-modified
Thu, 12 Oct 2023 12:04:57 GMT
server
nginx
accept-ranges
bytes
etag
"141f-60783bf9b4c40"
content-length
5151
content-type
image/jpeg
__utm.gif
ssl.google-analytics.com/
35 B
300 B
Image
General
Full URL
https://ssl.google-analytics.com/__utm.gif?utmwv=1.4&utmn=2116679871&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%E9%A2%A8%E6%9D%A5%E3%81%AE%E3%82%B7%E3%83%AC%E3%83%B3%EF%BC%A4%EF%BC%B3%E6%94%BB%E7%95%A5%E3%83%A1%E3%83%A2%E3%83%A1%E3%83%A2&utmhn=sirends.memo-memo.info&utmhid=318293186&utmr=-&utmp=/&utmac=UA-1279045-1&utmcc=__utma%3D62395310.2116679871.1697128868.1697128868.1697128868.1%3B%2B__utmz%3D62395310.1697128868.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B
Requested by
Host: sirends.memo-memo.info
URL: https://sirends.memo-memo.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sirends.memo-memo.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 21:08:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
70338
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
040533500
x4.karou.jp/ufo/
0
0

blog_bg0.gif
sirends.memo-memo.info/img/
183 B
316 B
Image
General
Full URL
https://sirends.memo-memo.info/img/blog_bg0.gif
Requested by
Host: sirends.memo-memo.info
URL: https://sirends.memo-memo.info/styles-site.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.120.139 Yokoyamacho, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14138.xserver.jp
Software
nginx /
Resource Hash
e71ead872291701a2b3765536f6b3a466d2e3a05721c9318498d67fb47fc4c85

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sirends.memo-memo.info/styles-site.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:08 GMT
last-modified
Sat, 03 Feb 2007 21:22:36 GMT
server
nginx
accept-ranges
bytes
etag
"b7-428990f247f00"
content-length
183
content-type
image/gif
blog_bg.gif
sirends.memo-memo.info/img/
177 B
310 B
Image
General
Full URL
https://sirends.memo-memo.info/img/blog_bg.gif
Requested by
Host: sirends.memo-memo.info
URL: https://sirends.memo-memo.info/styles-site.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.120.139 Yokoyamacho, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14138.xserver.jp
Software
nginx /
Resource Hash
9dd64f09f41d6d9c9c3aec435873ae57573bfc4365abbfefbba1ba8261a34b47

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sirends.memo-memo.info/styles-site.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:08 GMT
last-modified
Sat, 03 Feb 2007 18:27:46 GMT
server
nginx
accept-ranges
bytes
etag
"b1-428969de3cc80"
content-length
177
content-type
image/gif
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310040101/
390 KB
132 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310040101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9240827675325272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee250497042f6d358d6aea7bd8da72850daf63fd3fe6aaa0c293c0482051a07b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sirends.memo-memo.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135441
x-xss-protection
0
server
cafe
etag
15115080254613157162
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Oct 2023 16:41:08 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame 5368
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9240827675325272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sirends.memo-memo.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
9944
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Oct 2023 13:55:24 GMT
etag
2603938475786422795
expires
Thu, 26 Oct 2023 13:55:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/
395 B
606 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=sirends.memo-memo.info&callback=_gfp_s_&client=ca-pub-9240827675325272
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310040101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b0d2ee17e159364f0d4a96d143c7d9ed00b7c82cbf169fde785971776d58fdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sirends.memo-memo.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
254
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 141D
0
188 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240827675325272&output=html&adk=1812271804&adf=3025194257&lmt=1697153015&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fsirends.memo-memo.info%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697128868550&bpp=4&bdt=639&idt=487&shv=r20231004&mjsv=m202310040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4971281237222&frm=20&pv=2&ga_vid=2116679871.1697128868&ga_sid=1697128868&ga_hid=318293186&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801485%2C44804783%2C44805098%2C21065725&oid=2&pvsid=2910085789306659&tmod=564289721&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=515
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310040101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sirends.memo-memo.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Oct 2023 16:41:09 GMT
expires
Thu, 12 Oct 2023 16:41:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 286B
48 KB
16 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240827675325272&output=html&h=600&slotname=4119408137&adk=812464601&adf=2634367456&pi=t.ma~as.4119408137&w=128&fwrn=4&fwrnh=100&lmt=1697153015&rafmt=1&format=128x600&url=https%3A%2F%2Fsirends.memo-memo.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697128868554&bpp=2&bdt=643&idt=524&shv=r20231004&mjsv=m202310040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4971281237222&frm=20&pv=1&ga_vid=2116679871.1697128868&ga_sid=1697128868&ga_hid=318293186&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=417&ady=532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801485%2C44804783%2C44805098%2C21065725&oid=2&pvsid=2910085789306659&tmod=564289721&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xaQWMiIT4A&p=https%3A//sirends.memo-memo.info&dtd=530
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310040101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a84d1c11d52aaa25f9d41a0495e1639ede69b398e42e736bf4013c78b9239b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sirends.memo-memo.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
16480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Oct 2023 16:41:09 GMT
expires
Thu, 12 Oct 2023 16:41:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
blog_bg.gif
sirends.memo-memo.info/img/
177 B
0
Image
General
Full URL
http://sirends.memo-memo.info/img/blog_bg.gif
Requested by
Host: sirends.memo-memo.info
URL: https://sirends.memo-memo.info/styles-site.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.120.139 Yokoyamacho, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14138.xserver.jp
Software
nginx /
Resource Hash
9dd64f09f41d6d9c9c3aec435873ae57573bfc4365abbfefbba1ba8261a34b47

Request headers

Referer

Response headers

date
Thu, 12 Oct 2023 16:41:08 GMT
last-modified
Sat, 03 Feb 2007 18:27:46 GMT
server
nginx
accept-ranges
bytes
etag
"b1-428969de3cc80"
content-length
177
content-type
image/gif
ads
googleads.g.doubleclick.net/pagead/ Frame 51D0
35 KB
14 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240827675325272&output=html&h=280&slotname=7406286145&adk=2270771412&adf=4042884004&pi=t.ma~as.7406286145&w=631&fwrn=4&fwrnh=100&lmt=1697153015&rafmt=1&format=631x280&url=https%3A%2F%2Fsirends.memo-memo.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697128868557&bpp=1&bdt=646&idt=535&shv=r20231004&mjsv=m202310040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C128x600&nras=1&correlator=4971281237222&frm=20&pv=1&ga_vid=2116679871.1697128868&ga_sid=1697128868&ga_hid=318293186&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=552&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801485%2C44804783%2C44805098%2C21065725&oid=2&pvsid=2910085789306659&tmod=564289721&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=iGmVQOgpQl&p=https%3A//sirends.memo-memo.info&dtd=541
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310040101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
641416ed079498211c1f5a1fa31d58bf3033cc27c14359b711f0b84ef33b138b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sirends.memo-memo.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
14422
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Oct 2023 16:41:09 GMT
expires
Thu, 12 Oct 2023 16:41:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 51D0
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240827675325272&output=html&h=280&slotname=7406286145&adk=2270771412&adf=4042884004&pi=t.ma~as.7406286145&w=631&fwrn=4&fwrnh=100&lmt=1697153015&rafmt=1&format=631x280&url=https%3A%2F%2Fsirends.memo-memo.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697128868557&bpp=1&bdt=646&idt=535&shv=r20231004&mjsv=m202310040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C128x600&nras=1&correlator=4971281237222&frm=20&pv=1&ga_vid=2116679871.1697128868&ga_sid=1697128868&ga_hid=318293186&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=552&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801485%2C44804783%2C44805098%2C21065725&oid=2&pvsid=2910085789306659&tmod=564289721&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=iGmVQOgpQl&p=https%3A//sirends.memo-memo.info&dtd=541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:36:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
11064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Oct 2023 13:36:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 51D0
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240827675325272&output=html&h=280&slotname=7406286145&adk=2270771412&adf=4042884004&pi=t.ma~as.7406286145&w=631&fwrn=4&fwrnh=100&lmt=1697153015&rafmt=1&format=631x280&url=https%3A%2F%2Fsirends.memo-memo.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697128868557&bpp=1&bdt=646&idt=535&shv=r20231004&mjsv=m202310040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C128x600&nras=1&correlator=4971281237222&frm=20&pv=1&ga_vid=2116679871.1697128868&ga_sid=1697128868&ga_hid=318293186&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=552&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801485%2C44804783%2C44805098%2C21065725&oid=2&pvsid=2910085789306659&tmod=564289721&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=iGmVQOgpQl&p=https%3A//sirends.memo-memo.info&dtd=541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:36:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
11064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Oct 2023 13:36:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 51D0
187 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240827675325272&output=html&h=280&slotname=7406286145&adk=2270771412&adf=4042884004&pi=t.ma~as.7406286145&w=631&fwrn=4&fwrnh=100&lmt=1697153015&rafmt=1&format=631x280&url=https%3A%2F%2Fsirends.memo-memo.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697128868557&bpp=1&bdt=646&idt=535&shv=r20231004&mjsv=m202310040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C128x600&nras=1&correlator=4971281237222&frm=20&pv=1&ga_vid=2116679871.1697128868&ga_sid=1697128868&ga_hid=318293186&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=552&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801485%2C44804783%2C44805098%2C21065725&oid=2&pvsid=2910085789306659&tmod=564289721&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=iGmVQOgpQl&p=https%3A//sirends.memo-memo.info&dtd=541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Oct 2023 16:41:10 GMT
afr.php
ads.us.criteo.com/delivery/r/ Frame 6A77
130 KB
45 KB
Document
General
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&u=%7CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%26client%3Dca-pub-9240827675325272%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240827675325272&output=html&h=280&slotname=7406286145&adk=2270771412&adf=4042884004&pi=t.ma~as.7406286145&w=631&fwrn=4&fwrnh=100&lmt=1697153015&rafmt=1&format=631x280&url=https%3A%2F%2Fsirends.memo-memo.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697128868557&bpp=1&bdt=646&idt=535&shv=r20231004&mjsv=m202310040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C128x600&nras=1&correlator=4971281237222&frm=20&pv=1&ga_vid=2116679871.1697128868&ga_sid=1697128868&ga_hid=318293186&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=552&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801485%2C44804783%2C44805098%2C21065725&oid=2&pvsid=2910085789306659&tmod=564289721&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=iGmVQOgpQl&p=https%3A//sirends.memo-memo.info&dtd=541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6c166bec955dc4d00a3a849c70eb55ef8219802e9a85c97be64d1beada9b7472
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 12 Oct 2023 16:41:09 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=tWLXKy28YBpkzwjhSsp3sMz6HuQuz1SzuZ2EhdwOkPSOpSK3YvEr6N45J0HVvuOLFJ0NZUGyMOCJPVnwa9alSllXZEerPjo6pQjF61sqG1gkH8Id2sFE863qVsx_9kyRzxq11qy7kJu9tPg4eKLO3e3__-4LuhhMnZtSbtyDxuenmkt1fF8adD0dIZdRoKdWy9Aw4tIk2a90nX2KWBEtO0TMkqovRpzgenULGd8AnjuSSLTf7WWvAGB1ldyxJRzJuIxurg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
85495258
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
dvbs_src.js
cdn.doubleverify.com/ Frame C1CE
2 KB
1 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1720848&cmp=29253195&plc=357435121&sid=5265576&dvregion=0&unit=160x600
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240827675325272&output=html&h=600&slotname=4119408137&adk=812464601&adf=2634367456&pi=t.ma~as.4119408137&w=128&fwrn=4&fwrnh=100&lmt=1697153015&rafmt=1&format=128x600&url=https%3A%2F%2Fsirends.memo-memo.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697128868554&bpp=2&bdt=643&idt=524&shv=r20231004&mjsv=m202310040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4971281237222&frm=20&pv=1&ga_vid=2116679871.1697128868&ga_sid=1697128868&ga_hid=318293186&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=417&ady=532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801485%2C44804783%2C44805098%2C21065725&oid=2&pvsid=2910085789306659&tmod=564289721&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xaQWMiIT4A&p=https%3A//sirends.memo-memo.info&dtd=530
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 16:41:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2023 09:51:44 GMT
Server
UploadServer
ETag
"56f95dec40f6402642b5537aa29ad91c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
932
Expires
Fri, 13 Oct 2023 16:41:10 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame C1CE
35 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240827675325272&output=html&h=600&slotname=4119408137&adk=812464601&adf=2634367456&pi=t.ma~as.4119408137&w=128&fwrn=4&fwrnh=100&lmt=1697153015&rafmt=1&format=128x600&url=https%3A%2F%2Fsirends.memo-memo.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697128868554&bpp=2&bdt=643&idt=524&shv=r20231004&mjsv=m202310040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4971281237222&frm=20&pv=1&ga_vid=2116679871.1697128868&ga_sid=1697128868&ga_hid=318293186&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=417&ady=532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801485%2C44804783%2C44805098%2C21065725&oid=2&pvsid=2910085789306659&tmod=564289721&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xaQWMiIT4A&p=https%3A//sirends.memo-memo.info&dtd=530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3be61af8ca1be1fea37c76d6fcaa4c3076fe975ceed168c92f786f19bed21392
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 14:18:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
8586
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14046
x-xss-protection
0
server
cafe
etag
919080172339299441
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Oct 2023 14:18:04 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame C1CE
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240827675325272&output=html&h=600&slotname=4119408137&adk=812464601&adf=2634367456&pi=t.ma~as.4119408137&w=128&fwrn=4&fwrnh=100&lmt=1697153015&rafmt=1&format=128x600&url=https%3A%2F%2Fsirends.memo-memo.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697128868554&bpp=2&bdt=643&idt=524&shv=r20231004&mjsv=m202310040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4971281237222&frm=20&pv=1&ga_vid=2116679871.1697128868&ga_sid=1697128868&ga_hid=318293186&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=417&ady=532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801485%2C44804783%2C44805098%2C21065725&oid=2&pvsid=2910085789306659&tmod=564289721&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xaQWMiIT4A&p=https%3A//sirends.memo-memo.info&dtd=530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:36:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
11064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Oct 2023 13:36:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame C1CE
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240827675325272&output=html&h=600&slotname=4119408137&adk=812464601&adf=2634367456&pi=t.ma~as.4119408137&w=128&fwrn=4&fwrnh=100&lmt=1697153015&rafmt=1&format=128x600&url=https%3A%2F%2Fsirends.memo-memo.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697128868554&bpp=2&bdt=643&idt=524&shv=r20231004&mjsv=m202310040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4971281237222&frm=20&pv=1&ga_vid=2116679871.1697128868&ga_sid=1697128868&ga_hid=318293186&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=417&ady=532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801485%2C44804783%2C44805098%2C21065725&oid=2&pvsid=2910085789306659&tmod=564289721&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xaQWMiIT4A&p=https%3A//sirends.memo-memo.info&dtd=530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:36:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
11064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Oct 2023 13:36:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C1CE
187 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240827675325272&output=html&h=600&slotname=4119408137&adk=812464601&adf=2634367456&pi=t.ma~as.4119408137&w=128&fwrn=4&fwrnh=100&lmt=1697153015&rafmt=1&format=128x600&url=https%3A%2F%2Fsirends.memo-memo.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697128868554&bpp=2&bdt=643&idt=524&shv=r20231004&mjsv=m202310040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4971281237222&frm=20&pv=1&ga_vid=2116679871.1697128868&ga_sid=1697128868&ga_hid=318293186&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=417&ady=532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801485%2C44804783%2C44805098%2C21065725&oid=2&pvsid=2910085789306659&tmod=564289721&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xaQWMiIT4A&p=https%3A//sirends.memo-memo.info&dtd=530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Oct 2023 16:41:10 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 6A77
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&u=%7CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%26client%3Dca-pub-9240827675325272%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 06 Oct 2024 16:41:10 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 6A77
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&u=%7CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%26client%3Dca-pub-9240827675325272%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 06 Oct 2024 16:41:10 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 6A77
308 B
637 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&u=%7CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%26client%3Dca-pub-9240827675325272%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 06 Oct 2024 16:41:10 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 6A77
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&u=%7CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%26client%3Dca-pub-9240827675325272%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 06 Oct 2024 16:41:10 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 6A77
2 KB
1 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=30251533&sid=1340728&plc=372411465&dvregion=0&unit=631x280
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&u=%7CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%26client%3Dca-pub-9240827675325272%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 16:41:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2023 09:51:44 GMT
Server
UploadServer
ETag
"56f95dec40f6402642b5537aa29ad91c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
932
Expires
Fri, 13 Oct 2023 16:41:10 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 6A77
9 KB
4 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13846930&cmp=30251533&sid=1340728&plc=372411465&adsrv=1&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.src
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&u=%7CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%26client%3Dca-pub-9240827675325272%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b5ffa81768670029d01777f59917b176b96b54740acc3d432be2215cfd3d77fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 16:41:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Oct 2023 09:41:56 GMT
Server
UploadServer
ETag
"182a72be22ed58ff71d810d74dc7cb7a"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3638
Expires
Thu, 12 Oct 2023 16:56:10 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 6A77
43 B
348 B
Image
General
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=mUA8ucal2szQIPBKfCmByVFNlJoXmlGPtJTHTgE5GgDWlHoBM2r3tYrTxDXu-qpxMjXXJ2DUW4ALRyY7728ToQOLfdCtR8iIWtYbGZydsrMtveGWDJMYm6y8hW_GhQmpLnMrRD3oICWtTfUxzWa1BcC6omknpgsqyQ3ZtFE_-Wv4uXXx-voWv0nT9C3KjreBznSowGRDolH9N7aIXSdiLGB_CQ_fSzoaFprFvdXaHf8WWQBsBOl8oVtEPW7qK3YyQaUjMtiuoKV7V3ZpMsPw6SIWEk2o06-7q3_Bc1zXAhFqlcCiI3WyyMcODlVE02zaPGRBbXAcs-sZpXzOeEHC9n7C2j-Gu5gaRrYj6PRP2s-loOIh1RbVV_ZjEzcANrQ2JQlPQxXnWJJ1XhcmbdoENew0FR8UIW_9vzbTSvpztEE5qBkl
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&u=%7CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%26client%3Dca-pub-9240827675325272%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 16:41:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1740490
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
d.agkn.com/pixel/8538/ Frame 6A77
43 B
562 B
Image
General
Full URL
https://d.agkn.com/pixel/8538/?che=652821a56e0ccafa442e6a09068e38cc&col=308271,0,0,0,11120203,652821a56e0ccafa442e6a09068e38cc
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&u=%7CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%26client%3Dca-pub-9240827675325272%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:9000:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 16:41:09 GMT
via
1.1 acdcfe0221350b9cd785fe9ccd2ccd66.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/gif
cache-control
no-cache, must-revalidate
content-length
43
x-amz-cf-id
fMRtEmrymsWmXwT-GHwlmR1VET_CWwGkQW8_yQhtc5LWFESOT4jnWQ==
expires
Sat, 01 Jan 2000 00:00:00 GMT
B30251533.372411465;dc_pre=CIajy9v58IEDFdcYiAkdNzQAZA;dc_trk_aid=563043988;dc_trk_cid=195958998;dcopt=anid;ord=652821a56e0ccafa442e6a09068e38cc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/ Frame 6A77
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B30251533.372411465;dc_trk_aid=563043988;dc_trk_cid=195958998;dcopt=anid;ord=652821a56e0ccafa442e6a09068e38cc;dc_lat=;dc_rdid=;tag_for_ch...
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B30251533.372411465;dc_pre=CIajy9v58IEDFdcYiAkdNzQAZA;dc_trk_aid=563043988;dc_trk_cid=195958998;dcopt=anid;ord=652821a56e0ccafa442e6a0906...
42 B
475 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B30251533.372411465;dc_pre=CIajy9v58IEDFdcYiAkdNzQAZA;dc_trk_aid=563043988;dc_trk_cid=195958998;dcopt=anid;ord=652821a56e0ccafa442e6a09068e38cc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&u=%7CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%26client%3Dca-pub-9240827675325272%26adurl%3D
Protocol
H2
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 16:41:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Oct 2023 16:41:10 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B30251533.372411465;dc_pre=CIajy9v58IEDFdcYiAkdNzQAZA;dc_trk_aid=563043988;dc_trk_cid=195958998;dcopt=anid;ord=652821a56e0ccafa442e6a09068e38cc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
tracker.samplicio.us/tracker/135ae744-093c-4f69-8b53-a36ce6361ac1/ Frame 6A77
35 B
302 B
Image
General
Full URL
https://tracker.samplicio.us/tracker/135ae744-093c-4f69-8b53-a36ce6361ac1/pixel.gif?c1=11120203&pid=141491&sid=2830477262141103233&crid=308271&device_id=&cachebuster=652821a56e0ccafa442e6a09068e38cc&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&u=%7CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%26client%3Dca-pub-9240827675325272%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.194.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-194-100.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:10 GMT
strict-transport-security
max-age=604800
x-ratelimit-reset
0
x-ratelimit-limit
0
content-length
35
x-ratelimit-remaining
0
content-type
image/gif
truncated
/ Frame 51D0
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f229bd1cc10477835ed852793ef3b3553d65bdeda48c65bc2ee4e6fd03497d1e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
dvbs_src_internal122.js
cdn.doubleverify.com/ Frame C1CE
60 KB
20 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src_internal122.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1720848&cmp=29253195&plc=357435121&sid=5265576&dvregion=0&unit=160x600
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.118.248 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-118-248.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 16:41:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2023 09:51:46 GMT
Server
UploadServer
ETag
"676309fe6e3823d28d9b38e6462bb025"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19669
Expires
Fri, 11 Oct 2024 16:41:10 GMT
verify.js
rtb0.doubleverify.com/ Frame C1CE
443 B
578 B
Script
General
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_440345203071&jsTagObjCallback=__tagObject_callback_440345203071&num=6&ctx=1720848&cmp=29253195&plc=357435121&sid=5265576&advid=&adsrv=&unit=160x600&isdvvid=&uid=440345203071&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=117&bridua=3&dup=null&chro=1&hist=2&winh=600&winw=128&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=4&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=169&eparams=DC4FC%3Dl9EEADTbpTauTauD%3AC6%3F5D%5D%3E6%3E%40%5C%3E6%3E%40%5D%3A%3F7%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauD%3AC6%3F5D%5D%3E6%3E%40%5C%3E6%3E%40%5D%3A%3F7%40Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&dvp_exetime=6.90&callbackName=__verify_callback_440345203071
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
f58a826cc66e6cdc2f6b4f8f41786c03c30368139ad240284e7fa96fc6b047a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Oct 2023 16:41:10 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
10/11/2023 16:41:10
dvbs_src_internal122.js
cdn.doubleverify.com/ Frame 6A77
60 KB
20 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src_internal122.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=30251533&sid=1340728&plc=372411465&dvregion=0&unit=631x280
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 16:41:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2023 09:51:46 GMT
Server
UploadServer
ETag
"676309fe6e3823d28d9b38e6462bb025"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19669
Expires
Fri, 11 Oct 2024 16:41:10 GMT
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame C1CE
0
308 B
Ping
General
Full URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=f1a6bf1140c844a78b4af98e0477bcb2&vfdur=216&cbust=1697128870720560
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Pragma
no-cache
Date
Thu, 12 Oct 2023 16:41:10 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-10-11T16:41:10
dcmads.js
www.googletagservices.com/dcm/ Frame C1CE
24 KB
10 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c548a30c41171b00c7d332fc539aa7fa0dceb71fc7d91d4bc7b65ed3bfed8382
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:13:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9959
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 13:24:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 12 Oct 2023 17:13:46 GMT
verify.js
rtb0.doubleverify.com/ Frame 6A77
443 B
577 B
Script
General
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_286098185374&jsTagObjCallback=__tagObject_callback_286098185374&num=6&ctx=13846930&cmp=30251533&plc=372411465&sid=1340728&advid=&adsrv=&unit=631x280&isdvvid=&uid=286098185374&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=117&bridua=3&dup=null&srcurlD=1&ssl=1&refD=2&tagpb=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=4&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=169&eparams=DC4FC%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauD%3AC6%3F5D%5D%3E6%3E%40%5C%3E6%3E%40%5D%3A%3F7%40Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3E&dvp_exetime=17.50&callbackName=__verify_callback_286098185374
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
265b40a174a1d393bae10ab321afc4816330fbb4babc663571b99138d133c2a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Oct 2023 16:41:10 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
10/11/2023 16:41:10
impl_v97.js
www.googletagservices.com/dcm/ Frame C1CE
57 KB
23 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/impl_v97.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b23a2a55e15ddffdc187b1107030f6ed53d4abe5d4c0900022451d20c3dfb54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23166
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 13:28:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Oct 2024 16:08:40 GMT
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame 6A77
0
298 B
Ping
General
Full URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=a216fcaa13904a38b591454a10b7afd3&vfdur=61&cbust=1697128870839156
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://ads.us.criteo.com
Pragma
no-cache
Date
Thu, 12 Oct 2023 16:41:10 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-10-11T16:41:10
dv-measurements4803.js
cdn.doubleverify.com/ Frame 48A9
420 KB
99 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements4803.js
Requested by
Host: sirends.memo-memo.info
URL: https://sirends.memo-memo.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
bb09f6f5afc84a2d5c07b93504bd195710d337e66f0080f3d371ca6d4d13b06e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 16:41:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Oct 2023 08:04:58 GMT
Server
UploadServer
ETag
"6e216fbcbcd9255ae84b27ab277cefe7"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
101040
Expires
Fri, 11 Oct 2024 16:41:10 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 6A77
12 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&u=%7CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%26client%3Dca-pub-9240827675325272%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
793569
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnOwtfpgljdn78I7CRvodicOraNI8QwTgV%2Fq9mVz6LxMkSRjT7TVOiY92IxMLwut%2FfNXeJPgrqjxl2iweYVQ0MWm6nuiwsWW0qd2vyDT62gYDlZjNaHBELrkjN%2FebYmzV%2BAyfMwN8bZZT3Pu61TEvP6C"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8150c9f3ae3d961a-MIA
expires
Tue, 01 Oct 2024 16:41:10 GMT
animejs.js
static.criteo.net/animejs/ Frame 6A77
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&u=%7CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%26client%3Dca-pub-9240827675325272%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 06 Oct 2024 16:41:10 GMT
img
imageproxy.us.criteo.net/img/ Frame 6A77
5 KB
6 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?h=556&m=0&partner=5535&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F5535%2F190813%2Fd5bb21879100431680b4588fceb6cd1e_logo_lightbg_horizontal.png&v=3&w=196&rid=4&s=bfATsxTzblTqU08XAHK-yc-u
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&u=%7CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%26client%3Dca-pub-9240827675325272%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
9d0661e0ed6b39735b63a4ca0f74b5b641e2d5b3d1cf8af59059ef6ed1d953f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
5444
expires
Thu, 29 Aug 2024 00:53:04 GMT
img
imageproxy.us.criteo.net/img/ Frame 6A77
13 KB
13 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F8%2Foptimized%2F24477663_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&rid=4&s=M8aoTSW4b-PzWS5vcFI1COk-&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&u=%7CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%26client%3Dca-pub-9240827675325272%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b042c88ba6ced6d6c9eda9bb19512279790b05e0f8d39380548599bcd85a55cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
13214
expires
Fri, 20 Oct 2023 16:22:42 GMT
img
imageproxy.us.criteo.net/img/ Frame 6A77
4 KB
5 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F7%2Foptimized%2F17119133_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&rid=4&s=SKCvgUTch5MHCotAm64Ew5DM&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&u=%7CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%26client%3Dca-pub-9240827675325272%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
816af84dc5e0eb0fc43b99ee8d68e0c63d189d16da35b730f180a96d0ab245f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
4476
expires
Fri, 27 Oct 2023 17:03:59 GMT
img
imageproxy.us.criteo.net/img/ Frame 6A77
10 KB
10 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F6%2Foptimized%2F24475192_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&rid=4&s=TqgT0RIOa0imPv5o5bWBf767&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&u=%7CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%26client%3Dca-pub-9240827675325272%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3bb7a800a851a024835e116e70dcd721149e8803c2a5e160d4c9ce0e90872578
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
10246
expires
Fri, 03 Nov 2023 22:26:49 GMT
all
csm.us.criteo.net/ Frame 6A77
0
128 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=tWLXKy28YBpkzwjhSsp3sMz6HuQuz1SzuZ2EhdwOkPSOpSK3YvEr6N45J0HVvuOLFJ0NZUGyMOCJPVnwa9alSllXZEerPjo6pQjF61sqG1gkH8Id2sFE863qVsx_9kyRzxq11qy7kJu9tPg4eKLO3e3__-4LuhhMnZtSbtyDxuenmkt1fF8adD0dIZdRoKdWy9Aw4tIk2a90nX2KWBEtO0TMkqovRpzgenULGd8AnjuSSLTf7WWvAGB1ldyxJRzJuIxurg&sds=2&rev=88837&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&u=%7CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%26client%3Dca-pub-9240827675325272%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 12 Oct 2023 16:41:10 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6A77
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&u=%7CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%26client%3Dca-pub-9240827675325272%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 06 Oct 2024 16:41:10 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 6A77
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&u=%7CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%26client%3Dca-pub-9240827675325272%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 06 Oct 2024 16:41:10 GMT
B29253195.357435121;dc_ver=97.287;dc_eid=40004001;sz=160x600;u_sd=1;dc_adk=425106994;ord=o14zyd;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCwJVqpSEoZYehC7nN998PrYuH0Arqo4u...
ad.doubleclick.net/ddm/adj/N3867.2265900RANDALLREILLY/ Frame C1CE
76 KB
31 KB
Script
General
Full URL
https://ad.doubleclick.net/ddm/adj/N3867.2265900RANDALLREILLY/B29253195.357435121;dc_ver=97.287;dc_eid=40004001;sz=160x600;u_sd=1;dc_adk=425106994;ord=o14zyd;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCwJVqpSEoZYehC7nN998PrYuH0Arqo4usc7qP4vqfEWQQASCVnegDYMmGgIDco8QQoAG-2p35AsgBCagDAcgDAqoE2gFP0CTXFN3OgLfODdyGmSvKnDdRprPiZWjlAIZ2iD2sGzWKI6qOOltZlKamlrZ39dP5FaKA1ka3aDJD12x0I-U9DBN7Qe9rj7r5Q7072OKZ4MWZChPs5siBxNDQ6ySjgCIs40o7PXZtH8i_pVmKgII-eeMeLgmZD1ah4X3I_B3VjRxsWIH3If5RcOJNXMhTW8J1MlEbo8a0PiD8MZHbC5E_AfbF_kiqvfsvda6a0x9rBXQqd6rTuxD6s7YGbL18rQqYF1KkCO_lf_pS2bLJAsRXviNlCSHtwjuuxcAE3oDR_tEDiAWo2fnSLqAGEYAHqqXihgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcA0ggUCIBhEAEYHzICigI6AoBASL39wTqACgGYCwHICwGADAHaDBAKChCg1KG9iKGzxVwSAgEDqg0CVVPIDQHYEw3QFQGYFgH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMIx4eL2_nwgQMVueb9BR2txQGqEAEYASAAEgL7vvD_BwE%26num%3D1%26cid%3DCAQSTADICaaNPnTH9bvl7ng5PeHwXCI68fWO1d2B64f3y04yAiTaZIiSSL1sykUnOaW-2Lxhy0vRFQR4GP7q1fdcjzpD4zYT5tYbAyvBHtYYAQ%26sig%3DAOD64_1ySRD_qmEYkK_90aGk6IfER1Aauw%26client%3Dca-pub-9240827675325272%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fsirends.memo-memo.info%2F$0;xdt=1;crlt=xbsrW6Libj;stc=1;chaa=1;sttr=164;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v97.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
cafe /
Resource Hash
562b0d731fcffeb1e38287af947284e576e391311c1ec56b8f23f350c4fcd8bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 16:41:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32180
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame 6A77
2 KB
842 B
Stylesheet
General
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 06 Oct 2024 16:41:11 GMT
roboto-700.css
static.criteo.net/design/googlefont/roboto/ Frame 6A77
2 KB
841 B
Stylesheet
General
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13d-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 06 Oct 2024 16:41:11 GMT
roboto-700-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 6A77
15 KB
16 KB
Font
General
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13d-3df4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 06 Oct 2024 16:41:11 GMT
roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 6A77
15 KB
16 KB
Font
General
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-3d80"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 06 Oct 2024 16:41:11 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame C1CE
111 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: sirends.memo-memo.info
URL: https://sirends.memo-memo.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 00:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56605
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Oct 2023 00:57:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame C1CE
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N3867.2265900RANDALLREILLY/B29253195.357435121;dc_ver=97.287;dc_eid=40004001;sz=160x600;u_sd=1;dc_adk=425106994;ord=o14zyd;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCwJVqpSEoZYehC7nN998PrYuH0Arqo4usc7qP4vqfEWQQASCVnegDYMmGgIDco8QQoAG-2p35AsgBCagDAcgDAqoE2gFP0CTXFN3OgLfODdyGmSvKnDdRprPiZWjlAIZ2iD2sGzWKI6qOOltZlKamlrZ39dP5FaKA1ka3aDJD12x0I-U9DBN7Qe9rj7r5Q7072OKZ4MWZChPs5siBxNDQ6ySjgCIs40o7PXZtH8i_pVmKgII-eeMeLgmZD1ah4X3I_B3VjRxsWIH3If5RcOJNXMhTW8J1MlEbo8a0PiD8MZHbC5E_AfbF_kiqvfsvda6a0x9rBXQqd6rTuxD6s7YGbL18rQqYF1KkCO_lf_pS2bLJAsRXviNlCSHtwjuuxcAE3oDR_tEDiAWo2fnSLqAGEYAHqqXihgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcA0ggUCIBhEAEYHzICigI6AoBASL39wTqACgGYCwHICwGADAHaDBAKChCg1KG9iKGzxVwSAgEDqg0CVVPIDQHYEw3QFQGYFgH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMIx4eL2_nwgQMVueb9BR2txQGqEAEYASAAEgL7vvD_BwE%26num%3D1%26cid%3DCAQSTADICaaNPnTH9bvl7ng5PeHwXCI68fWO1d2B64f3y04yAiTaZIiSSL1sykUnOaW-2Lxhy0vRFQR4GP7q1fdcjzpD4zYT5tYbAyvBHtYYAQ%26sig%3DAOD64_1ySRD_qmEYkK_90aGk6IfER1Aauw%26client%3Dca-pub-9240827675325272%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fsirends.memo-memo.info%2F$0;xdt=1;crlt=xbsrW6Libj;stc=1;chaa=1;sttr=164;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:40:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
10820
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Oct 2023 13:40:51 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame C1CE
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: sirends.memo-memo.info
URL: https://sirends.memo-memo.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 21:24:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
69402
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Oct 2024 21:24:29 GMT
truncated
/ Frame C1CE
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a211c34072bcc85b159f2a8a0b50a0f7fbdc704432a6fe28547341469d9de0f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
visit.js
tps.doubleverify.com/ Frame 48A9
1 KB
886 B
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=340&ttfrms=34&brid=3&brver=117.0.5938.149&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauD%3AC6%3F5D%5D%3E6%3E%40%5C%3E6%3E%40%5D%3A%3F7%40Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3E&srcurlD=1&aUrlD=0&ssl=https:&dfs=344&ddur=653&uid=1697128871213607&jsCallback=dvCallback_1697128871213988&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.149%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=280&winw=631&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4803&tgjsver=4803&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fads.us.criteo.com%2Fdelivery%2Fr%2Fafr.php%3Fz%3DZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA%26u%3D%257CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%253D%257C%26c1%3DTUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg%26ct0%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%2526client%253Dca-pub-9240827675325272%2526adurl%253D&fcifrms=4&brh=2&dvp_epl=273&noc=4&nav_pltfrm=Win32&ctx=13846930&cmp=30251533&sid=1340728&plc=372411465&adsrv=1&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=15732030743.704056&dvp_tukv=520739955266.5159&dvp_strhd=0.5999984741210938&dvpx_strhd=0.5999984741210938&dvp_tuid=741920126728&jurtd=3076342769
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4803.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
ff6693afb13911f43828eec580056e50fcf3a36ef1e8519dcb07f2e1d782eeb9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Oct 2023 16:41:11 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
10/11/2023 16:41:11
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame F638
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
54165
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Oct 2023 01:38:26 GMT
expires
Fri, 11 Oct 2024 01:38:26 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
pagead2.googlesyndication.com/bg/ Frame F638
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:43:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
10666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14692
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Oct 2024 13:43:25 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame C1CE
9 KB
4 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=1720848&cmp=29253195&sid=5265576&plc=357435121&num=&adid=&advid=3318532&adsrv=1&region=30&btreg=552083689&btadsrv=doubleclick&crt=188128674&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b5ffa81768670029d01777f59917b176b96b54740acc3d432be2215cfd3d77fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 16:41:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Oct 2023 09:41:56 GMT
Server
UploadServer
ETag
"182a72be22ed58ff71d810d74dc7cb7a"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3638
Expires
Thu, 12 Oct 2023 16:56:11 GMT
index.html
s0.2mdn.net/sadbundle/784153069353114801/ Frame 7E45
25 KB
5 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
928c6ff608266a282223dd0ef872e4d32f5dcdf5bb05664b47d8a8b1ed1b588c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
407332
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4919
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 07 Oct 2023 23:32:19 GMT
expires
Sun, 06 Oct 2024 23:32:19 GMT
last-modified
Tue, 28 Feb 2023 19:09:04 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C1CE
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvVhDS2gErN7oeQfQvhn87p7RT2qbZqfLs-U1CMoBqnjH2NmvkMtgnrOGMqwg_LTcXRcGA9lBpmTApZZWj_bCFGZ95_5D15eOitrQ8yZmyoDv3DfmZ0tV77HXW-mPTOyzTJaU6ouwgPAsklZC-37FpkkZinftlvdXcDJmhNuuQhPQk2L7Q&sai=AMfl-YTcqE5bV7B9cVIXhXpqTlsZp2jyC1cPP0XM5Aa4X_zkRGUCXelPaB5_n1fmxE-O_kOoByK4iHmvQBoAZeIDw0gaB7YexVwOtNG_zQ&sig=Cg0ArKJSzK9YUdYZTR35EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=369&cbvp=1&cstd=364&cisv=r20231004.06064&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: sirends.memo-memo.info
URL: https://sirends.memo-memo.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
event.jpg
tps-dn-ue1.doubleverify.com/ Frame 48A9
0
116 B
Image
General
Full URL
https://tps-dn-ue1.doubleverify.com/event.jpg?impid=720196aae7c34627abfe6b7b8996ff12&consid=&api=1&rc=true&cbust=1697128871600271
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&u=%7CuhGTjjqDQ6gE3F3vJbgdu9C4iuav6WlNGumdhAcKOCU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cTdvO43_qcACOREm2mZuaI5MJHs1aiC91Vrm_XIUeNZSAMdtAH3wBTkQdahyweDSdfhmMnUdK2alaljWZeXJwFBArzLl5mK_e7ILlifAFPwGPqWOs_g3VOG__jstxV7F_uj2X_kvv_mAJym3FFACalnPnjXjvwqPezT-WvnulrvhLzYnNXim9cclSMMDy2P3mkvtSnPbFen9pHydtq_9xWYvptfyMnABJ-_JQLN18qvN3vuNrUuRIWQPXD4u4OkuRkvFoZ-yesWCBgLh9MHEy-1WL1p5HK8Bff11PORliJ9qZ16JFnqc-QPV_woy0hWj1U0lw655sTGAO4QuQcWkhJp8AXcsqRdM3b_EYJS1JTU2JUT7nKvPosozer9nm5iyANJNT9cyBfK3UWsheFJGRMkWoj1au_rE8GV-bA_fZYygsiBzTEcu080A524GUrhHGyYFK9cvvZ-RMNVktaQ2rNWzibRAzgvR3eUatg63f-3a8TH57hpGpWDBDtweiTjeMBkiQs-TqhEorF3jDpau9xeUGLuG9_OXq7vilEhWHQWu8siV8Y3CUOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9OIWpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoE0QFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9rv0PVlgcHQfRykl79OkpOG34PBMh1kHJ0K0E_dhYdNlGOy8GEV_O7loAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0i4aVDWwS2GgAKIu7vFcB62zfKmw%26client%3Dca-pub-9240827675325272%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.211.246.180 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
180.246.211.35.bc.googleusercontent.com
Software
openresty/1.21.4.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 12 Oct 2023 16:41:11 GMT
Server
openresty/1.21.4.2
gen_204
pagead2.googlesyndication.com/pagead/ Frame F638
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BxZ9ypyEoZavlAd-knboP_92M0AkAAAAAOAHgBAI&bg=!l5SllNvNAAYMG8UMLBs7ADQBe5WfOBfT6HJOw-Rr6Wj4FLrwzY0FJ-29MAGLamKX7mhQUFYxU0CZnZQA-R5S7mqitnYcAgAAAMJSAAAACWgBB5kDHDbDcTKuFpvqqgz_3P400Jz8XlHjs28zPncteloi_Aga-DgyHgh15N_TSzf95kQBTA4Zsavpt-PYjuZfLPxbMyqwpy5CV2zqr6uioq4GQs7LTUxFvobA2yuepbJNzbVOcdiAtajPTzBxvVIcCpD0XA_qrmWcQ-1fOYjy6gJqYx7hfDoGjt9w1rqJgXbOGUFnvGxWu3iozlJFu6ZgxIyrUq3T143Q4Is4UubzGEfTalYXineXVvuY13o8doYydF4d43LtNfDz-Uqst91TZntstgt3TzRRhK1mjv5DIfMhkOl3xbd21xtI0tLdeLguNBFnITZZbuXAOPiJ1vyxyTzB1A6ULU81EITcfkCqBsRnHWEtTi3hxMKJetllDmCg1wIR02kjuDnVA2CQCBSzF0dS83_zyfGulaTYFT-6LFGhPaBqprZNvChiyi26drdm8Gj8-U3ue6I-xcZB9AwGFarF2qcpPpzWJtS4R4WSwcEaqzzuedatK6DxEwus5vXLHn_HGk5NXcnrd9_RKz-2vAlZpiur0wNz1DPAh_gkIjXrykXx-Avi-NtJGpof_NNQjjkMfCvTk3KxbRoUBOS-5msyzRmDhOMfSyTbRh6JZifDJNBhcoUpEFOtbfzukuylXNzTgoEGthIyNSZQgo9TUrLH_xoP2YgCAjh7v8uMaHdWRQgzQdrGkb5CUbIPLAF7nxDb-dYiIvknDwHo16FZySH9KXJXWJHCY9dHpgUobxTFgVpoTM_X4HmbB55PRpML2q6NXZEYaC-RrHQb0nhGHdydTDxY672-gVPsfoPPgf404vQBtU-Rv91gwcLvCxOUMh1YCzkft5-mmDdSp7uMxy_OqvNHLlymrWzkR4VJbxbTT4AnFXWvUVApjkup99mBWV8soAIVr5amck5ejB5WBFcAn_krPMiFpuaK8ktaPmafPs5OK8TUvNnFkR1pKP4JXZqw7hLH02ZGoJ3UFdlUFpE8lSI5tdy-Gr1IendsWKMibfdvVPYsfsibwKrZNbNUtmiCdr3C0abuUXdHncSg0gpvbsYR5KbJ1syuFXSHLDM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240827675325272&output=html&h=600&slotname=4119408137&adk=812464601&adf=2634367456&pi=t.ma~as.4119408137&w=128&fwrn=4&fwrnh=100&lmt=1697153015&rafmt=1&format=128x600&url=https%3A%2F%2Fsirends.memo-memo.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697128868554&bpp=2&bdt=643&idt=524&shv=r20231004&mjsv=m202310040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4971281237222&frm=20&pv=1&ga_vid=2116679871.1697128868&ga_sid=1697128868&ga_hid=318293186&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=417&ady=532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801485%2C44804783%2C44805098%2C21065725&oid=2&pvsid=2910085789306659&tmod=564289721&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xaQWMiIT4A&p=https%3A//sirends.memo-memo.info&dtd=530
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 16:41:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 51D0
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CpvBMpSEoZZjrCsjIxtYP67CyoAucge-wXNKWqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTI0MDgyNzY3NTMyNTI3MsgBCagDAcgDAqoEzgFP0OhIXR1cIDDuMUr26GebVto-2mD9TlRGw0Ta5P2jKXIh2qDi0sa5Za7t0oydYPfmH415bEIHh0-ASiDUMsvPeh00w3P8N3sCnG0Rhb6EuJ87VT01Dxi1GWzrJec9ci2y2astPHe1IKHbK3SFjDmzEgV2f6gj6hQ8rD1B_MzWEy1m2MaZjH_OmiGvyvcsIZ9RhUStJycWGVeQAxb8HmKpAarLguahxN9r_UH1BMG6qo77eWEptnOpv88ALMFbiLbv2Du2v6gDGkkPD1W9sIAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05MjQwODI3Njc1MzI1MjcyGAA&sigh=5JBrCXO6zLo&uach_m=[UACH]&cid=CAQSSwDICaaNqZllMxPmQifrl8ShHNsat09xAmfKDsY4BiLrMh_IEcE9Qs_S8s6l3_yQ6kAxN3eAP_MKL7YJ7SyToFWKGSd4H1UCNELGORgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240827675325272&output=html&h=280&slotname=7406286145&adk=2270771412&adf=4042884004&pi=t.ma~as.7406286145&w=631&fwrn=4&fwrnh=100&lmt=1697153015&rafmt=1&format=631x280&url=https%3A%2F%2Fsirends.memo-memo.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697128868557&bpp=1&bdt=646&idt=535&shv=r20231004&mjsv=m202310040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C128x600&nras=1&correlator=4971281237222&frm=20&pv=1&ga_vid=2116679871.1697128868&ga_sid=1697128868&ga_hid=318293186&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=552&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801485%2C44804783%2C44805098%2C21065725&oid=2&pvsid=2910085789306659&tmod=564289721&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=iGmVQOgpQl&p=https%3A//sirends.memo-memo.info&dtd=541
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240827675325272&output=html&h=280&slotname=7406286145&adk=2270771412&adf=4042884004&pi=t.ma~as.7406286145&w=631&fwrn=4&fwrnh=100&lmt=1697153015&rafmt=1&format=631x280&url=https%3A%2F%2Fsirends.memo-memo.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697128868557&bpp=1&bdt=646&idt=535&shv=r20231004&mjsv=m202310040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C128x600&nras=1&correlator=4971281237222&frm=20&pv=1&ga_vid=2116679871.1697128868&ga_sid=1697128868&ga_hid=318293186&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=552&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801485%2C44804783%2C44805098%2C21065725&oid=2&pvsid=2910085789306659&tmod=564289721&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=iGmVQOgpQl&p=https%3A//sirends.memo-memo.info&dtd=541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 12 Oct 2023 16:41:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.va.us.criteo.com/google/auction/ Frame 51D0
0
126 B
Image
General
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kK_oEs36RPcEmALiIp0XAgAAAEroRo6tB0E9EKQhKGXi1fz7KOaZL4qnAAASAAAKCkFRVUJDZ0VCQ2c&wp=ZSghpQACtZgE0aRIAAyYa_oFWFFkpLysdMzDhA&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240827675325272&output=html&h=280&slotname=7406286145&adk=2270771412&adf=4042884004&pi=t.ma~as.7406286145&w=631&fwrn=4&fwrnh=100&lmt=1697153015&rafmt=1&format=631x280&url=https%3A%2F%2Fsirends.memo-memo.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697128868557&bpp=1&bdt=646&idt=535&shv=r20231004&mjsv=m202310040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C128x600&nras=1&correlator=4971281237222&frm=20&pv=1&ga_vid=2116679871.1697128868&ga_sid=1697128868&ga_hid=318293186&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=552&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801485%2C44804783%2C44805098%2C21065725&oid=2&pvsid=2910085789306659&tmod=564289721&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=iGmVQOgpQl&p=https%3A//sirends.memo-memo.info&dtd=541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:11 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
210488
server
Kestrel
content-length
0
dv-measurements4803.js
cdn.doubleverify.com/ Frame 33E1
420 KB
99 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements4803.js
Requested by
Host: sirends.memo-memo.info
URL: https://sirends.memo-memo.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
bb09f6f5afc84a2d5c07b93504bd195710d337e66f0080f3d371ca6d4d13b06e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 16:41:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Oct 2023 08:04:58 GMT
Server
UploadServer
ETag
"6e216fbcbcd9255ae84b27ab277cefe7"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
101040
Expires
Fri, 11 Oct 2024 16:41:11 GMT
4d37f3281d4ac0019a7a01f13345c41d.js
s0.2mdn.net/sadbundle/784153069353114801/ Frame 7E45
72 KB
18 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/784153069353114801/4d37f3281d4ac0019a7a01f13345c41d.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b752d6573806a8acdb4a8ebdf1bd2ef66e51b460b187f2f05f183030d1cb3d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 05:07:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41609
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18715
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 19:09:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Oct 2024 05:07:42 GMT
915f709232b7565002120a23fe9b608f.jpg
s0.2mdn.net/sadbundle/784153069353114801/media/ Frame 7E45
18 KB
18 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/784153069353114801/media/915f709232b7565002120a23fe9b608f.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86ad4fa505d5b279289bc4dbf195b2a865dbf8aa30c7d99e009a7e32e05d4ff0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:32:20 GMT
x-content-type-options
nosniff
age
407332
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18132
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 19:09:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 23:32:20 GMT
a8feb32419527cfb940aa24619fb756f.jpg
s0.2mdn.net/sadbundle/784153069353114801/media/ Frame 7E45
14 KB
14 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/784153069353114801/media/a8feb32419527cfb940aa24619fb756f.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94913c040d2053746eac26f6e93214f740b1c9f1c7d8964d3defe7fc6e831804
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:33:50 GMT
x-content-type-options
nosniff
age
11242
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14775
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 19:09:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Oct 2024 13:33:50 GMT
d65eef3eb1fbfe79da56f8afc6d39d2b.svg
s0.2mdn.net/sadbundle/784153069353114801/media/ Frame 7E45
7 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/784153069353114801/media/d65eef3eb1fbfe79da56f8afc6d39d2b.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49156144ce99edaa1f85d81300e9d3f57d837f9c61e7c107addb7e46962c905
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
407332
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2606
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 19:09:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 23:32:20 GMT
visit.js
tps.doubleverify.com/ Frame 33E1
694 B
730 B
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=163&ttfrms=8&brid=3&brver=117.0.5938.149&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauD%3AC6%3F5D%5D%3E6%3E%40%5C%3E6%3E%40%5D%3A%3F7%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauD%3AC6%3F5D%5D%3E6%3E%40%5C%3E6%3E%40%5D%3A%3F7%40Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=1871&ddur=370&uid=1697128872050510&jsCallback=dvCallback_1697128872050292&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.149%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=480&winw=128&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4803&tgjsver=4803&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9240827675325272%26output%3Dhtml%26h%3D600%26slotname%3D4119408137%26adk%3D812464601%26adf%3D2634367456%26pi%3Dt.ma~as.4119408137%26w%3D128%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1697153015%26rafmt%3D1%26format%3D128x600%26url%3Dhttps%253A%252F%252Fsirends.memo-memo.info%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1697128868554%26bpp%3D2%26bdt%3D643%26idt%3D524%26shv%3Dr20231004%26mjsv%3Dm202310040101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D4971281237222%26frm%3D20%26pv%3D1%26ga_vid%3D2116679871.1697128868%26ga_sid%3D1697128868%26ga_hid%3D318293186%26ga_fc%3D1%26u_tz%3D-600%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D417%26ady%3D532%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44801485%252C44804783%252C44805098%252C21065725%26oid%3D2%26pvsid%3D2910085789306659%26tmod%3D564289721%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DxaQWMiIT4A%26p%3Dhttps%253A%2F%2Fsirends.memo-memo.info%26dtd%3D530&fcifrms=4&brh=2&dvp_epl=292&noc=4&nav_pltfrm=Win32&ctx=1720848&cmp=29253195&sid=5265576&plc=357435121&crt=188128674&btreg=552083689&btadsrv=doubleclick&adsrv=1&advid=3318532&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&region=30&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=33166680.830084153&dvp_tukv=912401427279.3665&dvp_strhd=0.2999992370605469&dvpx_strhd=0.2999992370605469&dvp_tuid=597009328245&jurtd=1154406108
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4803.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
624f13cdd5eb080bdcd54e06a308ece980f91b8b35e52d3557af09cc88337a91

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Oct 2023 16:41:12 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
10/11/2023 16:41:12
915f709232b7565002120a23fe9b608f.jpg
s0.2mdn.net/sadbundle/784153069353114801/media/ Frame 7E45
18 KB
18 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/784153069353114801/media/915f709232b7565002120a23fe9b608f.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86ad4fa505d5b279289bc4dbf195b2a865dbf8aa30c7d99e009a7e32e05d4ff0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:32:20 GMT
x-content-type-options
nosniff
age
407332
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18132
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 19:09:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 23:32:20 GMT
a8feb32419527cfb940aa24619fb756f.jpg
s0.2mdn.net/sadbundle/784153069353114801/media/ Frame 7E45
14 KB
14 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/784153069353114801/media/a8feb32419527cfb940aa24619fb756f.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94913c040d2053746eac26f6e93214f740b1c9f1c7d8964d3defe7fc6e831804
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:33:50 GMT
x-content-type-options
nosniff
age
11242
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14775
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 19:09:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Oct 2024 13:33:50 GMT
115dae216eec88d84c25e6ec6773b6e3.jpg
s0.2mdn.net/sadbundle/784153069353114801/media/ Frame 7E45
16 KB
16 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/784153069353114801/media/115dae216eec88d84c25e6ec6773b6e3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28f77ef8f0efca437023d8068bc2dbea0a99278af3cf0e8665ebf93dd98ea7f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:27:06 GMT
x-content-type-options
nosniff
age
270846
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16136
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 19:09:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 13:27:06 GMT
91f907ff8a1d360bda9c51b63523966a.svg
s0.2mdn.net/sadbundle/784153069353114801/media/ Frame 7E45
6 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/784153069353114801/media/91f907ff8a1d360bda9c51b63523966a.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bfc4ef4de7ebf21e9344766c240bb02316fbd143b62ff06971ac5c46b96626a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
407332
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2458
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 19:09:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 23:32:20 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C1CE
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvVhDS2gErN7oeQfQvhn87p7RT2qbZqfLs-U1CMoBqnjH2NmvkMtgnrOGMqwg_LTcXRcGA9lBpmTApZZWj_bCFGZ95_5D15eOitrQ8yZmyoDv3DfmZ0tV77HXW-mPTOyzTJaU6ouwgPAsklZC-37FpkkZinftlvdXcDJmhNuuQhPQk2L7Q&sai=AMfl-YTcqE5bV7B9cVIXhXpqTlsZp2jyC1cPP0XM5Aa4X_zkRGUCXelPaB5_n1fmxE-O_kOoByK4iHmvQBoAZeIDw0gaB7YexVwOtNG_zQ&sig=Cg0ArKJSzK9YUdYZTR35EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1222&vt=11&dtpt=853&dett=3&cstd=364&cisv=r20231004.06064&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: sirends.memo-memo.info
URL: https://sirends.memo-memo.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame C1CE
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cbj7XpSEoZYehC7nN998PrYuH0Arqo4usc7qP4vqfEWQQASCVnegDYMmGgIDco8QQoAG-2p35AsgBCagDAcgDAqoE1wFP0CTXFN3OgLfODdyGmSvKnDdRprPiZWjlAIZ2iD2sGzWKI6qOOltZlKamlrZ39dP5FaKA1ka3aDJD12x0I-U9DBN7Qe9rj7r5Q7072OKZ4MWZChPs5siBxNDQ6ySjgCIs40o7PXZtH8i_pVmKgII-eeMeLgmZD1ah4X3I_B3VjRxsWIH3If5RcOJNXMhTW8J1MlEbo8a0PiD8MZHbC5E_AfbF_kiqvfsvda6a0x9rBXQqNajzKeJEct6JrYXfJkUNtOCrILLLZ1rmSv1cqyt6kjuVk_iFTcAE3oDR_tEDiAWo2fnSLpIFBAgEGAGSBQQIBRgEoAYRgAeqpeKGAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMupBdIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2gwQCgoQoNShvYihs8VcEgIBA9gTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi05MjQwODI3Njc1MzI1MjcyGAA&sigh=CczEBfAmdP4&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNPnTH9bvl7ng5PeHwXCI68fWO1d2B64f3y04yAiTaZIiSSL1sykUnOaW-2Lxhy0vRFQR4GP7q1fdcjzpD4zYT5tYbAyvBHtYYAQ&cbvp=2&vis=1
Requested by
Host: sirends.memo-memo.info
URL: https://sirends.memo-memo.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240827675325272&output=html&h=600&slotname=4119408137&adk=812464601&adf=2634367456&pi=t.ma~as.4119408137&w=128&fwrn=4&fwrnh=100&lmt=1697153015&rafmt=1&format=128x600&url=https%3A%2F%2Fsirends.memo-memo.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697128868554&bpp=2&bdt=643&idt=524&shv=r20231004&mjsv=m202310040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4971281237222&frm=20&pv=1&ga_vid=2116679871.1697128868&ga_sid=1697128868&ga_hid=318293186&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=417&ady=532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801485%2C44804783%2C44805098%2C21065725&oid=2&pvsid=2910085789306659&tmod=564289721&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xaQWMiIT4A&p=https%3A//sirends.memo-memo.info&dtd=530
Attribution-Reporting-Eligible
event-source
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 12 Oct 2023 16:41:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310040101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bcc4211bca13150a86802d653446e77653caffb678f2d2789c75754dd40af645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sirends.memo-memo.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11961
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310040101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sirends.memo-memo.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 16:41:12 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C1CE
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGpZnNyrQKSAMYay3IXrG28sjCtAG7flVBp_6rwzZndMocEJw-YcshJMvTg7cuUZy-UwAWZNGwsb_y1bbRB2V_dhUK3EhsnkQmbBSCFr8OhS0&sig=Cg0ArKJSzKVWE72hFpzwEAE&id=lidar2&mcvt=1001&p=0,0,480,128&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=425106994&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697128869640&rpt=1926&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 16:41:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0C5D
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sirends.memo-memo.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
251282
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 18:53:10 GMT
expires
Tue, 08 Oct 2024 18:53:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9596
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2004 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
e3aba187ca852cd233e741506b6fc9d583107f380c21cda3508dbfce85a12250
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J9wyos5DNWt8bRb8bn1WYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sirends.memo-memo.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-J9wyos5DNWt8bRb8bn1WYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 12 Oct 2023 16:41:12 GMT
expires
Thu, 12 Oct 2023 16:41:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame 0C5D
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 04:28:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
216750
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Oct 2024 04:28:42 GMT
generate_204
tpc.googlesyndication.com/ Frame 0C5D
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?55KhEg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 9596
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=2910085789306659&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame C1CE
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSBd4eoC_bJmmQf97rko2z-18VNod_MosLyGw-i4moBG3ty0_G8bzQqzNzHbnpUE7T1PEWij5fNDgK1F5zKaSJsxnO1d1MR9R2HA4xOYNqMeMFPmp7tK6uq1SMOYcpJ5Wm5kPsEhsvJqd1BOXyswzlH8TB1SO67xmg5DKl&sai=AMfl-YQ1D-1FiUfa3u60Gvb7pIswB456tHBj20rxCBIb4CfdcoC1UlWOyuDW8JY4F5vNhKS8eVse4LZgs7Rcuk4cadEb3QbWav1pmiOZ_XanTX76vzwco1sIl9UT0Zoo736-oITN5Io19syjJMF5hA&sig=Cg0ArKJSzCv6we4Ec-VGEAE&cid=CAQSTADICaaNPnTH9bvl7ng5PeHwXCI68fWO1d2B64f3y04yAiTaZIiSSL1sykUnOaW-2Lxhy0vRFQR4GP7q1fdcjzpD4zYT5tYbAyvBHtYYAQ&id=lidar2&mcvt=1001&p=0,0,480,128&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=812464601&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697128869640&rpt=2734&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 16:41:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=2910085789306659&bg=!sLOls_zNAAbjlzx0w5c7ADQBe5WfOP3zL1ne8kIMGrIrgH9w5UK2nzQK1w-nGuxszW_1QCpKqJ00wjTzpcKvJ08j0nNpAgAAAJBSAAAAE2gBBwoAXPSUvEL20DJPaASjINBb4bU3M78GbsPYLdmIsxhs8QBTKNNFRCuS9tJmG4scOcw7LNIwZ_wl8peBHr5m8liLXvTuzbfaCW9MEygsC09sDQ7P1uw-enKIdMFMSfnWmQLR0O2lelfNvzwhPl4_9AEANr2XNePuCkrOpLepaCB3yyG7qsm2z8f4Dzn-WO12cK4bqQN-mHZdZqViBFlpJPFhe98FrWh8gnt9sr5lw_SdGQ7ESt3dASWCbDKQmqEYvvhT3SoVuyBP8gYukfXDY0aVvfHNPMRt7hwwpfE7ob35O_PiL6rd2ZqZr9mRry1kbDkCKp0lAxqq70jpDkkP5E4F-ZEZqG11t-iIUlGdj5JlEIHZhuxAFVNWoIg-35jKbiogbjvkuwpzANHooEaFRsU14i7q43TS5cIkQfLv7ytF0PcPlackofj_smhsEQMTk5b7x-NiVAgRK3XFeYZuAOy1VbFd4NZP7S7zqKXdPahurIiK7h6y-JNEEbxbU4Zrd2Qz06kvoa8Ezywk1Cm9rpTgGVl0RKPiN_eW4-CLi-BsCQ0dzmPlX33dlZaHVg9XzWicdOFSRUtblNch_JNb_ErCMXa-2ZzOLTkejq5gmgVXbOCbcUlhdqvbEDk2Xwg1pdGSrNj-uzJ7KF-WM1eM7KvRf3QuiWrOcUXZ1diRcKAx5xwCHmM3jBIAAsA0l2qbzIlJ9KuCSbHeAs8XOHPgVXe6HUszY3Rxdwsma-QHvy_0BhF-eXQnKODfaYHPW38zkbNF4r_c_22GZt3f8nohkMVKIXkhlxb8Hl-9HPf82A43wLitLKDjIPThRZF7Xo1kMtHx48ZGQbHAfRJtc4q3Qn3REhXQKwPiIMpGwVqKvHgzum2uVsqopFchHCNDiLYzjlGEVka4DyAxP8v2ZrfT9v4_JOiU5nWOkBMpwTPz0yla8Geda2FnXPf20ZF6E26CC1hv65Ucb_GHWpa9ueKdWv0gMg7rhw-v7hVH1ZbyFV4f5-JhQKeNOnI5wyqDl9mNW7HTm6Q3wlxQMDsKN7DX9_Eq4dYHwSzSf-i4mJNHEzpM_Xl5d4h4ppT-Pm-QayKN23YNIw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sirends.memo-memo.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

event.png
tpsc-ue1.doubleverify.com/ Frame 48A9
0
298 B
Ping
General
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=720196aae7c34627abfe6b7b8996ff12&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_asmm=1&vdur=329&eoid=16&te_exec=0&msrjs=4803&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=653&tetms=28&msltms=252&vltms=329&sei=289&vetms=56&tuviims=375&tuviems=760&engms=1&engisel=1&dvp_dtcov=4&sim=3&msrcanlm=392&msrcannum=5&ee_dp_tmads=2521&ismms=58&isumms=58&nvr=2&isgmmims=58&isgmv4mims=58&elmtp=8&isbxdms=2459&b0=2562&adhgt=28&adwdth=173&norwdth=168&norhgt=28&dvp_vsosnmr=1&lftb=2562&sftb=2562&msrdp=21&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=280&cwdth=631&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=57&dvp_dpr=1&vstsz=892&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3417&cbust=1697128874600630
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4803.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://ads.us.criteo.com
Pragma
no-cache
Date
Thu, 12 Oct 2023 16:41:14 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-10-11T16:41:14
event.png
tpsc-ue1.doubleverify.com/ Frame 33E1
0
308 B
Ping
General
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=644379335a6642d8a741d0438cbcb0ba&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_btreg=552083689&ee_dp_btros_64=0&ee_dp_tskt=ctdetms%2C154%2C4%3Biabletms%2C160%2C1%3Biadletms%2C160%2C0%3Biadcetms%2C160%2C0%3Bialeetms%2C161%2C0%3Bicifdetms%2C161%2C0%3Btsetms%2C150%2C9%3Bipvietms%2C153%2C0%3Bprvietms%2C150%2C8%3Bfvietms%2C159%2C1%3Bpovietms%2C159%2C0%3Bimaetms%2C154%2C5%3Biesuimestms%2C151%2C3%3Bsrbf%2C0%2C1%3Bal64%2C162%2C1%3Bal65536%2C163%2C0%3Bal128%2C163%2C1%3Bal512%2C164%2C0%3Bundefined%2C164%2C1%3Bal8%2C165%2C0%3Bal256%2C165%2C161%3Bal64%2C1163%2C0%3Bal65536%2C1164%2C0%3Bal128%2C1164%2C1%3Bal512%2C1164%2C0%3Bal64%2C2164%2C1%3Bal65536%2C2164%2C0%3Bal128%2C2165%2C1%3Bal512%2C2166%2C0&ee_dp_asmm=1&vdur=63&eoid=22&te_exec=0&msrjs=4803&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=370&tetms=11&msltms=137&vltms=63&sei=290&vetms=140&tuviims=171&tuviems=374&engms=1&engisel=1&dvp_dtcov=4&sim=3&msrcanlm=266&msrcannum=3&ee_dp_tmads=2312&ismms=15&isumms=14&nvr=6&isgmmims=15&isgmv4mims=15&elmtp=1&isbxdms=2214&b0=282&b11=2116&adhgt=480&adwdth=128&vsos=3&dvp_vsosnmr=16&lftb=2398&sftb=2398&msrdp=2&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=480&cwdth=128&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1118&isuiabvms=1118&isgmpims=217&isgmv4dpims=1118&ispmxpms=1118&engalms=14&engscrlms=218&dvp_pageEng=true&dvp_dpr=1&vstsz=736&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3211&cbust=1697128875255538
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4803.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Pragma
no-cache
Date
Thu, 12 Oct 2023 16:41:15 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-10-11T16:41:15
115dae216eec88d84c25e6ec6773b6e3.jpg
s0.2mdn.net/sadbundle/784153069353114801/media/ Frame 7E45
16 KB
16 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/784153069353114801/media/115dae216eec88d84c25e6ec6773b6e3.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28f77ef8f0efca437023d8068bc2dbea0a99278af3cf0e8665ebf93dd98ea7f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:27:06 GMT
x-content-type-options
nosniff
age
270849
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16136
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 19:09:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 13:27:06 GMT
6e488f2aa8ae7396f7ff7e760fbcaa0f.jpg
s0.2mdn.net/sadbundle/784153069353114801/media/ Frame 7E45
30 KB
30 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/784153069353114801/media/6e488f2aa8ae7396f7ff7e760fbcaa0f.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a5dd96e432cf0bb4696c6229a180932faa6be92f80c70a4f0594cfb624d1e04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:32:24 GMT
x-content-type-options
nosniff
age
407331
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30955
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 19:09:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 23:32:24 GMT
b4cf2dde0150a51fe9b29974726e6efd.jpg
s0.2mdn.net/sadbundle/784153069353114801/media/ Frame 7E45
3 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/784153069353114801/media/b4cf2dde0150a51fe9b29974726e6efd.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e7110d5e1e5e959d3ce19dfbd3b3536fd9b7bdb9b91dcd51d34be3ad5c59ae0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:32:24 GMT
x-content-type-options
nosniff
age
407331
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3057
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 19:09:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 23:32:24 GMT
e4ce69736bd7d2353893304d41591229.svg
s0.2mdn.net/sadbundle/784153069353114801/media/ Frame 7E45
6 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/784153069353114801/media/e4ce69736bd7d2353893304d41591229.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95e3218bbc415b216724dd6b3d7af2f1bbd2b683b612718731013618f18b3a66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:32:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
407331
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2485
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 19:09:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 23:32:24 GMT
e4f21dd7babf9773a19dbb191f56a5be.svg
s0.2mdn.net/sadbundle/784153069353114801/media/ Frame 7E45
5 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/784153069353114801/media/e4f21dd7babf9773a19dbb191f56a5be.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8b1945a07041bbf5504ff344ff76a9980b2cdec8a3fdc4f9fd33338d6e97d5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1873
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 19:09:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Oct 2024 16:41:15 GMT
d6f396e57e2911238653fa01bc2e9f31.svg
s0.2mdn.net/sadbundle/784153069353114801/media/ Frame 7E45
2 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/784153069353114801/media/d6f396e57e2911238653fa01bc2e9f31.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28ab97bba04fff28955029f79f6a142d00e6a71826708dde356751e58245a9ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:32:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
407331
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1095
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 19:09:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 23:32:24 GMT
91e2cb016ae6ac64b777549ea7f153d2.jpg
s0.2mdn.net/sadbundle/784153069353114801/media/ Frame 7E45
12 KB
12 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/784153069353114801/media/91e2cb016ae6ac64b777549ea7f153d2.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95caa47457dcd4722b75ac68374f2ee4c09b6a875d546dc5a520036ad9a3836f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:32:24 GMT
x-content-type-options
nosniff
age
407331
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12187
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 19:09:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 23:32:24 GMT
e023dddb6006e00315fa7521845f1d1a.svg
s0.2mdn.net/sadbundle/784153069353114801/media/ Frame 7E45
8 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/784153069353114801/media/e023dddb6006e00315fa7521845f1d1a.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee60e8211a396a4122974fb7364c1d0032be256095431767786eb32709e8d7a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 21:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242614
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2597
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 19:09:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 21:17:41 GMT
6e488f2aa8ae7396f7ff7e760fbcaa0f.jpg
s0.2mdn.net/sadbundle/784153069353114801/media/ Frame 7E45
30 KB
30 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/784153069353114801/media/6e488f2aa8ae7396f7ff7e760fbcaa0f.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a5dd96e432cf0bb4696c6229a180932faa6be92f80c70a4f0594cfb624d1e04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:32:24 GMT
x-content-type-options
nosniff
age
407335
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30955
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 19:09:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 23:32:24 GMT
b4cf2dde0150a51fe9b29974726e6efd.jpg
s0.2mdn.net/sadbundle/784153069353114801/media/ Frame 7E45
3 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/784153069353114801/media/b4cf2dde0150a51fe9b29974726e6efd.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e7110d5e1e5e959d3ce19dfbd3b3536fd9b7bdb9b91dcd51d34be3ad5c59ae0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:32:24 GMT
x-content-type-options
nosniff
age
407335
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3057
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 19:09:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 23:32:24 GMT
49563328f17dff424742ec79f14d00ac.svg
s0.2mdn.net/sadbundle/784153069353114801/media/ Frame 7E45
3 KB
998 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/784153069353114801/media/49563328f17dff424742ec79f14d00ac.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42af7466ba1bc18f8e3fd0abe129e66a15c57232c4e0f8fb7a26e709db0c3a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 18:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167574
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
969
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 19:09:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Oct 2024 18:08:25 GMT
91e2cb016ae6ac64b777549ea7f153d2.jpg
s0.2mdn.net/sadbundle/784153069353114801/media/ Frame 7E45
12 KB
12 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/784153069353114801/media/91e2cb016ae6ac64b777549ea7f153d2.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95caa47457dcd4722b75ac68374f2ee4c09b6a875d546dc5a520036ad9a3836f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/784153069353114801/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:32:24 GMT
x-content-type-options
nosniff
age
407335
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12187
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 19:09:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Oct 2024 23:32:24 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
x4.karou.jp
URL
http://x4.karou.jp/ufo/040533500

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 string| _uacct number| _userv number| _ufsc string| _udn string| _uhash string| _utimeout string| _ugifpath string| _utsp number| _uflash number| _utitle number| _ulink number| _uanchor string| _utcp number| _usample number| _uctm string| _ucto string| _uccn string| _ucmd string| _ucsr string| _uctr string| _ucct string| _ucid string| _ucno object| _uOsr object| _uOkw object| _uOno object| _uRno number| _uff number| _udh object| _udt number| _ubl string| _udo number| _uu number| _ufns number| _uns string| _ur number| _ufno number| _ust object| _ubd object| _udl string| _udlh string| _uwv string| _ugifpath2 function| urchinTracker function| _uGH function| _uInfo function| _uVoid function| _uCInfo function| _uRef function| _uOrg function| _uGCse function| _uBInfo function| __utmSetTrans function| _uFlash function| __utmLinkerUrl function| __utmLinker function| __utmLinkPost function| __utmSetVar function| _uGCS function| _uGC function| _uDomain function| _uHash function| _uFixA function| _uTrim function| _uEC function| __utmVisitorCode function| _uIN function| _uES function| _uUES function| _uVG function| _uSP function| urchinPathCopy function| _uCO function| _uGT string| _utk function| _uNx object| gaGlobal object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data boolean| google_plmetrics object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag

11 Cookies

Domain/Path Name / Value
.sirends.memo-memo.info/ Name: __utma
Value: 62395310.2116679871.1697128868.1697128868.1697128868.1
.sirends.memo-memo.info/ Name: __utmb
Value: 62395310
.sirends.memo-memo.info/ Name: __utmc
Value: 62395310
.sirends.memo-memo.info/ Name: __utmz
Value: 62395310.1697128868.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)
.memo-memo.info/ Name: __gads
Value: ID=0efd4c5bd5e9e161:T=1697128869:RT=1697128869:S=ALNI_Mb9b1F7m29KR8Ioftm0HdZYSXteWA
.memo-memo.info/ Name: __gpi
Value: UID=00000d98fcef53b4:T=1697128869:RT=1697128869:S=ALNI_MYvXRJ25xiCjdcg0dnKkNCK7QeqNA
.samplicio.us/ Name: _ftv
Value: c5fd6c6e-1c97-40bc-a00f-7390ecbb54cd
.agkn.com/ Name: ab
Value: 0001%3AEZ8P5c6F39Nfx1EZnJyV19fwdI3FpJSX
.agkn.com/ Name: u
Value: C|0AAAsut4mLLreJgAAAAAA
.doubleclick.net/ Name: APC
Value: AfxxVi4vHbTzV4zTmglm9uOfp-TIyOHkFutkBVeCMWe8Pe6PyA-RKw
.doubleclick.net/ Name: IDE
Value: AHWqTUnPdYtyqmyxvQB6-pKphLRBxZ6zfqZrLbgb4R6bK8EstWwOaI1pvNL9c2lNrDo

8 Console Messages

Source Level URL
Text
security warning URL: https://sirends.memo-memo.info/
Message:
Mixed Content: The page at 'https://sirends.memo-memo.info/' was loaded over HTTPS, but requested an insecure element 'http://www15.a8.net/0.gif?a8mat=UFUUP+19UI7U+348+65MEA'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://sirends.memo-memo.info/(Line 484)
Message:
Mixed Content: The page at 'https://sirends.memo-memo.info/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.memo-memo.info/blog/mt/mt-search.cgi'. This endpoint should be made available over a secure connection.
security warning URL: https://sirends.memo-memo.info/(Line 521)
Message:
Mixed Content: The page at 'https://sirends.memo-memo.info/' was loaded over HTTPS, but requested an insecure element 'http://www15.a8.net/0.gif?a8mat=UFUUP+19UI7U+348+65MEA'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://sirends.memo-memo.info/
Message:
Mixed Content: The page at 'https://sirends.memo-memo.info/' was loaded over HTTPS, but requested an insecure script 'http://x4.karou.jp/ufo/040533500'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://sirends.memo-memo.info/(Line 567)
Message:
Mixed Content: The page at 'https://sirends.memo-memo.info/' was loaded over HTTPS, but requested an insecure element 'http://sirends.memo-memo.info/img/blog_bg0.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://sirends.memo-memo.info/(Line 567)
Message:
Mixed Content: The page at 'https://sirends.memo-memo.info/' was loaded over HTTPS, but requested an insecure element 'http://sirends.memo-memo.info/img/blog_bg.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240827675325272&output=html&h=280&slotname=7406286145&adk=2270771412&adf=4042884004&pi=t.ma~as.7406286145&w=631&fwrn=4&fwrnh=100&lmt=1697153015&rafmt=1&format=631x280&url=https%3A%2F%2Fsirends.memo-memo.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697128868557&bpp=1&bdt=646&idt=535&shv=r20231004&mjsv=m202310040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C128x600&nras=1&correlator=4971281237222&frm=20&pv=1&ga_vid=2116679871.1697128868&ga_sid=1697128868&ga_hid=318293186&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=552&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801485%2C44804783%2C44805098%2C21065725&oid=2&pvsid=2910085789306659&tmod=564289721&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=iGmVQOgpQl&p=https%3A//sirends.memo-memo.info&dtd=541
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v97.js(Line 91)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.us.criteo.com
cat.va.us.criteo.com
cdn.doubleverify.com
cdnjs.cloudflare.com
csm.us.criteo.net
d.agkn.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imageproxy.us.criteo.net
pagead2.googlesyndication.com
partner.googleadservices.com
rtb.va.us.criteo.com
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
s0.2mdn.net
sirends.memo-memo.info
ssl.google-analytics.com
static.criteo.net
tpc.googlesyndication.com
tps-dn-ue1.doubleverify.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
tracker.samplicio.us
www.google-analytics.com
www.google.com
www.googletagservices.com
www15.a8.net
x4.karou.jp
x4.karou.jp
104.126.118.248
162.43.120.139
172.217.13.130
172.217.13.198
2600:141b:1c00:f::172c:c9cc
2600:9000:24fd:9000:19:fc2c:a140:93a1
2606:4700::6811:190e
2607:f8b0:4020:804::2002
2607:f8b0:4020:804::200e
2607:f8b0:4020:805::2001
2607:f8b0:4020:805::2002
2607:f8b0:4020:805::2004
2607:f8b0:4020:805::2006
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::2008
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::9
34.117.228.201
34.233.194.100
35.211.246.180
35.72.40.230
74.119.119.147
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a211c34072bcc85b159f2a8a0b50a0f7fbdc704432a6fe28547341469d9de0f
0e7110d5e1e5e959d3ce19dfbd3b3536fd9b7bdb9b91dcd51d34be3ad5c59ae0
11a4fc513e33124bd2ee8f273d906082f9e387008962390c58c127661baf5bb3
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
265b40a174a1d393bae10ab321afc4816330fbb4babc663571b99138d133c2a5
28ab97bba04fff28955029f79f6a142d00e6a71826708dde356751e58245a9ab
28f77ef8f0efca437023d8068bc2dbea0a99278af3cf0e8665ebf93dd98ea7f9
2bfc4ef4de7ebf21e9344766c240bb02316fbd143b62ff06971ac5c46b96626a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3bb7a800a851a024835e116e70dcd721149e8803c2a5e160d4c9ce0e90872578
3be61af8ca1be1fea37c76d6fcaa4c3076fe975ceed168c92f786f19bed21392
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
451ded36558671724ca59c1f62c89639c13db4df999e7cee508ae531b3a7fded
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
4b0d2ee17e159364f0d4a96d143c7d9ed00b7c82cbf169fde785971776d58fdd
4b752d6573806a8acdb4a8ebdf1bd2ef66e51b460b187f2f05f183030d1cb3d0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562b0d731fcffeb1e38287af947284e576e391311c1ec56b8f23f350c4fcd8bd
5a5dd96e432cf0bb4696c6229a180932faa6be92f80c70a4f0594cfb624d1e04
5a84d1c11d52aaa25f9d41a0495e1639ede69b398e42e736bf4013c78b9239b4
5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
624f13cdd5eb080bdcd54e06a308ece980f91b8b35e52d3557af09cc88337a91
641416ed079498211c1f5a1fa31d58bf3033cc27c14359b711f0b84ef33b138b
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b23a2a55e15ddffdc187b1107030f6ed53d4abe5d4c0900022451d20c3dfb54
6c166bec955dc4d00a3a849c70eb55ef8219802e9a85c97be64d1beada9b7472
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
816af84dc5e0eb0fc43b99ee8d68e0c63d189d16da35b730f180a96d0ab245f4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85f72f8cb9af0c48a997c37c52581ce969de6d4a29a1ccb7e8b975ec57063dc9
86ad4fa505d5b279289bc4dbf195b2a865dbf8aa30c7d99e009a7e32e05d4ff0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
928c6ff608266a282223dd0ef872e4d32f5dcdf5bb05664b47d8a8b1ed1b588c
94913c040d2053746eac26f6e93214f740b1c9f1c7d8964d3defe7fc6e831804
95caa47457dcd4722b75ac68374f2ee4c09b6a875d546dc5a520036ad9a3836f
95e3218bbc415b216724dd6b3d7af2f1bbd2b683b612718731013618f18b3a66
9d0661e0ed6b39735b63a4ca0f74b5b641e2d5b3d1cf8af59059ef6ed1d953f1
9dd64f09f41d6d9c9c3aec435873ae57573bfc4365abbfefbba1ba8261a34b47
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a42af7466ba1bc18f8e3fd0abe129e66a15c57232c4e0f8fb7a26e709db0c3a0
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b042c88ba6ced6d6c9eda9bb19512279790b05e0f8d39380548599bcd85a55cf
b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067
b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86
b5ffa81768670029d01777f59917b176b96b54740acc3d432be2215cfd3d77fc
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
bb09f6f5afc84a2d5c07b93504bd195710d337e66f0080f3d371ca6d4d13b06e
bcc4211bca13150a86802d653446e77653caffb678f2d2789c75754dd40af645
c548a30c41171b00c7d332fc539aa7fa0dceb71fc7d91d4bc7b65ed3bfed8382
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
c8b1945a07041bbf5504ff344ff76a9980b2cdec8a3fdc4f9fd33338d6e97d5e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3aba187ca852cd233e741506b6fc9d583107f380c21cda3508dbfce85a12250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71ead872291701a2b3765536f6b3a466d2e3a05721c9318498d67fb47fc4c85
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee250497042f6d358d6aea7bd8da72850daf63fd3fe6aaa0c293c0482051a07b
ee2c7a5bf89ca71b328b28b59835e70507498d3c4e8452dd0e2bcf955d63b976
ee60e8211a396a4122974fb7364c1d0032be256095431767786eb32709e8d7a9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f229bd1cc10477835ed852793ef3b3553d65bdeda48c65bc2ee4e6fd03497d1e
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
f49156144ce99edaa1f85d81300e9d3f57d837f9c61e7c107addb7e46962c905
f58a826cc66e6cdc2f6b4f8f41786c03c30368139ad240284e7fa96fc6b047a3
ff6693afb13911f43828eec580056e50fcf3a36ef1e8519dcb07f2e1d782eeb9