wisconsin.med-info.org Open in urlscan Pro
45.63.18.208 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wisconsin.med-info.org/
Effective URL:
https://wisconsin.med-info.org/
Submission: On December 05 via api (December 5th 2022, 9:50:03 pm UTC) from US — Scanned from US

Summary HTTP 171 Redirects Links 59 Behaviour Indicators

Summary

This website contacted 31 IPs in 4 countries across 27 domains to perform 171 HTTP transactions. The main IP is 45.63.18.208, located in Piscataway, United States and belongs to AS-CHOOPA, US. The main domain is wisconsin.med-info.org.
TLS certificate: Issued by R3 on December 3rd 2022. Valid for: 3 months.

This is the only time wisconsin.med-info.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	45.63.18.208 45.63.18.208	20473 (AS-CHOOPA) (AS-CHOOPA)
17	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2008	15169 (GOOGLE) (GOOGLE)
2	149.28.59.158 149.28.59.158	20473 (AS-CHOOPA) (AS-CHOOPA)
2	2607:f8b0:400... 2607:f8b0:4006:80c::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
16	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:809::200e	15169 (GOOGLE) (GOOGLE)
1 8	2607:f8b0:400... 2607:f8b0:4006:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
29	2607:f8b0:400... 2607:f8b0:4006:80e::2001	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:823::2003	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800b... 2620:116:800b:21:b08a:1dc5:659b:4055	27281 (QUANTCAST) (QUANTCAST)
1 1	20.242.10.199 20.242.10.199	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 15	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
3 3	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3 3	104.36.115.113 104.36.115.113	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	54.198.81.87 54.198.81.87	14618 (AMAZON-AES) (AMAZON-AES)
6	23.221.200.79 23.221.200.79	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.117.182.27 104.117.182.27	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	23.205.72.21 23.205.72.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:c::8	15169 (GOOGLE) (GOOGLE)
1 1	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
2	104.117.182.24 104.117.182.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
171	31

18 45.63.18.208 (Piscataway, United States) 1 redirects

ASN20473 (AS-CHOOPA, US)
PTR: 45.63.18.208.vultrusercontent.com

wisconsin.med-info.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:80f::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2008 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.28.59.158 (Piscataway, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 149.28.59.158.vultrusercontent.com

cntad.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4006:80e::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:809::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80e::2004 (Hudson Falls, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80c::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81d::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2607:f8b0:4006:80e::2001 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81e::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:80e::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:b08a:1dc5:659b:4055 (United States) 1 redirects

ASN27281 (QUANTCAST, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.242.10.199 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

beacon.walmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.251.40.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.36.115.113 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.33.19 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.198.81.87 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-81-87.compute-1.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.221.200.79 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-200-79.deploy.static.akamaitechnologies.com

hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.117.182.27 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-27.deploy.static.akamaitechnologies.com

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.205.72.21 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-72-21.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:c::8 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

rr3---sn-ab5sznzs.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.30 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.117.182.24 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-24.deploy.static.akamaitechnologies.com

res-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 109 tpc.googlesyndication.com — Cisco Umbrella Rank: 144	482 KB
31	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 cm.g.doubleclick.net — Cisco Umbrella Rank: 234	201 KB
27	gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com fonts.gstatic.com csi.gstatic.com	801 KB
18	med-info.org 1 redirects wisconsin.med-info.org	131 KB
14	google.com 1 redirects cse.google.com — Cisco Umbrella Rank: 3310 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 87 clients1.google.com — Cisco Umbrella Rank: 477	171 KB
9	media.net hblg.media.net — Cisco Umbrella Rank: 1914 contextual.media.net — Cisco Umbrella Rank: 600 warp.media.net — Cisco Umbrella Rank: 2566 lg3.media.net — Cisco Umbrella Rank: 4894 cs.media.net — Cisco Umbrella Rank: 1474	157 KB
7	googleapis.com www.googleapis.com — Cisco Umbrella Rank: 30 fonts.googleapis.com — Cisco Umbrella Rank: 51	5 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	285 KB
3	akamaihd.net qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1854 res-a.akamaihd.net — Cisco Umbrella Rank: 8072	47 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 467	3 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 734	1 KB
3	openx.net 3 redirects rtb.openx.net — Cisco Umbrella Rank: 1824	601 B
2	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 116	3 KB
2	adingo.jp 2 redirects cc.adingo.jp — Cisco Umbrella Rank: 3980	724 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 721	803 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	89 KB
2	cntad.win cntad.win	1 KB
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 1148	730 B
1	googlevideo.com rr3---sn-ab5sznzs.googlevideo.com — Cisco Umbrella Rank: 21990	702 KB
1	ytimg.com i1.ytimg.com — Cisco Umbrella Rank: 1778	9 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 351	461 B
1	walmart.com 1 redirects beacon.walmart.com — Cisco Umbrella Rank: 4064	575 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 942	698 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 38	352 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	78 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 759	33 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
171	27

	Domain	Requested by
29	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
18	wisconsin.med-info.org	1 redirects wisconsin.med-info.org
17	pagead2.googlesyndication.com	wisconsin.med-info.org pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net wisconsin.med-info.org
15	cm.g.doubleclick.net	1 redirects wisconsin.med-info.org googleads.g.doubleclick.net
9	www.gstatic.com	googleads.g.doubleclick.net
8	www.google.com	1 redirects cse.google.com www.google.com wisconsin.med-info.org googleads.g.doubleclick.net tpc.googlesyndication.com
6	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	googleads.g.doubleclick.net
3	contextual.media.net	googleads.g.doubleclick.net contextual.media.net
3	ssum-sec.casalemedia.com	3 redirects
3	image6.pubmatic.com	3 redirects
3	rtb.openx.net	3 redirects
3	fonts.gstatic.com	fonts.googleapis.com
3	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
2	www.facebook.com	1 redirects connect.facebook.net
2	res-a.akamaihd.net	contextual.media.net
2	lg3.media.net	googleads.g.doubleclick.net contextual.media.net
2	csi.gstatic.com	www.gstatic.com
2	hblg.media.net	wisconsin.med-info.org googleads.g.doubleclick.net
2	cc.adingo.jp	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	connect.facebook.net	wisconsin.med-info.org connect.facebook.net
2	cse.google.com	wisconsin.med-info.org www.google.com
2	cntad.win	wisconsin.med-info.org cntad.win
1	cs.media.net	contextual.media.net
1	odr.mookie1.com	1 redirects
1	rr3---sn-ab5sznzs.googlevideo.com	googleads.g.doubleclick.net
1	i1.ytimg.com	googleads.g.doubleclick.net
1	warp.media.net	googleads.g.doubleclick.net
1	qsearch-a.akamaihd.net	wisconsin.med-info.org
1	pixel.rubiconproject.com	1 redirects
1	beacon.walmart.com	1 redirects
1	clients1.google.com	wisconsin.med-info.org
1	www.googleapis.com	wisconsin.med-info.org
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	wisconsin.med-info.org
1	code.jquery.com	wisconsin.med-info.org
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
171	44

This site contains links to these domains. Also see Links.

Domain
med-info.org
alabama.med-info.org
alaska.med-info.org
arizona.med-info.org
arkansas.med-info.org
california.med-info.org
colorado.med-info.org
connecticut.med-info.org
delaware.med-info.org
florida.med-info.org
georgia.med-info.org
hawaii.med-info.org
idaho.med-info.org
illinois.med-info.org
indiana.med-info.org
iowa.med-info.org
kansas.med-info.org
kentucky.med-info.org
louisiana.med-info.org
maine.med-info.org
maryland.med-info.org
massachusetts.med-info.org
michigan.med-info.org
minnesota.med-info.org
mississippi.med-info.org
missouri.med-info.org
montana.med-info.org
nebraska.med-info.org
nevada.med-info.org
new-hampshire.med-info.org
new-jersey.med-info.org
new-mexico.med-info.org
new-york.med-info.org
north-carolina.med-info.org
north-dakota.med-info.org
ohio.med-info.org
oklahoma.med-info.org
oregon.med-info.org
pennsylvania.med-info.org
rhode-island.med-info.org
south-carolina.med-info.org
south-dakota.med-info.org
tennessee.med-info.org
texas.med-info.org
utah.med-info.org
vermont.med-info.org
virginia.med-info.org
washington.med-info.org
west-virginia.med-info.org
wyoming.med-info.org
www.facebook.com
reddit.com

Subject Issuer	Validity	Valid
med-info.org R3	`2022-12-03` - `2023-03-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
cntad.win R3	`2022-11-15` - `2023-02-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-14` - `2022-12-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-11-08` - `2023-01-17`	2 months	crt.sh

This page contains 25 frames:

Primary Page: https://wisconsin.med-info.org/
Frame ID: C6EC5F00EA4C9CB11410A540E3B1D0AE
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: E8C2B3247BC35B34E4E5819ABAEA3FC8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&adk=1812271804&adf=3025194257&lmt=1670276996&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwisconsin.med-info.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996499&bpp=4&bdt=155&idt=149&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8405627573285&frm=20&pv=2&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=172
Frame ID: BD23F27E5F9F070521E5DA276427DE50
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=15&slotname=7087119590&adk=1203247078&adf=2685088838&pi=t.ma~as.7087119590&w=728&lmt=1670276996&url=https%3A%2F%2Fwisconsin.med-info.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996503&bpp=2&bdt=159&idt=179&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=z6UN3BFqNS&p=https%3A//wisconsin.med-info.org&dtd=186
Frame ID: 6DF37B91FE0A08C4CACFE4F7C5001EA1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2082688565&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996505&bpp=2&bdt=161&idt=202&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rRyXNs3MnA&p=https%3A//wisconsin.med-info.org&dtd=205
Frame ID: 6603DA1E6D2C16362B1DB240C1210C7E
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213
Frame ID: A73252C345180CC61EBBBD6CA4809D3D
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=600&slotname=9122255996&adk=4265169166&adf=4200724890&pi=t.ma~as.9122255996&w=269&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=269x600&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996508&bpp=1&bdt=164&idt=250&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=903&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=dNlLAMwyXq&p=https%3A//wisconsin.med-info.org&dtd=257
Frame ID: D6F37911DD383CB32630C561E55CFFB8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=90&slotname=8563852798&adk=1213201053&adf=187084629&pi=t.ma~as.8563852798&w=160&lmt=1670276996&url=https%3A%2F%2Fwisconsin.med-info.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996508&bpp=1&bdt=164&idt=282&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddd0c14652bbd96b3-22f49b4c8ed800df%3AT%3D1670276996%3ART%3D1670276996%3AS%3DALNI_MYVwW1DliAfNYxP21bzUakX_3Cmvg&gpic=UID%3D000008c67c685225%3AT%3D1670276996%3ART%3D1670276996%3AS%3DALNI_MZJTXyobn1MDFySNyfh0ez9Jn6qRg&prev_fmts=0x0%2C649x280%2C649x280%2C269x600&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1188&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=vbdugAOZLV&p=https%3A//wisconsin.med-info.org&dtd=286
Frame ID: EB08D5E2229FEC7B5EB97ECCB9E6272D
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: ED02ED41EA4A836CD0B41B3389744EB6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 15C99E9FA6C467E06913717A31CF363E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 6AD516EFFDC10EF184CF58D9D7057B4F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 6435142836E1C02A58AF80C178F2AC8E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: EB3FFF10D260805521BA8CB7C5BAA98B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: CE40A7228BEF2982A432045230D9A6EE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: EE3A34488E8749EAA9401F81B4E68F4C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C7kLlhGeOY7m7MP_jxtYP75SdmAO-laSvbPfa0tOsDMCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTY5MTgyNjE3NjIyOTk2NDHIAQmoAwGqBMQBT9DQjLFtuH_l_Gh7yQqLMNX30pyfv8ZLa6NfTVu9qk1Vtei0TskYaiXoSJ-LFrrVS1tZPdxANhTB2jJNU0KFtfVOKFL4NYk6qafOhCRSRo0VQax2aka_yfdd2XLrg-dOvvzuf3HMl6aQr1V3b62CT6YZtbwRkSs7YNksjVXUVWFjQHhIjcyKs7VC9c3VfElTGqeFkPFimjCeCgvx6zcfd05k9G13Wjif1XpYmN3l5cllSf-CIiArJXL4k553ODtfvBkTtYAGt7Wm15fUipJKoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjkxODI2MTc2MjI5OTY0MRgA&sigh=yMTF8Ak3ZVI&uach_m=[UACH]&cid=CAQSKQDq26N9S0NoqNQBTF6BqOtTYfsRxdGmoRU1tDTD7w6o5RSJ4GYPHlWBGAEgEw
Frame ID: E061F7FF9EE5D82FD07678629F6D1070
Requests: 12 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/6548e2693f53f59daa3961d0dd1d6f1f.js?tag=client_fast_engine_2019
Frame ID: 7C20253818F863AE5F2B78B77A17BDBE
Requests: 13 HTTP requests in this frame

Frame: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=225021408&size=160x600&cc=US&sc=NY&chnm=HARMONY&pid=8POJ4N28G&tpid=TMF5G1T&https=1&vif=2&requrl=https%3A%2F%2Fwisconsin.med-info.org&nse=5&vi=1670276998775379456&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B4xegxxzax&bcpf=B48fOnRrolnfOur8xegxxzax&bdrId=294&bid=328263&ntv=0&matchstring=hr%3D0%7Cbcat%3D500670%2C501011&katpre=1&katbid=-102&pgid=p12331960t202212052149&newfl=1&htmlsrc=1&allsc=NY
Frame ID: 8E05ED3431555B40D576EEC1172FF512
Requests: 8 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 76D1AE6E6844DECCCC5E0E2E8EFCC578
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 36B875461A8B418021C71D81F6ED2428
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 7942122676C0EC83F5ED3636622D0554
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 6FB435C02C5C42D72700E11217022167
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df273bc0761e3acc%2526domain%253Dwisconsin.med-info.org%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwisconsin.med-info.org%25252Ff6c44d40031d24%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D304%26header%3Dtrue%26height%3D290%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F584377958388207%252F%26locale%3Den_US%26sdk%3Djoey%26show_border%3Dtrue%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D290
Frame ID: 42AA0B446679DDF5FFAD9002DEECB486
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 65868CEFEBB541BE32EF284D4C22B940
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D79B63F3E8FBCD38DF9EC37E820CB860
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wisconsin, Alternative Medicine, Folk remedy and healing, popular curesearch

Page URL History Show full URLs

http://wisconsin.med-info.org/ HTTP 301
https://wisconsin.med-info.org/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

171
Requests

92 %
HTTPS

62 %
IPv6

27
Domains

44
Subdomains

31
IPs

4
Countries

3192 kB
Transfer

6260 kB
Size

23
Cookies

59 Outgoing links

These are links going to different origins than the main page.

URL: https://med-info.org/

Search URL Search Domain Scan URL

URL: https://alabama.med-info.org/
Title: Alabama

Search URL Search Domain Scan URL

URL: https://alaska.med-info.org/
Title: Alaska

Search URL Search Domain Scan URL

URL: https://arizona.med-info.org/
Title: Arizona

Search URL Search Domain Scan URL

URL: https://arkansas.med-info.org/
Title: Arkansas

Search URL Search Domain Scan URL

URL: https://california.med-info.org/
Title: California

Search URL Search Domain Scan URL

URL: https://colorado.med-info.org/
Title: Colorado

Search URL Search Domain Scan URL

URL: https://connecticut.med-info.org/
Title: Connecticut

Search URL Search Domain Scan URL

URL: https://delaware.med-info.org/
Title: Delaware

Search URL Search Domain Scan URL

URL: https://florida.med-info.org/
Title: Florida

Search URL Search Domain Scan URL

URL: https://georgia.med-info.org/
Title: Georgia

Search URL Search Domain Scan URL

URL: https://hawaii.med-info.org/
Title: Hawaii

Search URL Search Domain Scan URL

URL: https://idaho.med-info.org/
Title: Idaho

Search URL Search Domain Scan URL

URL: https://illinois.med-info.org/
Title: Illinois

Search URL Search Domain Scan URL

URL: https://indiana.med-info.org/
Title: Indiana

Search URL Search Domain Scan URL

URL: https://iowa.med-info.org/
Title: Iowa

Search URL Search Domain Scan URL

URL: https://kansas.med-info.org/
Title: Kansas

Search URL Search Domain Scan URL

URL: https://kentucky.med-info.org/
Title: Kentucky

Search URL Search Domain Scan URL

URL: https://louisiana.med-info.org/
Title: Louisiana

Search URL Search Domain Scan URL

URL: https://maine.med-info.org/
Title: Maine

Search URL Search Domain Scan URL

URL: https://maryland.med-info.org/
Title: Maryland

Search URL Search Domain Scan URL

URL: https://massachusetts.med-info.org/
Title: Massachusetts

Search URL Search Domain Scan URL

URL: https://michigan.med-info.org/
Title: Michigan

Search URL Search Domain Scan URL

URL: https://minnesota.med-info.org/
Title: Minnesota

Search URL Search Domain Scan URL

URL: https://mississippi.med-info.org/
Title: Mississippi

Search URL Search Domain Scan URL

URL: https://missouri.med-info.org/
Title: Missouri

Search URL Search Domain Scan URL

URL: https://montana.med-info.org/
Title: Montana

Search URL Search Domain Scan URL

URL: https://nebraska.med-info.org/
Title: Nebraska

Search URL Search Domain Scan URL

URL: https://nevada.med-info.org/
Title: Nevada

Search URL Search Domain Scan URL

URL: https://new-hampshire.med-info.org/
Title: New Hampshire

Search URL Search Domain Scan URL

URL: https://new-jersey.med-info.org/
Title: New Jersey

Search URL Search Domain Scan URL

URL: https://new-mexico.med-info.org/
Title: New Mexico

Search URL Search Domain Scan URL

URL: https://new-york.med-info.org/
Title: New York

Search URL Search Domain Scan URL

URL: https://north-carolina.med-info.org/
Title: North Carolina

Search URL Search Domain Scan URL

URL: https://north-dakota.med-info.org/
Title: North Dakota

Search URL Search Domain Scan URL

URL: https://ohio.med-info.org/
Title: Ohio

Search URL Search Domain Scan URL

URL: https://oklahoma.med-info.org/
Title: Oklahoma

Search URL Search Domain Scan URL

URL: https://oregon.med-info.org/
Title: Oregon

Search URL Search Domain Scan URL

URL: https://pennsylvania.med-info.org/
Title: Pennsylvania

Search URL Search Domain Scan URL

URL: https://rhode-island.med-info.org/
Title: Rhode Island

Search URL Search Domain Scan URL

URL: https://south-carolina.med-info.org/
Title: South Carolina

Search URL Search Domain Scan URL

URL: https://south-dakota.med-info.org/
Title: South Dakota

Search URL Search Domain Scan URL

URL: https://tennessee.med-info.org/
Title: Tennessee

Search URL Search Domain Scan URL

URL: https://texas.med-info.org/
Title: Texas

Search URL Search Domain Scan URL

URL: https://utah.med-info.org/
Title: Utah

Search URL Search Domain Scan URL

URL: https://vermont.med-info.org/
Title: Vermont

Search URL Search Domain Scan URL

URL: https://virginia.med-info.org/
Title: Virginia

Search URL Search Domain Scan URL

URL: https://washington.med-info.org/
Title: Washington

Search URL Search Domain Scan URL

URL: https://west-virginia.med-info.org/
Title: West Virginia

Search URL Search Domain Scan URL

URL: https://wyoming.med-info.org/
Title: Wyoming

Search URL Search Domain Scan URL

URL: https://med-info.org/terms/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://med-info.org/privacy/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://med-info.org/message/
Title: Contact us

Search URL Search Domain Scan URL

URL: https://med-info.org/faq/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://med-info.org/writeforus/
Title: Write for us

Search URL Search Domain Scan URL

URL: https://med-info.org/rss.php

Search URL Search Domain Scan URL

URL: https://www.facebook.com/584377958388207/

Search URL Search Domain Scan URL

URL: https://med-info.org/add/

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https%3A%2F%2Fwisconsin.med-info.org%2F&title=Wisconsin%2C%20Alternative%20Medicine%2C%20Folk%20remedy%20and%20healing%2C%20popular%20cure

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wisconsin.med-info.org/ HTTP 301
https://wisconsin.med-info.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEP1SPK7untxTgbbI6o2Ggnc&google_cver=1&google_push=ASkJ3FaEnBh7pzcuxdK4Oo_TOykq5Z8ltzMP6ZSGrXpNtA0Uqsa2RKmMB8I0M18m38ZNySdsL5UwDapD1fvneOCrJZi-t1BpFB6q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=dRWeU_O6hcpIut7pgXepSE&tap=gAds&google_gid=CAESEP1SPK7untxTgbbI6o2Ggnc&google_cver=1&google_push=ASkJ3FaEnBh7pzcuxdK4Oo_TOykq5Z8ltzMP6ZSGrXpNtA0Uqsa2RKmMB8I0M18m38ZNySdsL5UwDapD1fvneOCrJZi-t1BpFB6q

Request Chain 96

https://rtb.openx.net/sync/dds?google_gid=CAESEDIpisdRi8zAOIo29OtoT0w&google_cver=1&google_push=ASkJ3FYHoRmgRaPCgdwJ4iXfX6OOhMBFVlVWvYuhQ5FdF0LhqhSzcUGqgzPfjQKnd7prKnHwxdiTnUSdD3Xi0T9aalzCloI9UVQ HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEDIpisdRi8zAOIo29OtoT0w&google_cver=1&google_push=ASkJ3FYHoRmgRaPCgdwJ4iXfX6OOhMBFVlVWvYuhQ5FdF0LhqhSzcUGqgzPfjQKnd7prKnHwxdiTnUSdD3Xi0T9aalzCloI9UVQ&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FYHoRmgRaPCgdwJ4iXfX6OOhMBFVlVWvYuhQ5FdF0LhqhSzcUGqgzPfjQKnd7prKnHwxdiTnUSdD3Xi0T9aalzCloI9UVQ&google_hm=qDegU4fQxjUpNb-wZEmLww==

Request Chain 97

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJOslJUYveMx0nNJNJo61Pk&google_cver=1&google_push=ASkJ3FYuN87NWXci_1T0RlVrBVOq8aSYf53Qw8AHdkR_A0EivxiFqdBmUfHyLsr-RTDMn_9MGvroSrUWnTmYwXpq7be3i0l-OCSJ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJOslJUYveMx0nNJNJo61Pk&google_cver=1&google_push=ASkJ3FYuN87NWXci_1T0RlVrBVOq8aSYf53Qw8AHdkR_A0EivxiFqdBmUfHyLsr-RTDMn_9MGvroSrUWnTmYwXpq7be3i0l-OCSJ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-A4xiDOuTo6bqEvAbDziug%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYuN87NWXci_1T0RlVrBVOq8aSYf53Qw8AHdkR_A0EivxiFqdBmUfHyLsr-RTDMn_9MGvroSrUWnTmYwXpq7be3i0l-OCSJ

Request Chain 98

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBqUfC6eiRTp0B_drupyDpY&google_cver=1&google_push=ASkJ3FZBkdmRo3jhlLbOYaU6Qb0IhvRc5RuK9xpwI0ciIYSdRznsmZap-Y17vKBS5z4-icrq_MVuW9Lhj6Zka4r4fgZT94tbMrGA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCQlNSU0gtMU0tMjRJRQ==&google_push=ASkJ3FZBkdmRo3jhlLbOYaU6Qb0IhvRc5RuK9xpwI0ciIYSdRznsmZap-Y17vKBS5z4-icrq_MVuW9Lhj6Zka4r4fgZT94tbMrGA

Request Chain 99

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJjh3e44mBXDc_9385Q8sUU&google_cver=1&google_push=ASkJ3FZjSEAuJxoju5_nNRVL32qv1KeTofq0hfWiHZSuG7KW7LaX5u539GhrXKHMsHb53S4CxV6puTotvMgiuk7XIIH9A58Khmw HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJjh3e44mBXDc_9385Q8sUU&google_push=ASkJ3FZjSEAuJxoju5_nNRVL32qv1KeTofq0hfWiHZSuG7KW7LaX5u539GhrXKHMsHb53S4CxV6puTotvMgiuk7XIIH9A58Khmw&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJjh3e44mBXDc_9385Q8sUU&google_hm=Y45nhazpCAI-IUrWvKru1AAAACwAAAIB&google_nid=index&google_push=ASkJ3FZjSEAuJxoju5_nNRVL32qv1KeTofq0hfWiHZSuG7KW7LaX5u539GhrXKHMsHb53S4CxV6puTotvMgiuk7XIIH9A58Khmw

Request Chain 100

https://cc.adingo.jp/adx/push/?google_gid=CAESENmcqc0y4MmJBA4930pIcpQ&google_cver=1&google_push=ASkJ3Fba5OXpIOCoZaa3UUSfmV3UjXmW2xDJKqFfku8F9aH8uBdG1IORSgqHW8vJMS5yz51wEt-s7lBqiQb0j5yNpKrOsUvaJQ0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fba5OXpIOCoZaa3UUSfmV3UjXmW2xDJKqFfku8F9aH8uBdG1IORSgqHW8vJMS5yz51wEt-s7lBqiQb0j5yNpKrOsUvaJQ0&google_hm=213fc3458791b578c4ddb55a6e15bb4a

Request Chain 102

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 151

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEn9uAdEWGjUaAxcI-uQXQI&google_cver=1&google_push=ASkJ3FZOgBE9GH2qyp3PUuZ8Icd5xHOsddFoVYZy6n4xPWozNFAYCS84F0PYmF8eJKDuZZ2cRO8ffMLE7Hq5wADzgkehWkXluE1qiA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FZOgBE9GH2qyp3PUuZ8Icd5xHOsddFoVYZy6n4xPWozNFAYCS84F0PYmF8eJKDuZZ2cRO8ffMLE7Hq5wADzgkehWkXluE1qiA&google_hm=_oTXA-SRZt21R8fzhz6s9w

Request Chain 152

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEP-8yq4eHZIREpNPPbwG2X4&google_push=ASkJ3FZiRa_EYFOzypOmB4_-jIO6eI433CrgJGswiK7AgWuPcxKSCvtD47s6bTFf9VfMS8wEXqgFMRvf1lKGiilywqhjtACWqI_jNw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3FZiRa_EYFOzypOmB4_-jIO6eI433CrgJGswiK7AgWuPcxKSCvtD47s6bTFf9VfMS8wEXqgFMRvf1lKGiilywqhjtACWqI_jNw&google_hm=MTA1OTgxNjYxOTU4NzA1MDY2NDU

Request Chain 153

https://rtb.openx.net/sync/dds?google_gid=CAESEBTq5TnPTx_CopdSrKHaD-8&google_cver=1&google_push=ASkJ3FZG1iZ577yeIljDbObYuO_TrpgENBE2IOfay43A0DkO4NB4te59LCgd7YmM41J-AO1SxWQx1vhY55nBma2COY26cqfxw6LSzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FZG1iZ577yeIljDbObYuO_TrpgENBE2IOfay43A0DkO4NB4te59LCgd7YmM41J-AO1SxWQx1vhY55nBma2COY26cqfxw6LSzg&google_hm=qDegU4fQxjUpNb-wZEmLww==

Request Chain 154

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBinpAHZgs0arDFqszByDIY&google_cver=1&google_push=ASkJ3FatBdq2ggbfyxX-6XCOxO_DlykX-rIOdioNNeqgEL9v-HijSVq8rr3F5Z91apB4rj_RwtaIlcfPK-Kycg1IEEonB-wII5DW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-A4xiDOuTo6bqEvAbDziug%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FatBdq2ggbfyxX-6XCOxO_DlykX-rIOdioNNeqgEL9v-HijSVq8rr3F5Z91apB4rj_RwtaIlcfPK-Kycg1IEEonB-wII5DW

Request Chain 155

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECNZ81k2G79YIZtjKgCfYU8&google_cver=1&google_push=ASkJ3Fb6AikYG2zrEL3GS9kLZmf_gLdBv5pXXz_z0rBMca7hOFWjcXlFp6FrKfuMRF_xWtxIiuvkGmSgnvj9jeRxlxjN_0KKudD6wQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECNZ81k2G79YIZtjKgCfYU8&google_hm=Y45nhazpCAI-IUrWvKru1AAAACwAAAIB&google_nid=index&google_push=ASkJ3Fb6AikYG2zrEL3GS9kLZmf_gLdBv5pXXz_z0rBMca7hOFWjcXlFp6FrKfuMRF_xWtxIiuvkGmSgnvj9jeRxlxjN_0KKudD6wQ

Request Chain 156

https://cc.adingo.jp/adx/push/?google_gid=CAESEPPGzDPJ1NOu1TrJt6pIXeI&google_cver=1&google_push=ASkJ3FYyn0ICV0ikQ9yVSUA573Wnlm11imZ4PgUx0N8g27AWAHPcVuiYxB2ZWG2YheR5nZ4TPy7aKvLJHsdEHJ921iNU3LQRdagtpw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FYyn0ICV0ikQ9yVSUA573Wnlm11imZ4PgUx0N8g27AWAHPcVuiYxB2ZWG2YheR5nZ4TPy7aKvLJHsdEHJ921iNU3LQRdagtpw&google_hm=213fc3458791b578c4ddb55a6e15bb4a

Request Chain 159

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzEzMjc4NTk4MDgxMzI4MTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEE0kWZO-FgwY1sIcWb_93TI&google_cver=1

Request Chain 171

https://www.facebook.com/v2.0/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df273bc0761e3acc%26domain%3Dwisconsin.med-info.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwisconsin.med-info.org%252Ff6c44d40031d24%26relation%3Dparent.parent&color_scheme=light&container_width=304&header=true&height=290&href=https%3A%2F%2Fwww.facebook.com%2F584377958388207%2F&locale=en_US&sdk=joey&show_border=true&show_faces=true&stream=false&width=290 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df273bc0761e3acc%2526domain%253Dwisconsin.med-info.org%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwisconsin.med-info.org%25252Ff6c44d40031d24%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D304%26header%3Dtrue%26height%3D290%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F584377958388207%252F%26locale%3Den_US%26sdk%3Djoey%26show_border%3Dtrue%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D290

171 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
wisconsin.med-info.org/
Redirect Chain

http://wisconsin.med-info.org/
https://wisconsin.med-info.org/

52 KB
9 KB

33ms
15ms

Document
text/html

45.63.18.208
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://wisconsin.med-info.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.63.18.208 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.63.18.208.vultrusercontent.com
Software: Apache / PHP/5.4.16
Resource Hash: 971cbf0ac68a396082359f3d71e1196ebd151086b7ca462d3404473afbcc0059

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 9219
Content-Type: text/html;charset=UTF-8
Date: Mon, 05 Dec 2022 21:49:56 GMT
Expires: Wed, 04 Jan 2023 21:49:56 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Mon, 05 Dec 2022 21:49:56 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.16

Redirect headers

Connection: Keep-Alive
Content-Length: 239
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 05 Dec 2022 21:49:56 GMT
Keep-Alive: timeout=5, max=100
Location: https://wisconsin.med-info.org/
Server: Apache

GET
H/1.1 200
OK reset.css
wisconsin.med-info.org/tpl/ 1 KB
1 KB 10ms
9ms Stylesheet
text/css 45.63.18.208
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://wisconsin.med-info.org/tpl/reset.css
Requested by: Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.63.18.208 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.63.18.208.vultrusercontent.com
Software: Apache /
Resource Hash: e19c5963e47ae102ca8ea9b26062695bc86deaf6154ca8a3084810fd11710586

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 21:49:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jun 2022 07:15:58 GMT
Server: Apache
ETag: "541-5e1effe05586b-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 692

GET
H/1.1 200
OK olgrid.css
wisconsin.med-info.org/tpl/ 5 KB
2 KB 30ms
19ms Stylesheet
text/css 45.63.18.208
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://wisconsin.med-info.org/tpl/olgrid.css
Requested by: Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.63.18.208 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.63.18.208.vultrusercontent.com
Software: Apache /
Resource Hash: affb80a34ee48548cd287fafe91063f88535475d5b1a307e44a6f4e57b4ef87c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 21:49:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jun 2022 07:12:54 GMT
Server: Apache
ETag: "157b-5e1eff30523e4-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1320

GET
H/1.1 200
OK index.css
wisconsin.med-info.org/tpl/ 21 KB
5 KB 31ms
20ms Stylesheet
text/css 45.63.18.208
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://wisconsin.med-info.org/tpl/index.css
Requested by: Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.63.18.208 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.63.18.208.vultrusercontent.com
Software: Apache /
Resource Hash: ed3f60247ca405063650ca46c7acef274fb36bd9d129efa53109d7bc8e622ad6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 21:49:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jun 2022 07:06:26 GMT
Server: Apache
ETag: "5310-5e1efdbf0c14f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5085

GET
H/1.1 200
OK fbpopup.css
wisconsin.med-info.org/tpl/ 965 B
737 B 30ms
19ms Stylesheet
text/css 45.63.18.208
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://wisconsin.med-info.org/tpl/fbpopup.css
Requested by: Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.63.18.208 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.63.18.208.vultrusercontent.com
Software: Apache /
Resource Hash: 50648333f979f2fede4091ab0d5e42b4b38fda0258de11cad0943fb70ab66119

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 21:49:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Jun 2016 17:05:00 GMT
Server: Apache
ETag: "3c5-5357c5ad9e700-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 386

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
49 KB 65ms
36ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7a9ba5522849746df0fde0aa08ea1b8be5f5b5db3b96f86ccac4f298904b517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49153
x-xss-protection: 0
server: cafe
etag: 2041331700062730821
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 21:49:56 GMT

GET
H/1.1 200
OK US.gif
wisconsin.med-info.org/tpl/ 2 KB
2 KB 23ms
22ms Image
image/gif 45.63.18.208
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wisconsin.med-info.org/tpl/US.gif
Requested by: Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.63.18.208 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.63.18.208.vultrusercontent.com
Software: Apache /
Resource Hash: 4cca7e39412114f185d0dbe56ab441808a0031c78c82f4969b8d940b1548d81a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 21:49:56 GMT
Last-Modified: Fri, 17 Jun 2016 17:08:08 GMT
Server: Apache
ETag: "62b-5357c660e8e00"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1579

GET
H/1.1 200
OK WI.gif
wisconsin.med-info.org/tpl/ 1 KB
2 KB 22ms
21ms Image
image/gif 45.63.18.208
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wisconsin.med-info.org/tpl/WI.gif
Requested by: Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.63.18.208 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.63.18.208.vultrusercontent.com
Software: Apache /
Resource Hash: b1e853a4580c38ce58e73e9d5d810ec7553921015d64971c3138354bd3b2e5a0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 21:49:56 GMT
Last-Modified: Fri, 17 Jun 2016 17:08:22 GMT
Server: Apache
ETag: "517-5357c66e42d80"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1303

GET
H/1.1 200
OK share42.js Show response
wisconsin.med-info.org/js/ 5 KB
2 KB 24ms
23ms Script
application/javascript 45.63.18.208
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://wisconsin.med-info.org/js/share42.js
Requested by: Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.63.18.208 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.63.18.208.vultrusercontent.com
Software: Apache /
Resource Hash: adf73aa0305b205766893a466cf07bb217258a7c6412dd0673bc5fa6aab3727b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 21:49:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2022 05:22:56 GMT
Server: Apache
ETag: "1492-5dc1dc98044ff-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1961

GET
H2 200 jquery-1.8.1.min.js Show response
code.jquery.com/ 91 KB
33 KB 37ms
6ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.8.1.min.js
Requested by: Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: fc184f96dd18794e204c41075a00923be7e8e568744231d74f2fdf8921f78d29

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:56 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-16a78"
vary: Accept-Encoding
x-hw: 1670276996.dop131.ny3.t,1670276996.cds231.ny3.hn,1670276996.cds054.ny3.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33175

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
78 KB 69ms
41ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-84E59JVSYK

Requested by

Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a95f152c80ae9e159703227129e4f190a2ef05516518e645dadff47ab93515f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78981
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 05 Dec 2022 21:49:56 GMT

GET
H/1.1 200
OK fbpopup.js Show response
wisconsin.med-info.org/tpl/ 1 KB
1 KB 25ms
25ms Script
application/javascript 45.63.18.208
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://wisconsin.med-info.org/tpl/fbpopup.js
Requested by: Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.63.18.208 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.63.18.208.vultrusercontent.com
Software: Apache /
Resource Hash: 260a3cb1fcdadd36cade027abd78983a830b5967eada9793c191f00ba6ccd633

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 21:49:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Jun 2016 17:05:01 GMT
Server: Apache
ETag: "5bc-5357c5ae92940-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 736

GET
H/1.1 200
OK stat.js Show response
cntad.win/ 826 B
1 KB 49ms
5ms Script
application/javascript 149.28.59.158
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://cntad.win/stat.js
Requested by: Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.28.59.158 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.59.158.vultrusercontent.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 4f9aa0c16f4fc5cb347735cf14f530a4f6b401b6aa6545188034e800b2b2a7f7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 21:49:56 GMT
Last-Modified: Tue, 21 May 2019 06:06:48 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "33a-5895fa7764e00"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 826

GET
H/1.1 200
OK logo.png
wisconsin.med-info.org/tpl/ 25 KB
25 KB 53ms
36ms Image
image/png 45.63.18.208
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wisconsin.med-info.org/tpl/logo.png
Requested by: Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/tpl/index.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.63.18.208 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.63.18.208.vultrusercontent.com
Software: Apache /
Resource Hash: d2acaee7cb557780452b56f8ed9616a537b20db8b1d3feb9d9fffe215da07608

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/tpl/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 21:49:56 GMT
Last-Modified: Fri, 17 Jun 2016 17:06:20 GMT
Server: Apache
ETag: "640a-5357c5f9e9b00"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 25610

GET
H/1.1 200
OK item.gif
wisconsin.med-info.org/tpl/ 435 B
736 B 54ms
38ms Image
image/gif 45.63.18.208
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wisconsin.med-info.org/tpl/item.gif
Requested by: Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/tpl/index.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.63.18.208 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.63.18.208.vultrusercontent.com
Software: Apache /
Resource Hash: 616f48e920428089790403eb02d4c11299480c9d850f09d0573f20ddd0a0fca5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/tpl/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 21:49:56 GMT
Last-Modified: Fri, 17 Jun 2016 17:05:52 GMT
Server: Apache
ETag: "1b3-5357c5df35c00"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 435

GET
H/1.1 200
OK oneitem.png
wisconsin.med-info.org/tpl/ 6 KB
7 KB 32ms
29ms Image
image/png 45.63.18.208
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wisconsin.med-info.org/tpl/oneitem.png
Requested by: Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/tpl/index.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.63.18.208 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.63.18.208.vultrusercontent.com
Software: Apache /
Resource Hash: 2fe0f295cf5414658e0d6b7ff60bd4a54f23345cb8adb35fa5198c68a27634dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/tpl/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 21:49:56 GMT
Last-Modified: Mon, 01 Apr 2019 14:00:00 GMT
Server: Apache
ETag: "19b5-585786fb11800"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6581

GET
H/1.1 200
OK flg.jpg
wisconsin.med-info.org/tpl/ 51 KB
51 KB 30ms
27ms Image
image/jpeg 45.63.18.208
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wisconsin.med-info.org/tpl/flg.jpg
Requested by: Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/tpl/index.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.63.18.208 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.63.18.208.vultrusercontent.com
Software: Apache /
Resource Hash: 3f14e3a09c8d56425e0d497c794324a5323002bee504405781bb9d2a4c726c9b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/tpl/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 21:49:56 GMT
Last-Modified: Fri, 17 Jun 2016 17:05:07 GMT
Server: Apache
ETag: "cab7-5357c5b44b6c0"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 51895

GET
H/1.1 200
OK info.gif
wisconsin.med-info.org/tpl/ 654 B
954 B 29ms
28ms Image
image/gif 45.63.18.208
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wisconsin.med-info.org/tpl/info.gif
Requested by: Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/tpl/index.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.63.18.208 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.63.18.208.vultrusercontent.com
Software: Apache /
Resource Hash: 8e4a5154ef340c5027e548d5ea5c780b84cb0f0027b35d00fe40beb36e25da22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/tpl/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 21:49:56 GMT
Last-Modified: Fri, 17 Jun 2016 17:05:50 GMT
Server: Apache
ETag: "28e-5357c5dd4d780"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 654

GET
H/1.1 200
OK bot.gif
wisconsin.med-info.org/tpl/ 5 KB
5 KB 28ms
26ms Image
image/gif 45.63.18.208
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wisconsin.med-info.org/tpl/bot.gif
Requested by: Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/tpl/index.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.63.18.208 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.63.18.208.vultrusercontent.com
Software: Apache /
Resource Hash: 7df5ca3b59eea6fc025f5e6ab8d4e10e83dbd7766102394fa53309a4496d9d92

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/tpl/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 21:49:56 GMT
Last-Modified: Fri, 17 Jun 2016 17:04:23 GMT
Server: Apache
ETag: "128d-5357c58a553c0"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4749

GET
H/1.1 200
OK social.png
wisconsin.med-info.org/tpl/ 5 KB
5 KB 12ms
11ms Image
image/png 45.63.18.208
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wisconsin.med-info.org/tpl/social.png
Requested by: Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/tpl/index.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.63.18.208 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.63.18.208.vultrusercontent.com
Software: Apache /
Resource Hash: 27e480f018e4c88d20d93dfa41d87c1916429a4ec8f9997605a38172bcfa01af

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/tpl/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 21:49:56 GMT
Last-Modified: Fri, 17 Jan 2020 06:40:44 GMT
Server: Apache
ETag: "1291-59c5038929300"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4753

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 88ms
39ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=010798230594150672001:sno6rw33_4g

Requested by

Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

9fe6366fbb6bedf99d42136ff5a048e0cc419ca41b8fc739ad6f4b2583ad6cb6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Mon, 05 Dec 2022 21:49:56 GMT
content-encoding: br
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3493
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/tpl/fbpopup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7d87a2a67c2b5b6283af82f11251b407e92f1006917952dd5c16dbf6070a2ad2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 21:49:56 GMT
content-md5: /W+8Aw5b1OqnSCUsPsfhbQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: HcoRwsDmvyz/gcx4UwpBexcq6P69KNDp8Ivds2PKLGUh1Ol9Ced1QIFrFQzADj+v+yKxCHBVzfkzJjxyDuRByw==
x-fb-trip-id: 1512268381
x-fb-content-md5: 2b7708dba95b698c873c6444d399f948
cross-origin-opener-policy: same-origin-allow-popups
etag: "aa205c01cb6fe7318d37adf7a700c95f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=1,i
expires: Mon, 05 Dec 2022 22:01:55 GMT

GET
H/1.1 200
OK stat.php Show response
cntad.win/ 0
351 B 67ms
50ms XHR
application/x-javascript 149.28.59.158
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://cntad.win/stat.php?v=1&m=0.8878316980799392&d=wisconsin.med-info.org&u=https%3A//wisconsin.med-info.org/&r=&g=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.94%20Safari/537.36
Requested by: Host: cntad.win
URL: https://cntad.win/stat.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.28.59.158 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.59.158.vultrusercontent.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Dec 2022 21:49:56 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/ 355 KB
117 KB 75ms
74ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e96d5ddd39a2b3989fe4e3f18b134a6f445da1d00d5b9d7ad68a118c4077f8e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119775
x-xss-protection: 0
server: cafe
etag: 7152255357868624720
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 21:49:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame E8C2 10 KB
5 KB 23ms
5ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wisconsin.med-info.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 7879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 19:38:37 GMT
etag: 10353107486223812946
expires: Mon, 19 Dec 2022 19:38:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
352 B 39ms
17ms Ping
text/plain 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-84E59JVSYK&gtm=2oebu0&_p=1408977149&cid=1813864582.1670276997&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670276996&sct=1&seg=0&dl=https%3A%2F%2Fwisconsin.med-info.org%2F&dt=Wisconsin%2C%20Alternative%20Medicine%2C%20Folk%20remedy%20and%20healing%2C%20popular%20cure&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-84E59JVSYK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:809::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wisconsin.med-info.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
86 KB 15ms
6ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=873cfd80328aedd118508bc5f77d6dd3

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

359b45d75ea990909a4fcb6e7e19ca29f745d3c063c68b92979db16555193dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://wisconsin.med-info.org/
Origin: https://wisconsin.med-info.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 21:49:56 GMT
content-md5: MS2Z1oXnHbQmVQZO/Ef4pg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88365
x-fb-rlafr: 0
x-fb-debug: JK4ra74Vc5as88Y0TinWMQg2WQDxm3WFac8lpAydEmifQtCJGs6FUQANN8uDG7u0HXhXQpdB2GnwcSVzYwkBsQ==
x-fb-content-md5: 724e1b2963bef8012847c337cb0dff9a
cross-origin-opener-policy: same-origin-allow-popups
etag: "efe4684c67246aebe9bc4081fefa2bb3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 05 Dec 2023 19:00:13 GMT

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/f275a300093f201a/ 302 KB
101 KB 33ms
9ms Script
text/javascript 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/f275a300093f201a/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=010798230594150672001:sno6rw33_4g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec1555fc2430d7bf9eaccf108a229ebddd5522f8cdce5663ece904ec011da578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103180
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:37:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 05 Dec 2023 21:20:29 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/f275a300093f201a/ 41 KB
9 KB 31ms
8ms Stylesheet
text/css 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/f275a300093f201a/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=010798230594150672001:sno6rw33_4g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:37:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 05 Dec 2023 21:29:13 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 30ms
7ms Stylesheet
text/css 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=010798230594150672001:sno6rw33_4g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 05 Dec 2022 22:19:13 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
698 B 37ms
19ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=wisconsin.med-info.org&callback=_gfp_s_&client=ca-pub-6918261762299641&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfb1eb6f26a668c783077b5a9e63d2c1c7bbda0e92ce950107a57e5ed6a094ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
23ms Script
application/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wisconsin.med-info.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BD23 312 KB
71 KB 751ms
739ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&adk=1812271804&adf=3025194257&lmt=1670276996&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwisconsin.med-info.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996499&bpp=4&bdt=155&idt=149&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8405627573285&frm=20&pv=2&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=172

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77e151b99d1d7a599978700852ae70bda86b886e157017a22ec94d68de266c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wisconsin.med-info.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 72690
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 21:49:57 GMT
expires: Mon, 05 Dec 2022 21:49:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6DF3 603 B
68 B 39ms
39ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=15&slotname=7087119590&adk=1203247078&adf=2685088838&pi=t.ma~as.7087119590&w=728&lmt=1670276996&url=https%3A%2F%2Fwisconsin.med-info.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996503&bpp=2&bdt=159&idt=179&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=z6UN3BFqNS&p=https%3A//wisconsin.med-info.org&dtd=186

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wisconsin.med-info.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 21:49:56 GMT
expires: Mon, 05 Dec 2022 21:49:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6603 84 KB
30 KB 533ms
532ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2082688565&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996505&bpp=2&bdt=161&idt=202&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rRyXNs3MnA&p=https%3A//wisconsin.med-info.org&dtd=205

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e69092861abbca09412134d203c8da7928bb65c5a05e59045dd3ff042efbac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wisconsin.med-info.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30748
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 21:49:57 GMT
expires: Mon, 05 Dec 2022 21:49:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A732 135 KB
36 KB 551ms
550ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c515989a8e418d2918ed4318f438318f53620d5af860a6aa271586cfccb8d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wisconsin.med-info.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 36512
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 21:49:57 GMT
expires: Mon, 05 Dec 2022 21:49:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 async-ads.js Show response
cse.google.com/adsense/search/ 141 KB
51 KB 33ms
22ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/f275a300093f201a/cse_element__en.js?usqp=CAI%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c7189045ce2e0f65833c76bffce6a370c234587d5576ee39d951a11dcd78d92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "478021530417617228"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Mon, 05 Dec 2022 21:49:56 GMT

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 22ms
6ms Image
image/png 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/f275a300093f201a/default+en.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/cse/static/element/f275a300093f201a/default+en.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 07:39:35 GMT
x-content-type-options: nosniff
age: 483021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 30 Nov 2023 07:39:35 GMT

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 15ms
5ms Image
image/png 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 12:52:53 GMT
x-content-type-options: nosniff
age: 291423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 02 Dec 2023 12:52:53 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
210 B 27ms
6ms Image
text/plain 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:820::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 204 generate_204
clients1.google.com/ 0
210 B 63ms
4ms Image
text/plain 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:824::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D6F3 41 KB
16 KB 1234ms
1231ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=600&slotname=9122255996&adk=4265169166&adf=4200724890&pi=t.ma~as.9122255996&w=269&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=269x600&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996508&bpp=1&bdt=164&idt=250&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=903&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=dNlLAMwyXq&p=https%3A//wisconsin.med-info.org&dtd=257

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46cf40ab18f249cc38bccb94f40e9395673edeb38166a0ac38accd58ba375fd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wisconsin.med-info.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 16216
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 21:49:57 GMT
expires: Mon, 05 Dec 2022 21:49:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 38ms
24ms Script
application/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wisconsin.med-info.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EB08 85 KB
33 KB 487ms
486ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=90&slotname=8563852798&adk=1213201053&adf=187084629&pi=t.ma~as.8563852798&w=160&lmt=1670276996&url=https%3A%2F%2Fwisconsin.med-info.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996508&bpp=1&bdt=164&idt=282&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddd0c14652bbd96b3-22f49b4c8ed800df%3AT%3D1670276996%3ART%3D1670276996%3AS%3DALNI_MYVwW1DliAfNYxP21bzUakX_3Cmvg&gpic=UID%3D000008c67c685225%3AT%3D1670276996%3ART%3D1670276996%3AS%3DALNI_MZJTXyobn1MDFySNyfh0ez9Jn6qRg&prev_fmts=0x0%2C649x280%2C649x280%2C269x600&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1188&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=vbdugAOZLV&p=https%3A//wisconsin.med-info.org&dtd=286

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c31cb008469d7a4234e428fa2dc03fab1cb31688c1541aadfefa33c2f82bc16f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wisconsin.med-info.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33309
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 21:49:57 GMT
expires: Mon, 05 Dec 2022 21:49:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 6603 4 KB
1 KB 44ms
23ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2082688565&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996505&bpp=2&bdt=161&idt=202&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rRyXNs3MnA&p=https%3A//wisconsin.med-info.org&dtd=205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 21:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:23:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 21:49:57 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6603 2 KB
818 B 31ms
8ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:43:44 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 6603 23 KB
10 KB 29ms
5ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:45:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6603 3 KB
1 KB 20ms
9ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:45:36 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6603 18 KB
7 KB 29ms
7ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:43:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6603 155 KB
48 KB 79ms
42ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 21:49:57 GMT

GET
H2 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame 6603 34 KB
14 KB 29ms
5ms Script
text/javascript 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 18:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 21:52:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 03 Mar 2023 18:54:02 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6603 0
0 52ms
51ms Fetch
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVSTkhGeOY_aHLaa3xtYP2-6-oAjRjeXjbZuu9cPyEN_Gor3AARABIL6m-wZgycapi8Ck2A-gAaHAmPEoyAEJqAMByAPLBKoEywFP0MWaGVuFoR1EBwMHyCryxLCcmwU4mrpPaz3dPPfXJKcfgaQHBa_X8dnl-tmasm2tQBrn1g3azCddbZIQnNfMA8geNM1e_Rh9Ca8GDvCOMoItQG5jRq8aHOQUU7FkGWEJVypV8pdBwHWe-FbnrXUjTZZIvM1lU4Lp7aeS9QuBc5PevT1c2uBoOvTfwKf3EW-SCrq6HCU2OF-lvSJrXX_TsJK93k-tMd6NkBuyXFCV163oPP4dO1LtB7Y7k7nepi7gSkvhaypBOUN2icAE-a-VqJ4EkgUECAQYAZIFBAgFGASgBi6AB5fV4tEDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQvKUr0ggPCIBhEAEYHzICigI6AoBAgAoByAsBuBPkA9gTC9AVAYAXAbIXHAoaCAASFHB1Yi02OTE4MjYxNzYyMjk5NjQxGAA&sigh=1vZFlAzU2MY&uach_m=[UACH]&cid=CAQSGwDq26N9nldXv0R7HFp4I16mBOElkU2wX0DGFRgBIBM&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2082688565&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996505&bpp=2&bdt=161&idt=202&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rRyXNs3MnA&p=https%3A//wisconsin.med-info.org&dtd=205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Dec 2022 21:49:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame A732 2 KB
608 B 23ms
21ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 21:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:15:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 21:49:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame A732 2 KB
765 B 30ms
14ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:43:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame A732 23 KB
9 KB 28ms
12ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:45:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame A732 3 KB
1 KB 7ms
6ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:45:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame A732 18 KB
7 KB 21ms
5ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:43:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A732 155 KB
47 KB 92ms
88ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 21:49:57 GMT

GET
H3 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame A732 34 KB
14 KB 21ms
7ms Script
text/javascript 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 18:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 21:52:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 03 Mar 2023 18:54:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EB08 8 KB
895 B 44ms
23ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=90&slotname=8563852798&adk=1213201053&adf=187084629&pi=t.ma~as.8563852798&w=160&lmt=1670276996&url=https%3A%2F%2Fwisconsin.med-info.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996508&bpp=1&bdt=164&idt=282&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddd0c14652bbd96b3-22f49b4c8ed800df%3AT%3D1670276996%3ART%3D1670276996%3AS%3DALNI_MYVwW1DliAfNYxP21bzUakX_3Cmvg&gpic=UID%3D000008c67c685225%3AT%3D1670276996%3ART%3D1670276996%3AS%3DALNI_MZJTXyobn1MDFySNyfh0ez9Jn6qRg&prev_fmts=0x0%2C649x280%2C649x280%2C269x600&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1188&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=vbdugAOZLV&p=https%3A//wisconsin.med-info.org&dtd=286

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 21:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:16:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 21:49:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame EB08 2 KB
765 B 13ms
6ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:43:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame EB08 23 KB
9 KB 16ms
9ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:45:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame EB08 3 KB
1 KB 10ms
10ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:45:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame EB08 18 KB
7 KB 17ms
11ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:43:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB08 155 KB
47 KB 83ms
81ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 21:49:57 GMT

GET
H3 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame EB08 34 KB
14 KB 14ms
8ms Script
text/javascript 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 18:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 21:52:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 03 Mar 2023 18:54:02 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/1027220964190946094/ Frame 6603 8 KB
8 KB 22ms
17ms Image
image/png 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1027220964190946094/14763004658117789537?w=200&h=200

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cbe7b8c49090bbf6baa916b571e8b9932ea60823b35f234335c5644c8288409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 17:13:12 GMT
x-content-type-options: nosniff
age: 448605
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8447
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 13:02:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 30 Nov 2023 17:13:12 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/870590423619112450/ Frame 6603 28 KB
28 KB 19ms
15ms Image
image/jpeg 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/870590423619112450/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

049548c35249dc077dcd8de9096941ae8f1b26d86eb2e08d23b80cdcbbd7ccbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 03:05:34 GMT
x-content-type-options: nosniff
age: 67463
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28194
x-xss-protection: 0
last-modified: Sun, 04 Dec 2022 13:20:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Dec 2023 03:05:34 GMT

GET
DATA 200
OK truncated
/ Frame 6603 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A732 0
0 43ms
42ms Fetch
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ci38shGeOY5vRLZ6XvPIP5O2fgAzluqHkbfXGofuAEJaCzYWIFhABIL6m-wZgycapi8Ck2A-gAbLm65gDyAEJqAMByAPLBKoE0gFP0DvLA_PfvwB6GcpbYxXigL24UwVpDHRVitXl0VPaN2ufGqHFJ-LOunWUQqVhtI3pW2AGhWNIEGFraNUmJiYwCl_xhX0HoglgTlWM-uiCRUMPUk-dUiQLOWe-hWxdFC4PXPreTdsorVFqqrmsYD_dOB4n0MrvIkLS-XXsK21M-EcJ-Gv-4y9qle6p_t9vohuiC7s4irmDmUZcJK_TsWwH1cDeJiXblG5JywIpEMeGN5Ws8NBSHgTxYl9rsC7p4EXrT1XnFUwKJe75TUVGyyN25HHABNuYoNj_A5IFBAgEGAGSBQQIBRgEoAYugAe2mZRnqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEKKKA9IIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTC9AVAZgWAYAXAbIXHAoaCAASFHB1Yi02OTE4MjYxNzYyMjk5NjQxGAA&sigh=z77fFAEaiUc&uach_m=[UACH]&cid=CAQSGwDq26N9jBPq7DH1mpqnMynvlK0SQL56K1QqVBgBIBM&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Dec 2022 21:49:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EB08 0
0 43ms
42ms Fetch
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-A3shGeOY8OqMrXjxtYP8OiXgAy6yrW6bez7oLKWEb_hHhABIL6m-wZgycapi8Ck2A-gAe2UwNADyAEBqAMByAPLBKoEzwFP0M_J3bwSufSTV5hC2Qxs3IkZ3_mX3jgMXVj24hmdg1Tpb5WhTiqmTpulyw7cXTNmR7rX2TlSVIIBjJ6xYXiC-qnBeEtkHtdFIb4CBu0SxnDNAVGMHJ6GHOQIcXVu8n053hcOyRCxbTsWW5NsJS8Zq81xEOv2k0VepVs2DSxfgDVGgRYTee5OJGaHsAS_AOPygc8t0beA7DPj44Fk7Gon59N2-r3iGeeHTdV3tA41IwcIECGU2Nu1vuwYqLNFIaZAyyrW75ixJD88Igg7kfrABL2bue2WBIAH--q_L6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOvzAdIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTA9AVAYAXAbIXHAoaCAASFHB1Yi02OTE4MjYxNzYyMjk5NjQxGAA&sigh=_y9c-pVwrio&uach_m=[UACH]&cid=CAQSPADq26N9o9qEzerInDLychAWavmqJMnbDqIWwdg7Wuia0RFEGh9hQCf5LwORZlDykzgZd-L9UtzGUVz0SxgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=90&slotname=8563852798&adk=1213201053&adf=187084629&pi=t.ma~as.8563852798&w=160&lmt=1670276996&url=https%3A%2F%2Fwisconsin.med-info.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996508&bpp=1&bdt=164&idt=282&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddd0c14652bbd96b3-22f49b4c8ed800df%3AT%3D1670276996%3ART%3D1670276996%3AS%3DALNI_MYVwW1DliAfNYxP21bzUakX_3Cmvg&gpic=UID%3D000008c67c685225%3AT%3D1670276996%3ART%3D1670276996%3AS%3DALNI_MZJTXyobn1MDFySNyfh0ez9Jn6qRg&prev_fmts=0x0%2C649x280%2C649x280%2C269x600&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1188&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=vbdugAOZLV&p=https%3A//wisconsin.med-info.org&dtd=286
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Dec 2022 21:49:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame A732 57 KB
57 KB 72ms
7ms Image
image/jpeg 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRj2Btsh0IeOcWvZx_e73bEg__yYruVcuNBjSrfGn1jfZ6kHPB82z4st1bjSkg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e11a48db8d4ee5ab17d094a2088c78d61756ab495ebf5bbfeb10c3fe5ff9d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 16:40:17 GMT
x-content-type-options: nosniff
age: 450580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58135
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 12:56:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 30 Nov 2023 16:40:17 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame A732 43 KB
43 KB 82ms
18ms Image
image/jpeg 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQrhFt9o0W9tuhQYGN4S7KDQMF0qkQtdpWizC2SvMNAwmFsr41Qi71N9LEREz4&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403200cec92609ed3dc0f34f519b268a9acdc2e284489e012fe9ad10846af7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 01:32:39 GMT
x-content-type-options: nosniff
age: 418638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44044
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 20:30:20 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 01 Dec 2023 01:32:39 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame A732 60 KB
61 KB 71ms
6ms Image
image/jpeg 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTKi3HobSG5ytZ-1TI4rvzfvCdr7t9h7sa1InsV0ZRYq08ZJL2caFqMnkcWk4w&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

687b146e9601603f7a9c961a619d93a4a6edbf3a064cdaab0908a8e296b41909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 11:05:53 GMT
x-content-type-options: nosniff
age: 38644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61949
x-xss-protection: 0
last-modified: Sat, 15 Oct 2022 02:09:22 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 05 Dec 2023 11:05:53 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame A732 37 KB
38 KB 69ms
5ms Image
image/jpeg 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSjT7r9M-oGSShGMsHnZBI_QOlDf-j3RXopKfLTbhdJbYpvjhW0FFkRmw5yGg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b254b19d4d95dba74bb33caaaf8bc632a18457fca2a8c982d8a0aa6e4a311bf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 16:18:05 GMT
x-content-type-options: nosniff
age: 19912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37869
x-xss-protection: 0
last-modified: Sun, 04 Dec 2022 18:51:36 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 05 Dec 2023 16:18:05 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame A732 37 KB
37 KB 85ms
21ms Image
image/jpeg 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSZ0nsq556GU83Xn_mJCSc3hiLrH7xNvSx9FG3RSkQsC37YFtwDAQwfLQCIdw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27ea18da80adee49b52a4f197159d3a7386bc60181b971d038f9c5f023283de0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 02:33:28 GMT
x-content-type-options: nosniff
age: 242189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37567
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 05:28:11 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 03 Dec 2023 02:33:28 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame A732 35 KB
35 KB 83ms
20ms Image
image/jpeg 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ7rq1dEuLBWdXo1yhThkeEUIxwSwuvApgxruHlNaKV5zyJ1tGUNss-6taIe5c&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00464e99d3fccffdc4f58f1e9a555c8407d335fa2ef284e6d1016178db8d2570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:17:51 GMT
x-content-type-options: nosniff
age: 1926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35717
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 06:30:46 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 05 Dec 2023 21:17:51 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame A732 61 KB
61 KB 75ms
12ms Image
image/jpeg 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTEI1840t5xgxMRE9jyX2T87GHFYFdt-je5Xi0fP2v13aAAnkSODkyyp5EI_C0&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b91e612dbd56753df5d786357fe9cd5dc670e26fca05f59a3812f0c2374b44a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:23:37 GMT
x-content-type-options: nosniff
age: 26780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62339
x-xss-protection: 0
last-modified: Sun, 04 Dec 2022 11:14:37 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 05 Dec 2023 14:23:37 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame A732 36 KB
36 KB 73ms
10ms Image
image/jpeg 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTs6ZHPgp5XQmfOY65C6vKACPT13kKzRPhA0Ms9bzEG6cgpTmzxdfs0vf5fsQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84b6bdedc9b65fb2d9d489da5ab4bef197167ce05f39d9507b5298b1d01de612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 13:02:53 GMT
x-content-type-options: nosniff
age: 31624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36426
x-xss-protection: 0
last-modified: Sun, 04 Dec 2022 06:55:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 05 Dec 2023 13:02:53 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame A732 66 KB
67 KB 70ms
8ms Image
image/jpeg 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcT-7sZxiBf3kNK164JjOjOkRAik_pOp8zxTJOB9tNtuz8jtIm-QmFD3NIJgaA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03b2cfb5af9161e158dc00a2ccaa95b85f31d6bfa9c1c1d495262360104bfa4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 12:58:17 GMT
x-content-type-options: nosniff
age: 31900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67575
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 05:13:48 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 05 Dec 2023 12:58:17 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame A732 59 KB
59 KB 74ms
12ms Image
image/jpeg 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSCfPjDuV7islVfCJQXK9GPz6MSKHQusGVLeDf8fy3mhzy2XIGLGBdYJMFWi9Q&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc17b1d171d7853f99fa37b6b935d12d092baf0d71aea5560afc0870690c8427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:17:43 GMT
x-content-type-options: nosniff
age: 27134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60389
x-xss-protection: 0
last-modified: Sun, 04 Dec 2022 14:13:20 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 05 Dec 2023 14:17:43 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame A732 59 KB
59 KB 64ms
9ms Image
image/jpeg 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcR7FvhN4IJTtr5qzh6ifevxhLiyXIyFKy416faliC5PD2iB5JqmyPA6Ahp896c&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73f5135b6d8ef3aa686fa7d158bbc79cff2abb2e23ac8cb0e9bc7cd4751487b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:01:02 GMT
x-content-type-options: nosniff
age: 28135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60352
x-xss-protection: 0
last-modified: Sun, 04 Dec 2022 11:09:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 05 Dec 2023 14:01:02 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame A732 38 KB
38 KB 70ms
14ms Image
image/jpeg 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSymy42Gjghf3GkogP3jiPn78oc0YJknKNeNoxOm39quU3PWq3yX8SCpwJtrg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24007f8d6f56c5cd76f1a809f5469c1ad135fba685dc3fac43a286743868bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:01:43 GMT
x-content-type-options: nosniff
age: 438494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38631
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 23:39:34 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 30 Nov 2023 20:01:43 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame A732 15 KB
16 KB 67ms
11ms Image
image/png 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSqoKm8f-U2c4WYRsurSa-SLM9CZkYEIUE_WEIbQveNZcADW20&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7f5b851c7222f5aab059befbb412b05a49b302e8997dce63933db6eac043779

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 17:19:19 GMT
x-content-type-options: nosniff
age: 448238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15835
x-xss-protection: 0
last-modified: Wed, 07 Nov 2018 01:18:17 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 30 Nov 2023 17:19:19 GMT

GET
DATA 200
OK truncated
/ Frame 6603 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb8ffd4e536f7775eca321b27b54da318b7245306806d504ca6a36dbf4db1d57

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6603 15 KB
16 KB 23ms
4ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 22:31:34 GMT
x-content-type-options: nosniff
age: 429503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 22:31:34 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ED02 143 B
166 B 7ms
5ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=90&slotname=8563852798&adk=1213201053&adf=187084629&pi=t.ma~as.8563852798&w=160&lmt=1670276996&url=https%3A%2F%2Fwisconsin.med-info.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996508&bpp=1&bdt=164&idt=282&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddd0c14652bbd96b3-22f49b4c8ed800df%3AT%3D1670276996%3ART%3D1670276996%3AS%3DALNI_MYVwW1DliAfNYxP21bzUakX_3Cmvg&gpic=UID%3D000008c67c685225%3AT%3D1670276996%3ART%3D1670276996%3AS%3DALNI_MZJTXyobn1MDFySNyfh0ez9Jn6qRg&prev_fmts=0x0%2C649x280%2C649x280%2C269x600&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1188&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=vbdugAOZLV&p=https%3A//wisconsin.med-info.org&dtd=286
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 581
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 21:40:16 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 15C9 1 KB
643 B 7ms
6ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 30656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 13:19:01 GMT
etag: 48472445140208031
expires: Tue, 06 Dec 2022 13:19:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A732 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42990e63ecb21c24850dc50d23acc3295170155ce02fae7a88dcbd215ca1fe67

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EB08 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17cbe22321ab0102bb3a98463765f18e5b81506fd2881e8bfe68976e61e152c8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 6AD5 36 KB
16 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 20:57:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 20:57:05 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame A732 20 KB
20 KB 17ms
5ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 22:12:02 GMT
x-content-type-options: nosniff
age: 517075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 22:12:02 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame EB08 28 KB
28 KB 17ms
7ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:34:36 GMT
x-content-type-options: nosniff
age: 436521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 20:34:36 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/ 150 KB
51 KB 39ms
39ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

248d57795590a30dd9f066c9bb1e3e442f3746942fe3a48a0bee5233d438bedf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52338
x-xss-protection: 0
server: cafe
etag: 4634337917367322407
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 21:49:57 GMT

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 6435 36 KB
16 KB 7ms
6ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=280&slotname=3354923998&adk=1357434722&adf=2897541&pi=t.ma~as.3354923998&w=649&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=649x280&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996507&bpp=1&bdt=163&idt=210&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=2459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ReEbV68k6h&p=https%3A//wisconsin.med-info.org&dtd=213

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 20:57:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 20:57:05 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 15C9 35 B
465 B 68ms
14ms Image
image/gif 2620:116:800b:21:b08a:1dc5:659b:4055
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBK3h4IlrA8VN3OCNBKn798&google_cver=1&google_push=ASkJ3FbGqv5SNEFJHr2M-jFI_BjXq9GI74QUpJlZKBU2Y5qjcwhj6_YH--DFmjuVn4FLS-23_5MWiYlv33cKniNUJteXrxYXHlix

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 15C9
Redirect Chain

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEP1SPK7untxTgbbI6o2Ggnc&google_cver=1&google_push=ASkJ3FaEnBh7pzcuxdK4Oo_TOykq5Z8ltzMP6ZSGrXpNtA0Uqsa2RKmMB8I0M18m38ZNySdsL5UwDapD1fvneOC...
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=dRWeU_O6hcpIut7pgXepSE&tap=gAds&google_gid=CAESEP1SPK7untxTgbbI6o2Ggnc&google_cver=1&google_push=ASkJ3FaEnBh7pzcuxdK4Oo_TOykq5Z8ltzMP...

170 B
188 B

23ms
23ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=dRWeU_O6hcpIut7pgXepSE&tap=gAds&google_gid=CAESEP1SPK7untxTgbbI6o2Ggnc&google_cver=1&google_push=ASkJ3FaEnBh7pzcuxdK4Oo_TOykq5Z8ltzMP6ZSGrXpNtA0Uqsa2RKmMB8I0M18m38ZNySdsL5UwDapD1fvneOCrJZi-t1BpFB6q

Requested by

Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=7884000; includeSubDomains
via: HTTP/2.0 odnd
date: Mon, 05 Dec 2022 21:50:02 GMT
last-modified: Tue, 11 Oct 2022 18:05:06 GMT
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=dRWeU_O6hcpIut7pgXepSE&tap=gAds&google_gid=CAESEP1SPK7untxTgbbI6o2Ggnc&google_cver=1&google_push=ASkJ3FaEnBh7pzcuxdK4Oo_TOykq5Z8ltzMP6ZSGrXpNtA0Uqsa2RKmMB8I0M18m38ZNySdsL5UwDapD1fvneOCrJZi-t1BpFB6q
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-tb: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 15C9
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEDIpisdRi8zAOIo29OtoT0w&google_cver=1&google_push=ASkJ3FYHoRmgRaPCgdwJ4iXfX6OOhMBFVlVWvYuhQ5FdF0LhqhSzcUGqgzPfjQKnd7prKnHwxdiTnUSdD3Xi0T9aalzCloI9UVQ
https://rtb.openx.net/sync/dds?google_gid=CAESEDIpisdRi8zAOIo29OtoT0w&google_cver=1&google_push=ASkJ3FYHoRmgRaPCgdwJ4iXfX6OOhMBFVlVWvYuhQ5FdF0LhqhSzcUGqgzPfjQKnd7prKnHwxdiTnUSdD3Xi0T9aalzCloI9UVQ&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FYHoRmgRaPCgdwJ4iXfX6OOhMBFVlVWvYuhQ5FdF0LhqhSzcUGqgzPfjQKnd7prKnHwxdiTnUSdD3Xi0T9aalzCloI9UVQ&google_hm=qDegU4fQxjUpNb-wZEmLww==

170 B
188 B

28ms
28ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FYHoRmgRaPCgdwJ4iXfX6OOhMBFVlVWvYuhQ5FdF0LhqhSzcUGqgzPfjQKnd7prKnHwxdiTnUSdD3Xi0T9aalzCloI9UVQ&google_hm=qDegU4fQxjUpNb-wZEmLww==

Requested by

Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:57 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FYHoRmgRaPCgdwJ4iXfX6OOhMBFVlVWvYuhQ5FdF0LhqhSzcUGqgzPfjQKnd7prKnHwxdiTnUSdD3Xi0T9aalzCloI9UVQ&google_hm=qDegU4fQxjUpNb-wZEmLww==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 91tc92vd0rgqr49aitu0da1a04adhgoa

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 15C9
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-A4xiDOuTo6bqEvAbDziug%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

30ms
29ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-A4xiDOuTo6bqEvAbDziug%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYuN87NWXci_1T0RlVrBVOq8aSYf53Qw8AHdkR_A0EivxiFqdBmUfHyLsr-RTDMn_9MGvroSrUWnTmYwXpq7be3i0l-OCSJ

Requested by

Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-A4xiDOuTo6bqEvAbDziug%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYuN87NWXci_1T0RlVrBVOq8aSYf53Qw8AHdkR_A0EivxiFqdBmUfHyLsr-RTDMn_9MGvroSrUWnTmYwXpq7be3i0l-OCSJ
date: Mon, 05 Dec 2022 21:49:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 15C9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBqUfC6eiRTp0B_drupyDpY&google_cver=1&google_push=ASkJ3FZBkdmRo3jhlLbOYaU6Qb0IhvRc5RuK9xpwI0ciIYSdRznsmZap-Y17vKBS5z4-icrq_MV...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCQlNSU0gtMU0tMjRJRQ==&google_push=ASkJ3FZBkdmRo3jhlLbOYaU6Qb0IhvRc5RuK9xpwI0ciIYSdRznsmZap-Y17vKBS5z4-icrq_MVuW9Lhj6Zka4r4fgZT94tbMrGA

170 B
188 B

38ms
28ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCQlNSU0gtMU0tMjRJRQ==&google_push=ASkJ3FZBkdmRo3jhlLbOYaU6Qb0IhvRc5RuK9xpwI0ciIYSdRznsmZap-Y17vKBS5z4-icrq_MVuW9Lhj6Zka4r4fgZT94tbMrGA

Requested by

Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJCQlNSU0gtMU0tMjRJRQ==&google_push=ASkJ3FZBkdmRo3jhlLbOYaU6Qb0IhvRc5RuK9xpwI0ciIYSdRznsmZap-Y17vKBS5z4-icrq_MVuW9Lhj6Zka4r4fgZT94tbMrGA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 636a4452fa95aad32992c06634d4089f
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 15C9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJjh3e44mBXDc_9385Q8sUU&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJjh3e44mBXDc_9385Q8sUU&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJjh3e44mBXDc_9385Q8sUU&google_hm=Y45nhazpCAI-IUrWvKru1AAAACwAAAIB&google_nid=index&google_push=ASkJ3FZjSEAuJxoju5_nNRVL32qv1KeTofq0h...

170 B
188 B

23ms
22ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJjh3e44mBXDc_9385Q8sUU&google_hm=Y45nhazpCAI-IUrWvKru1AAAACwAAAIB&google_nid=index&google_push=ASkJ3FZjSEAuJxoju5_nNRVL32qv1KeTofq0hfWiHZSuG7KW7LaX5u539GhrXKHMsHb53S4CxV6puTotvMgiuk7XIIH9A58Khmw

Requested by

Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udIlFZm6poLVvdpHXYM40t1sVGi9agMFSuqeMXpqAjCf3yDCE7Fieveahgq0CCycV37TdDZDLugGwedRZbtNA26c0IZUuLsFoicjSCdLe02WDMNnX27gLs3cU9kjWXDEhZ%2BHhiyf6h9AWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJjh3e44mBXDc_9385Q8sUU&google_hm=Y45nhazpCAI-IUrWvKru1AAAACwAAAIB&google_nid=index&google_push=ASkJ3FZjSEAuJxoju5_nNRVL32qv1KeTofq0hfWiHZSuG7KW7LaX5u539GhrXKHMsHb53S4CxV6puTotvMgiuk7XIIH9A58Khmw
cache-control: no-cache
cf-ray: 774ffea4982d8cc0-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 15C9
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESENmcqc0y4MmJBA4930pIcpQ&google_cver=1&google_push=ASkJ3Fba5OXpIOCoZaa3UUSfmV3UjXmW2xDJKqFfku8F9aH8uBdG1IORSgqHW8vJMS5yz51wEt-s7lBqiQb0j5yNpKrOsUvaJQ0
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fba5OXpIOCoZaa3UUSfmV3UjXmW2xDJKqFfku8F9aH8uBdG1IORSgqHW8vJMS5yz51wEt-s7lBqiQb0j5yNpKrOsUvaJQ0&google_hm=213fc3458791b578c4dd...

170 B
188 B

43ms
29ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fba5OXpIOCoZaa3UUSfmV3UjXmW2xDJKqFfku8F9aH8uBdG1IORSgqHW8vJMS5yz51wEt-s7lBqiQb0j5yNpKrOsUvaJQ0&google_hm=213fc3458791b578c4ddb55a6e15bb4a

Requested by

Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fba5OXpIOCoZaa3UUSfmV3UjXmW2xDJKqFfku8F9aH8uBdG1IORSgqHW8vJMS5yz51wEt-s7lBqiQb0j5yNpKrOsUvaJQ0&google_hm=213fc3458791b578c4ddb55a6e15bb4a
date: Mon, 05 Dec 2022 21:49:57 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 15C9 0
232 B 70ms
19ms Image
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LJLo0bqpQTMkHrYNMbOH5KArpwGrVAURJcmlitd0u-5-knu_87npNaZEMRC2xO2Cbne01M

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:57 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ED02
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

36ms
34ms

Document
text/html

2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 21:49:57 GMT
expires: Mon, 05 Dec 2022 21:49:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 21:49:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame EB3F 36 KB
16 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 20:57:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 20:57:05 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 25ms
24ms Script
application/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wisconsin.med-info.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame CE40 10 KB
4 KB 5ms
5ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wisconsin.med-info.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 7930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 19:37:47 GMT
etag: 10353107486223812946
expires: Mon, 19 Dec 2022 19:37:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame EE3A 10 KB
4 KB 5ms
5ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wisconsin.med-info.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 7930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 19:37:47 GMT
etag: 10353107486223812946
expires: Mon, 19 Dec 2022 19:37:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame CE40 4 KB
636 B 23ms
22ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 21:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:20:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 21:49:58 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CE40 205 B
229 B 7ms
7ms Image
image/png 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 21:48:37 GMT
x-content-type-options: nosniff
age: 172881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 03 Dec 2023 21:48:37 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CE40 604 B
628 B 8ms
7ms Image
image/png 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 20:46:07 GMT
x-content-type-options: nosniff
age: 522231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 29 Nov 2023 20:46:07 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame CE40 19 KB
8 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 02:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8086
x-xss-protection: 0
server: cafe
etag: 7427986489964165156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 02:40:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EE3A 8 KB
895 B 21ms
21ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 21:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:14:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 21:49:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame EE3A 2 KB
765 B 5ms
5ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:43:44 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EE3A 0
0 45ms
45ms Fetch
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjBQthGeOY7CxK6uMvPIPoZaniAy0zLH3bLPO7Yi_EN2ZrMaUDhABIL6m-wZgycapi8Ck2A-gAZSEs_YDyAEJqAMByAPLBKoEzQFP0HeMreLq4BaSh9KgyHce53i0gqX6GE4kbNDGljN8vXhFLAegFJASZCpQa2W5O0vTXChcNWcTwS-_-KHZMknUwrD3JZXvZ-BS0wZiyh-YsWdIFPy0i59YyFcH3ZOu5_Et5UhtwG5FmQcrCjIZJQ8xWwqnTpxuaB6MONuoTcMB78UFQdkyKCYcfplztw9GVDvVC1xQC8mXfWmNXCvgcDf5CtGRXVa_WBvqBi2P6JHe1O8XDaP112_9-s9WJ2WSxUacUB_Af1Y8BWRcc9quwATh4eqekASSBQQIBBgBkgUECAUYBKAGLoAH86OulgOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDayAbSCA8IgGEQARgfMgKKAjoCgECACgHICwGYDNmP-NKXBLgTgwTYEw7QFQGAFwGyFxwKGggAEhRwdWItNjkxODI2MTc2MjI5OTY0MRgA&sigh=O2mbI-ZOX4E&uach_m=[UACH]&cid=CAQSGwDq26N9JAfzlXPzNjZjhkIYS19kyvjCmFebDhgBIBM&template_id=515

Requested by

Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Dec 2022 21:49:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame EE3A 23 KB
9 KB 5ms
5ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:45:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame EE3A 3 KB
1 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:45:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame EE3A 18 KB
7 KB 7ms
5ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:43:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE3A 155 KB
47 KB 51ms
36ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 21:49:58 GMT

GET
H3 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame EE3A 34 KB
14 KB 8ms
6ms Script
text/javascript 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 18:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 21:52:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 03 Mar 2023 18:54:02 GMT

GET
H3 200 22816713786747016
tpc.googlesyndication.com/simgad/ Frame EE3A 2 KB
2 KB 8ms
5ms Image
image/jpeg 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/22816713786747016?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9dd798ab7ccba088eba971347f97c9578c1265b640c7a941764d7ff983fdcb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:11:46 GMT
x-content-type-options: nosniff
age: 441492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2116
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 12:52:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 30 Nov 2023 19:11:46 GMT

GET
DATA 200
OK truncated
/ Frame EE3A 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EE3A 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E061 0
0 43ms
42ms Fetch
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7kLlhGeOY7m7MP_jxtYP75SdmAO-laSvbPfa0tOsDMCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTY5MTgyNjE3NjIyOTk2NDHIAQmoAwGqBMQBT9DQjLFtuH_l_Gh7yQqLMNX30pyfv8ZLa6NfTVu9qk1Vtei0TskYaiXoSJ-LFrrVS1tZPdxANhTB2jJNU0KFtfVOKFL4NYk6qafOhCRSRo0VQax2aka_yfdd2XLrg-dOvvzuf3HMl6aQr1V3b62CT6YZtbwRkSs7YNksjVXUVWFjQHhIjcyKs7VC9c3VfElTGqeFkPFimjCeCgvx6zcfd05k9G13Wjif1XpYmN3l5cllSf-CIiArJXL4k553ODtfvBkTtYAGt7Wm15fUipJKoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjkxODI2MTc2MjI5OTY0MRgA&sigh=yMTF8Ak3ZVI&uach_m=[UACH]&cid=CAQSKQDq26N9S0NoqNQBTF6BqOtTYfsRxdGmoRU1tDTD7w6o5RSJ4GYPHlWBGAEgEw

Requested by

Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=600&slotname=9122255996&adk=4265169166&adf=4200724890&pi=t.ma~as.9122255996&w=269&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=269x600&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996508&bpp=1&bdt=164&idt=250&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=903&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=dNlLAMwyXq&p=https%3A//wisconsin.med-info.org&dtd=257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Dec 2022 21:49:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 log
hblg.media.net/ Frame E061 35 B
0 54ms
20ms Fetch
image/gif 23.221.200.79
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hblg.media.net/log?logid=kfk&evtid=l1log&viewability=63&cbdp=0.14&dn=wisconsin.med-info.org&acid=d238ff1e28ac4f90818de314cdc14e86&dtc=east_sc&ugd=4&pvid=294&zone=d&ogbdp=0.25&prvReqId=4171902749604_1789351046_11621109112941&itype=ADX&requrl=https%3A%2F%2Fwisconsin.med-info.org&bidrestime=1670276997026&app=0&cc=US&ctr=-1.0&device_id=4&slotVisibility=2&size=160x600&csip=rtb-appnexus-6bd49c488b-pp42d.SC&sc_pvid=313&commit_id=82cdc8e9&scrid=8032948058480&mang=1&cid=8CUU9JF8H&rme=nurl

Requested by

Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-221-200-79.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:58 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 05 Dec 2022 21:49:58 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame E061 35 B
0 109ms
18ms Fetch
image/gif 104.117.182.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.2500&ss_d2=0&stid=&other_prv=313%7C294&jar_err=&current_day=1.0&adtyp=0&req_id=cpkAm4HY1g57LN9jTJ5wJg&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&dim11=0&predicted_wr=69.2218&exp=&deal_id=&fdbk_id=&second_bidder=313&search_res=44&floor_bucket=0.00&gpid_format=&seat=BID_API&size=160x600&f_seg=&prdp=0.1400&local_wr_url=0.0000&ogcbdp=0.2500&dfpbd=0.1400&server=1&ogerpm_wd_bkt=0-1&model_version=202212051828_generic_adx_1-cid_0&viewability=0.6300&dmm_r=0.0000&cut=44&dmm_l=0.0000&as_cache=1&tcyerpm=&sc=NY&send_erpm=true&dmm_m9=0.0000&sd=1&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.25&ugd_ver=&requrl=wisconsin.med-info.org%2F&bidrestime=1670276997026&cc=US&strg=harmony&ss=&current_hour=21&time_stamp=2022-12-05+21%3A49%3A57&model_key=generic_adx_1-cid_0&rvshhon=&mul_ratio=0.0000&bdp=0.2500&ct=New+York&akey=&mnckfl=0&bdp_bucket=0.25&algo=&dc=east_sc&dim5=0&splid=&erpm_mult=1.000000&dn=wisconsin.med-info.org&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.94+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&dmm_m11=0.0000&dmm_m12=0.0000&acid=d238ff1e28ac4f90818de314cdc14e86&zone=d&infl=&o_ver=NT+10.0&br_ver=108.0.5359.94&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=9.1.1&totalTimeBucket=4&visibility=2&totalTime=4757457&dmm_m1=2022-12-05+21%3A49%3A57.030402790&e_rpm=0.0000&dmm_m22=0.2500&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CUU9JF8H&bcrid=8032948058480&rawbid=0.2500&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-appnexus-6bd49c488b-pp42d.SC&dfp_bucket=0.1&adblk=4265169166&itype=adx&pvid_seat=294_BID_API&cliIP=0&advurl=search.yahoo.com%2F&level_base=0&crid=116211091&sat=1&br_id=265&cut_bkt=45&gpid=&iwb=1&second_bid=0.070000&sc_pvid=294&capd=0&other_bids=0.07%7C0.25
Requested by: Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.117.182.27 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-117-182-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Dec 2022 21:49:58 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Mon, 05 Dec 2022 21:49:58 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame E061 159 KB
55 KB 101ms
42ms Script
text/javascript 23.205.72.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=600&slotname=9122255996&adk=4265169166&adf=4200724890&pi=t.ma~as.9122255996&w=269&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=269x600&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996508&bpp=1&bdt=164&idt=250&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=903&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=dNlLAMwyXq&p=https%3A//wisconsin.med-info.org&dtd=257

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.72.21 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-72-21.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d7c3b8587d1c7cc4c961d6dffa39bce15c17d6a29302d134290f1aeda5dc5c61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-mnt-h: 8-33
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 05 Dec 2022 21:49:58 GMT
server: Apache
etag: "38ffd0b95479dce6150a8a4db0130a0e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 8-10
expires: Mon, 05 Dec 2022 21:54:58 GMT

GET
H2 200 adperformance.js Show response
warp.media.net/rtb/resource/ Frame E061 61 KB
62 KB 49ms
10ms Script
application/javascript 23.221.200.79
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-221-200-79.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Mon, 05 Dec 2022 21:49:58 GMT
server: nginx
content-type: application/javascript;charset=ISO-8859-1
cache-control: max-age=57553
access-control-allow-credentials: true
content-length: 62892
expires: Tue, 06 Dec 2022 13:49:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E061 3 KB
1 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:45:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E061 18 KB
7 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:43:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E061 0
0 23ms
22ms Image
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaStK9DxluBlBtDmH1C-1WJ0N4rknsh5kSpxTO6j0kZ2C19WaIc5RYiqm89kYllLL-_YP0G76yMtAV2Gluz9l9r6Ai5Kdw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6918261762299641&output=html&h=600&slotname=9122255996&adk=4265169166&adf=4200724890&pi=t.ma~as.9122255996&w=269&fwrn=4&fwrnh=100&lmt=1670276996&rafmt=1&format=269x600&url=https%3A%2F%2Fwisconsin.med-info.org%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670276996508&bpp=1&bdt=164&idt=250&shv=r20221110&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C649x280%2C649x280&prev_slotnames=7087119590&nras=1&correlator=8405627573285&frm=20&pv=1&ga_vid=1813864582.1670276997&ga_sid=1670276997&ga_hid=1408977149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=903&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31060566&oid=2&pvsid=942285628727111&tmod=967341248&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=dNlLAMwyXq&p=https%3A//wisconsin.med-info.org&dtd=257
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E061 155 KB
47 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 21:49:58 GMT

GET
H3 200 6548e2693f53f59daa3961d0dd1d6f1f.js Show response
www.gstatic.com/mysidia/ Frame 7C20 9 KB
4 KB 8ms
8ms Script
text/javascript 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6548e2693f53f59daa3961d0dd1d6f1f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71a8be1afe6e03fc91ef705cffaf7f3058159e8d86b7adb9d78a56cd7f18f577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 20:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 350711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 00:08:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Mar 2023 20:24:47 GMT

GET
H3 200 3e5978e79c0904a5b8667fc9ecfe5df3.js Show response
www.gstatic.com/mysidia/ Frame 7C20 149 KB
55 KB 11ms
10ms Script
text/javascript 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3e5978e79c0904a5b8667fc9ecfe5df3.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f02f606ca4151c11cedb29d98df94f802efeb962bff36c7307b6ad014aef7d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 09:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56711
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 21:37:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Mar 2023 09:06:54 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7C20 6 KB
919 B 26ms
25ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5868a14238ba3fd43b1922aa6db736f4b05970b5162451f6e89c0fd70e84b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 21:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:02:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 21:49:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7C20 2 KB
765 B 13ms
7ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:43:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 7C20 23 KB
9 KB 15ms
8ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:45:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7C20 3 KB
1 KB 16ms
9ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:45:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7C20 18 KB
7 KB 18ms
10ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:43:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C20 155 KB
47 KB 51ms
43ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 21:49:58 GMT

GET
H3 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame 7C20 34 KB
14 KB 20ms
12ms Script
text/javascript 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 18:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 21:52:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 03 Mar 2023 18:54:02 GMT

GET
DATA 200
OK truncated
/ Frame EE3A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 647e35c46211deab300aadf3762c5d7f608220b1efa834fbba5773e4c16ec0d6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 7C20 0
327 B 294ms
105ms Ping
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lbbbss4y&c=8676353208264&slotId=4338176604132&qqid=CK-Dw9i64_sCFSsGTwgdIcsJwQ&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3e5978e79c0904a5b8667fc9ecfe5df3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mqdefault.jpg
i1.ytimg.com/vi/yGvOFSzXEoU/ Frame 7C20 9 KB
9 KB 35ms
5ms Image
image/jpeg 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/yGvOFSzXEoU/mqdefault.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9661ff137344cf8e82b05a37334097e97815287c310a2d54ac1ec37d01d800b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 20:41:39 GMT
x-content-type-options: nosniff
age: 4099
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8734
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 05 Dec 2022 22:41:39 GMT

GET
H2 200 smtr Show response
contextual.media.net/ Frame 8E05 78 KB
30 KB 182ms
181ms Document
text/html 23.205.72.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=225021408&size=160x600&cc=US&sc=NY&chnm=HARMONY&pid=8POJ4N28G&tpid=TMF5G1T&https=1&vif=2&requrl=https%3A%2F%2Fwisconsin.med-info.org&nse=5&vi=1670276998775379456&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B4xegxxzax&bcpf=B48fOnRrolnfOur8xegxxzax&bdrId=294&bid=328263&ntv=0&matchstring=hr%3D0%7Cbcat%3D500670%2C501011&katpre=1&katbid=-102&pgid=p12331960t202212052149&newfl=1&htmlsrc=1&allsc=NY

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.72.21 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-72-21.deploy.static.akamaitechnologies.com

Software

Resource Hash

3457c37203df18aa22dc1d40a106b0bca1ed024fe231feff413d83a2c08037ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 30764
content-type: text/html
date: Mon, 05 Dec 2022 21:49:58 GMT
expires: Mon, 05 Dec 2022 21:49:58 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-sc-h: 22-krv6

GET
H2 200 bping.php
lg3.media.net/ Frame E061 15 B
15 B 43ms
10ms Image
text/html 23.221.200.79
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=547&&vgd_cdv=830&gdpr=0&prid=8PRN625DH&cid=8CU5RJ1PV&crid=225021408&vi=1670276998775379456&ugd=4&lf=6&cc=US&sc=NY&lper=100&wsip=2886781041&r=1670276998315&requrl=https%3A%2F%2Fwisconsin.med-info.org&vgd_bid=328263&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1670276998103505930&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_pgid=p12331960t202212052149&vgd_pgids=1&vgd_uspa=0&hvsid=00000167027699831200958081326736&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-221-200-79.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Mon, 05 Dec 2022 21:49:58 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=57551
content-length: 15

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 76D1 26 KB
9 KB 102ms
101ms Document
text/html 23.205.72.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.72.21 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-72-21.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a10719f5b5c503040b7d931d1c0b3607bbc84850e4c1374d5aa2ae1bc6ac1b0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9328
content-type: text/html; charset=UTF-8
date: Mon, 05 Dec 2022 21:49:58 GMT
expires: Wed, 07 Dec 2022 21:49:58 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame E061 35 B
199 B 9ms
8ms Image
image/gif 23.221.200.79
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4697&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=1&spSource=0&ifst=0&vid=cpkAm4HY1g57LN9jTJ5wJg&s_city=atlanta&ugd=4&cliIPV6=2a0d%3A5600%3A0024%3A0000%3A0000%3A0000%3A0000%3A0000&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=3&sc_bdp=0.070&device_id=4&ae=false&mx_UCC=5&prspt=headerBid&mx_bss_algos%3C%3E=0%23%233&usp_status=0&seat=BID_API&og_cbdp=0.250&size=160x600&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=82cdc8e9&scrid=8032948058480&itypeid=17&mx_SPRIG=2&viewability=63&renderer=0&be=0&rtime=19.0&adj0=0.0&tmax=300&s_ip=172.217.36.140&adj2=0.0&adj1=0.0&feedback_id=cpkAm4HY1g57LN9jTJ5wJg&adtypes=0&mx_aabpc=0&reqid=cpkAm4HY1g57LN9jTJ5wJg&sc=NY&sd=1&mowxReqId=d238ff1e28ac4f90818de314cdc14e86_1&ifdp=0&requrl=https%3A%2F%2Fwisconsin.med-info.org&bidrestime=1670276997026&pv_adtype=0&cc=US&strg=HARMONY&pcrid=8CU5RJ1PV-225021408-50-25&coppa_enf=true&sc_prspt=headerBid&bdp=0.250&ct=New+York&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D0&mx_epbc=8CU5RJ1PV&dnt_enf=false&mx_ssBucket=0&vls=0&asn=0&mang=1&sc_cbdp=0.070&fleet=appnexus&mx_isLossNtf=false&advUrl=https%3A%2F%2Fsearch.yahoo.com&second_call=false&dn=wisconsin.med-info.org&dt=O&acid=d238ff1e28ac4f90818de314cdc14e86&actltime=35&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.14&sckfl=1&dmm_erpm=true&mx_lr=0&mview=1&rawDn=wisconsin.med-info.org&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CU5RJ1PV&epcexp=false&pubid=pub-ADX-116310109131&sc_cat=IAB-3&mx_bsProfile=0&cid=8CUU9JF8H&bcrid=8032948058480&omul=1.0&res_mtype=0&suid=CAESENTbPeyhQDEGrMa60VCBCe4&chnl=HARMONY&pst=0&reqsize=160x600&adpos=3&mx_sua_model=x64&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUU9JF8H&tgtval=pub-ADX-116310109131&__expireat=1670277597282&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=225021408&ckfl=0&lper=1&mx_tgs=160x600&dummy_vsid=false&cbdp=0.14&sc_advUrl=https%3A%2F%2Ftopics.businessfocus.online&pvdTmax=146&ltime=34.0&epc=225021408&prvReqId=4171902749604_1789351046_11621109112941&exid=31&spFst=0&mx_GCID=0&cliIPType=v6&pexid=ADX-pub-6918261762299641&ybnca_erpm=0.25&brsrclk=0&sbdrid=196&mx_bsBucketRa=5&rtttime=150&mx_PC=1&wsip=mowx-lite-586bf9667f-76v7z&currsrc_date=2022-12-05+00%3A00%3A00&sc_adj0=0.0&sc_adj1=0.0&sc_adj2=0.0&mx_sua_cvg=1111111&psrc=fail&geoll=false&omid=0&debug_ts=2022-12-05+21%3A49%3A57&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&mx_sua_os_n=Windows+NT&pub_blk_enf=1&amptype=1&moau=true&mx_sua_os_v=10.0&ocurr=USD&snm=SUCCESS&mx_IAB2=2&usp_enf=1&bidflr=0.010&sc_ogbdp=0.07&incentive_type=0&pid=8PR113JGC&spTo=3&zone=d&pvid=294&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AA8e6VIhAgL5wfVj0VCgoX82LFDvVq8Nn2mf_JyeiK52yImORVHrLmwQUUzlYby4kP25ZEBh&dmm_ogerpm=false&csip=rtb-appnexus-6bd49c488b-pp42d.SC&mx_commit_id=119123143a&mx_bsBucket=5&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=east_sc&cat=IAB-3&mx_aqcpl_crid=4&ogbdp=0.25&tpbTkn=false&adblk=4265169166&fpuReq=1&vcmplrt=-1.0&crid=116211091&geo_source=2&sat=1&mnet_ckfl=0&sc_pvid=313&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.25~vw_exc%3D0.63~vis_sd%3D129~url_rps_b%3D12.9~dc2%3D1~scd%3Dny~v_asn%3D9009~vl2r_sd%3D2022120512~iurl_b%3D489.25~url_tkc%3D0~url_r2a_b%3D0~std%3D~last%3D~cvog%3D2.38~vis_url_b%3D0.53~ip%3D1hlLSCuRa5ph5MSyKE4tPi~fbb%3D0~vis_url_l%3D0~riipua%3D0%2C0~et%3D15~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022120514~vis_b%3D505.79~url_b%3D1.73~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D10~gcat%3D-1~bb%3D196~vv%3D0~cvl2r_sd%3D132~l2r_b%3D1000~erpm%3D0.25~vl2r_url_kc%3D0E0~bm%3D1~sid%3D225021408~sd%3D1~uid%3Dh8M2GPgNIDFiHITee~url_rps_kc%3D0~cvl2r_b%3D2.38~btd%3D10249086160387480593929276675916368008644857596807380559410082460283330480724497893282021376~cvl2%3D2.38~3pcf%3D847.51~uim%3D0~dmm_strg%3Dharmony~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D116.79~url_srps_b%3D12.9~CI%3D2794~nts%3D1~tb%3D-1~ct%3Dnew%20york~basis2%3D196~basis1%3D196~isRef%3D0~isif%3D0~lc%3D1~url_rpc_b%3D0~bid%3D0.25~dc%3D8~url_rps_rv%3D0~vl2r_b%3D4.94~supply_tag_id%3D%7Eviewability%3D0.63%7Eamp%3D1%7Ecbdp%3D0.250%7Edmm%3Dharmony%7Esuid%3DCAESENTbPeyhQDEGrMa60VCBCe4%7Esd%3D1%7Edtc%3Deast_sc%7Exid%3DADX-pub-6918261762299641%7Edalg%3D%7Ehtml%3D1%7Eadblk%3D4265169166%7Esobp%3D0.07%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.250%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D45%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D160x600~bsb%3D5~bsp%3D0~tmx%3D146&utime=1296&sf=0&cpr=0.39069554291643205

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-221-200-79.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: max-age=3600
date: Mon, 05 Dec 2022 21:49:58 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=21600
content-length: 35
expires: Tue, 06 Dec 2022 03:49:58 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 36B8 1 KB
643 B 7ms
7ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 30657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 13:19:01 GMT
etag: 48472445140208031
expires: Tue, 06 Dec 2022 13:19:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E061 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5378446b6ad60bb4bb7d3b184780f18fa108b729087f73d5878d60d1648285c8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 206
Partial Content videoplayback
rr3---sn-ab5sznzs.googlevideo.com/ Frame 7C20 701 KB
702 KB 68ms
6ms Media
video/mp4 2607:f8b0:4006:c::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-ab5sznzs.googlevideo.com/videoplayback?expire=1670305797&ei=hWeOY6HcEIvyzLUPl7ya-Ao&ip=2a0d:5600:24:1500:1012:af72:d8f3:3859&id=c86bce152cd71285&itag=18&source=youtube&requiressl=yes&mh=Ql&mm=31&mn=sn-ab5sznzs&ms=au&mv=m&mvi=3&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=10.176&lmt=1667197243947917&mt=1670276711&txp=6310224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAOk6JMwZa1KnTQJ1VOKWMaSu_aXsiSYSqCeTJSw_aro4AiEAwcbaCT2bKGdo7gpWVAAV0UKrni1lukMpiCyumEGkEbc=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAOtidIjZXZ4050x0cj3159GZJG10F-pDZ0zVLi1JyMPVAiEAmL5xeW1uTw59mg1Y-pC5YfzvmxPzG0_qFvBq6ru0wUU=&cpn=pcYQepw1bJ4pE7nQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:c::8 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

40ec8f43763ebb1adef0f0aa3116e2d8c7c965168ec1dde22aae6f61f1948f18

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 05 Dec 2022 21:49:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 31 Oct 2022 06:20:43 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-717833/717834
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 717834
Expires: Mon, 05 Dec 2022 21:49:58 GMT

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 7942 36 KB
16 KB 6ms
6ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: wisconsin.med-info.org
URL: https://wisconsin.med-info.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 20:57:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 20:57:05 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36B8
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEn9uAdEWGjUaAxcI-uQXQI&google_cver=1&google_push=ASkJ3FZOgBE9GH2qyp3PUuZ8Icd5xHOsddFoVYZy6n4xPWozNFAYCS84F0...
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FZOgBE9GH2qyp3PUuZ8Icd5xHOsddFoVYZy6n4xPWozNFAYCS84F0PYmF8eJKDuZZ2cRO8ffMLE7Hq5wADzgkehWkXluE1qiA&google_hm=_oTX...

170 B
188 B

24ms
23ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FZOgBE9GH2qyp3PUuZ8Icd5xHOsddFoVYZy6n4xPWozNFAYCS84F0PYmF8eJKDuZZ2cRO8ffMLE7Hq5wADzgkehWkXluE1qiA&google_hm=_oTXA-SRZt21R8fzhz6s9w

Requested by

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FZOgBE9GH2qyp3PUuZ8Icd5xHOsddFoVYZy6n4xPWozNFAYCS84F0PYmF8eJKDuZZ2cRO8ffMLE7Hq5wADzgkehWkXluE1qiA&google_hm=_oTXA-SRZt21R8fzhz6s9w
pragma: no-cache
date: Mon, 05 Dec 2022 21:49:58 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36B8
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEP-8yq4eHZIREpNPPbwG2X4&google_push=ASkJ3FZiRa_EYFOzypOmB4_-jIO6eI433CrgJGswiK7AgWuPcxKSCvtD47s6bTFf9VfMS8wEXqgFMRvf1lKGiilywqhjtAC...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3FZiRa_EYFOzypOmB4_-jIO6eI433CrgJGswiK7AgWuPcxKSCvtD47s6bTFf9VfMS8wEXqgFMRvf1lKGiilywqhjtACWqI_jNw&google_hm=MTA1OTgxNjYxOTU4...

170 B
188 B

22ms
22ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3FZiRa_EYFOzypOmB4_-jIO6eI433CrgJGswiK7AgWuPcxKSCvtD47s6bTFf9VfMS8wEXqgFMRvf1lKGiilywqhjtACWqI_jNw&google_hm=MTA1OTgxNjYxOTU4NzA1MDY2NDU

Requested by

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:58 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3FZiRa_EYFOzypOmB4_-jIO6eI433CrgJGswiK7AgWuPcxKSCvtD47s6bTFf9VfMS8wEXqgFMRvf1lKGiilywqhjtACWqI_jNw&google_hm=MTA1OTgxNjYxOTU4NzA1MDY2NDU
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36B8
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEBTq5TnPTx_CopdSrKHaD-8&google_cver=1&google_push=ASkJ3FZG1iZ577yeIljDbObYuO_TrpgENBE2IOfay43A0DkO4NB4te59LCgd7YmM41J-AO1SxWQx1vhY55nBma2COY26cqfxw6LSzg
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FZG1iZ577yeIljDbObYuO_TrpgENBE2IOfay43A0DkO4NB4te59LCgd7YmM41J-AO1SxWQx1vhY55nBma2COY26cqfxw6LSzg&google_hm=qDegU4fQxjUpNb-wZEmLww==

170 B
188 B

23ms
22ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FZG1iZ577yeIljDbObYuO_TrpgENBE2IOfay43A0DkO4NB4te59LCgd7YmM41J-AO1SxWQx1vhY55nBma2COY26cqfxw6LSzg&google_hm=qDegU4fQxjUpNb-wZEmLww==

Requested by

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:58 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FZG1iZ577yeIljDbObYuO_TrpgENBE2IOfay43A0DkO4NB4te59LCgd7YmM41J-AO1SxWQx1vhY55nBma2COY26cqfxw6LSzg&google_hm=qDegU4fQxjUpNb-wZEmLww==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: blcfapp2t4t7kjj2kbt5tst2g476h27q

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36B8
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-A4xiDOuTo6bqEvAbDziug%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

21ms
21ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-A4xiDOuTo6bqEvAbDziug%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FatBdq2ggbfyxX-6XCOxO_DlykX-rIOdioNNeqgEL9v-HijSVq8rr3F5Z91apB4rj_RwtaIlcfPK-Kycg1IEEonB-wII5DW

Requested by

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-A4xiDOuTo6bqEvAbDziug%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FatBdq2ggbfyxX-6XCOxO_DlykX-rIOdioNNeqgEL9v-HijSVq8rr3F5Z91apB4rj_RwtaIlcfPK-Kycg1IEEonB-wII5DW
date: Mon, 05 Dec 2022 21:49:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36B8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECNZ81k2G79YIZtjKgCfYU8&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECNZ81k2G79YIZtjKgCfYU8&google_hm=Y45nhazpCAI-IUrWvKru1AAAACwAAAIB&google_nid=index&google_push=ASkJ3Fb6AikYG2zrEL3GS9kLZmf_gLdBv5pXX...

170 B
188 B

24ms
24ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECNZ81k2G79YIZtjKgCfYU8&google_hm=Y45nhazpCAI-IUrWvKru1AAAACwAAAIB&google_nid=index&google_push=ASkJ3Fb6AikYG2zrEL3GS9kLZmf_gLdBv5pXXz_z0rBMca7hOFWjcXlFp6FrKfuMRF_xWtxIiuvkGmSgnvj9jeRxlxjN_0KKudD6wQ

Requested by

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7VF5qnBkQv6k1IrXPkzJs9u9Q37Sw2ZiNzWXlM8dp6i2OnW046uY1TAVaO4Sksel1DDEJoVJQtQ7ZmxNxlImyn%2B7ZYTrdrXBiVHi7ELai1JKborSTo3NqXuAJKHendNIek86Ls%2FMrQt7w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECNZ81k2G79YIZtjKgCfYU8&google_hm=Y45nhazpCAI-IUrWvKru1AAAACwAAAIB&google_nid=index&google_push=ASkJ3Fb6AikYG2zrEL3GS9kLZmf_gLdBv5pXXz_z0rBMca7hOFWjcXlFp6FrKfuMRF_xWtxIiuvkGmSgnvj9jeRxlxjN_0KKudD6wQ
cache-control: no-cache
cf-ray: 774ffea879c08cc0-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36B8
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEPPGzDPJ1NOu1TrJt6pIXeI&google_cver=1&google_push=ASkJ3FYyn0ICV0ikQ9yVSUA573Wnlm11imZ4PgUx0N8g27AWAHPcVuiYxB2ZWG2YheR5nZ4TPy7aKvLJHsdEHJ921iNU3LQRdagtpw
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FYyn0ICV0ikQ9yVSUA573Wnlm11imZ4PgUx0N8g27AWAHPcVuiYxB2ZWG2YheR5nZ4TPy7aKvLJHsdEHJ921iNU3LQRdagtpw&google_hm=213fc3458791b578c...

170 B
188 B

22ms
22ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FYyn0ICV0ikQ9yVSUA573Wnlm11imZ4PgUx0N8g27AWAHPcVuiYxB2ZWG2YheR5nZ4TPy7aKvLJHsdEHJ921iNU3LQRdagtpw&google_hm=213fc3458791b578c4ddb55a6e15bb4a

Requested by

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FYyn0ICV0ikQ9yVSUA573Wnlm11imZ4PgUx0N8g27AWAHPcVuiYxB2ZWG2YheR5nZ4TPy7aKvLJHsdEHJ921iNU3LQRdagtpw&google_hm=213fc3458791b578c4ddb55a6e15bb4a
date: Mon, 05 Dec 2022 21:49:58 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET googleredir
googlecm.hit.gemius.pl/ Frame 36B8 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 36B8 0
12 B 21ms
20ms Image
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JvKC0ocYmDHC1vlcS7EJrMInyMgxI-OcBe9HEJxNvRdG26YP_qYqetq9it9LZW6T4q2qyLuw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

cksync
cs.media.net/ Frame 76D1
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzEzMjc4NTk4MDgxMzI4MTAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEE0kWZO-FgwY1sIcWb_93TI&google_cver=1

45 B
446 B

91ms
66ms

Image
image/gif

23.221.200.79
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEE0kWZO-FgwY1sIcWb_93TI&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-200-79.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:58 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Mon, 05 Dec 2022 21:49:58 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEE0kWZO-FgwY1sIcWb_93TI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8E05 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8E05 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8E05 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a60290dcbc400e75afedd2983ac8df0b99c0e981220970c90f979bf6c6543dbb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8E05 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK OpenSans_Bold.woff
res-a.akamaihd.net/__media__/fonts/OpenSans_Bold/ Frame 8E05 25 KB
25 KB 44ms
7ms Font
application/font-woff 104.117.182.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/OpenSans_Bold/OpenSans_Bold.woff
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=225021408&size=160x600&cc=US&sc=NY&chnm=HARMONY&pid=8POJ4N28G&tpid=TMF5G1T&https=1&vif=2&requrl=https%3A%2F%2Fwisconsin.med-info.org&nse=5&vi=1670276998775379456&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B4xegxxzax&bcpf=B48fOnRrolnfOur8xegxxzax&bdrId=294&bid=328263&ntv=0&matchstring=hr%3D0%7Cbcat%3D500670%2C501011&katpre=1&katbid=-102&pgid=p12331960t202212052149&newfl=1&htmlsrc=1&allsc=NY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.117.182.24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-117-182-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07

Request headers

Referer: https://contextual.media.net/
Origin: https://contextual.media.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Unused62: 8096267
Date: Mon, 05 Dec 2022 21:49:58 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: nginx
ETag: "5739a36d-6478"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25720

GET
H/1.1 200
OK OpenSans_Semibold.woff
res-a.akamaihd.net/__media__/fonts/OpenSans_Semibold/ Frame 8E05 21 KB
21 KB 43ms
6ms Font
application/font-woff 104.117.182.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/OpenSans_Semibold/OpenSans_Semibold.woff
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=225021408&size=160x600&cc=US&sc=NY&chnm=HARMONY&pid=8POJ4N28G&tpid=TMF5G1T&https=1&vif=2&requrl=https%3A%2F%2Fwisconsin.med-info.org&nse=5&vi=1670276998775379456&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B4xegxxzax&bcpf=B48fOnRrolnfOur8xegxxzax&bdrId=294&bid=328263&ntv=0&matchstring=hr%3D0%7Cbcat%3D500670%2C501011&katpre=1&katbid=-102&pgid=p12331960t202212052149&newfl=1&htmlsrc=1&allsc=NY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.117.182.24 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-117-182-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135

Request headers

Referer: https://contextual.media.net/
Origin: https://contextual.media.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Unused62: 8096267
Date: Mon, 05 Dec 2022 21:49:58 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: nginx
ETag: "5739a36d-54c8"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21704

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 6FB4 36 KB
16 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 20:57:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 20:57:05 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6603 42 B
64 B 47ms
35ms Fetch
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscVCwF-ABYQIxmjy29Vel9f8QySEKl2Ks_RlZ66aU5iZJf7Kp2qof_XWN1vkkak93lzGc_Wjt6-8uO49jD8jmOg54qfNgPRi0OKpiAeS8mMfYA8EPlZtaAv0Fx2dtNGsBpa_Q&sai=AMfl-YTzRmAXBHnY3hRIiExYVxLvDRWkwaz6H49QYO-HEaofjowQZjHU3dYvQPLabHh0Kd8IAda2Rslln4c9wZM&sig=Cg0ArKJSzH-dYrDHNalVEAE&cid=CAQSGwDq26N9nldXv0R7HFp4I16mBOElkU2wX0DGFRgBIBM&id=lidar2&mcvt=1017&p=0,0,280,649&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1357434722&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670276996712&rpt=853&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 8E05 15 B
159 B 10ms
8ms Script
text/html 23.221.200.79
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=4440&&&vgd_l2type=scs_newfl&fp=Ckun8vpDFhV9BuCHyn7Yima_NwQeDbf2Zhxf2_Tqe-AhOtAONamK8MWXJ8OLA3bBbPPWnjyHY97weA3XZWXnsWm5Cp2ge-8wwZ0g88q0oLLncluI1tfOmlH9zPDe2ZykzzQQg8INW7I5GiNsWnuNJhNN-dLVqqLZ&cme=Mmw95nWX51USmCokcOFR0MDN2qxDPEVxw-Q0oNCBgF-Lw2wD_QFnFfdcmsWDbKnE-fIjXEYZne0KM8X1hbsW7HkSWw_Db6osjBG6Znt11EWGxT3q5O26ryz-BwN1_zRA3OVIJyn73VGGXd2iytCkc3m0Lrke2zlCT9npX1T6zwaGIxs2ovpUQSQ5NfDuEbHSPoVUXFh4qSGWjNI2p1TwoRbbcSw7ahid4LpglY7Fux4%3D%7C%7Ck1X0A5JYxTfTRwscn0G1Ve4NgZE5lt5QogsPFncZMEC0YOnpKtlCr2MQotnZ6NoXY3dmXC6a-_5OPvTK9Wf_ZPGCtm51MsbeUif2oWLW9lD4zyt7E8KLLalLze6UI08jXN3Lf-uKe3Aa1fkj5tqNIa3quiqOCYhJkjdoODY1YyFS8OhYxhZmwHgXa_-xYCeckL0N90o9zNEEMN2vHBq7M9-6i86ZZ3lFsUUpLNdoD7T59FKYojDgaFMISE35npIn%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CJwgYdc1KQkFA0AkMtcoUY9olDV92JfOo%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD4KfaobL9JM1IEhGk9kpfWod99UqXaI1VjPkUVxPcNh5g%3D%3D%7C&ksu=224&fdkt=110&vgde_kbbh=ffoyxQJuO&kwd[]=Most+Nutritious+Dogie+Foods&kwt[]=110&kbc[]=null&kwp[]=1&kid[]=330278565&kbc2[]=&ktd[]=&kwd[]=Most+Nutritious+Doggy+Foods&kwt[]=110&kbc[]=null&kwp[]=2&kid[]=350407018&kbc2[]=&ktd[]=&kwd[]=Best+Nutritious+Dog+Foods&kwt[]=110&kbc[]=null&kwp[]=3&kid[]=350406945&kbc2[]=&ktd[]=&kwd[]=HVAC+Program+Costs&kwt[]=110&kbc[]=null&kwp[]=4&kid[]=350407007&kbc2[]=&ktd[]=&kwd[]=Top+Dental+Implant+Marketing+Services&kwt[]=110&kbc[]=null&kwp[]=5&kid[]=350407049&kbc2[]=&ktd[]=&kwd[]=Mobile+Phone+with+No+Contract+Plans&kwt[]=110&kbc[]=null&kwp[]=6&kid[]=330278564&kbc2[]=&ktd[]=&kwd[]=Best+Cloud+Based+Storage+Softwares&kwt[]=110&kbc[]=null&kwp[]=7&kid[]=330278536&kbc2[]=&ktd[]=&kwd[]=Eosinophilic+Asthma+Trigger+Latest+Info&kwt[]=110&kbc[]=null&kwp[]=8&kid[]=350406991&kbc2[]=&ktd[]=&kwd[]=Fleet+Maintenance+Software+Solution&kwt[]=110&kbc[]=null&kwp[]=9&kid[]=350406995&kbc2[]=&ktd[]=&v=1&geo=40.72%7C-74&lper=100&lpid=&tsid=2&hint=&cc=US&wsip=170774626&bca=0&ugd=4&vgde_setid=Nff&cid=8CU5RJ1PV&vi=1670276998775379456&vsid=3132785980813212&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_fm_lang=EN&vgd_implt=3&vgd_l3_sc=NY&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=6202&vgd_nrrmf=c808&vgd_nrrsf=scrr&vgd_cty=new+york&&vgd_ifrmode=14&vgd_l1rakh=1670276998103505930&sttm=1670276998312&upk=1670276998.7236&hvsid=00000167027699831200958081326736&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D500670%2C501011&sbdrId=196&vgd_ecrid=8032948058480&vgd_isiolc=1&vgd_fcm_enc_mis=1&&kbbq=%26asn%3D9009&&vgd_vstrid=3132785980813212&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.fX~eBMJ-Nv9.FA~e8QMQOvufi~xLjMLEQMGvuf.i~ONfvu~QNOvz5~eM1Qzvi99i~ejfLMQOvf9ffuf9Xuf~8xLjMGvHWi.fX~xLjM7UNv9~xLjMLf1MGv9~Q7Ov~j1Q7v~Nemyvf.AW~e8QMxLjMGv9.XA~8EvuwjTb%3DxD1XEwXcb5C4H708~kGGv9~e8QMxLjMjv9~L88Ex1v9%2C9~J7vuX~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9ffuf9XuH~e8QMGvX9X.hi~xLjMGvu.hA~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvu9~yN17vou~GGvuiF~eev9~NejfLMQOvuAf~jfLMGvu999~JLEYv9.fX~ejfLMxLjMUNv949~GYvu~Q8OvffX9fuH9W~QOvu~x8OvwWcfZ0yIVrs8qV_JJ~xLjMLEQMUNv9~NejfLMGvf.AW~G7Ovu9fHi9WFuF9AWhHW9XiAififhFFhXiuFAFW99WFHHWXhXiFW9hAW9XXiHu99WfHF9fWAAA9HW9hfHHihWiAfWf9fuAhF~Nejfvf.AW~AENkvWHh.Xu~x8Yv9~OYYMQ7Lyvw1LYmz5~QQvIK~x8Bvou~NJv9~LEQMGvuuF.hi~xLjMQLEQMGvuf.i~%3DVvfhiH~z7Qvu~7Gvou~N7vzJBn5mLU~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8Q8kv9~jNvu~xLjMLENMGv9~G8Ov9.fX~ONvW~xLjMLEQMLev9~ejfLMGvH.iH~QxEEj5M71yM8Ov~e8JB1G8j875v9.FA~1YEvu~NGOEv9.fX9~OYYvw1LYmz5~Qx8Ov%3DK4b4I_G0J5wgr4ZLc1F9%2F%3DR%3DJH~QOvu~O7NvJ1Q7MQN~-8OvKrtoExGoFiuWfFuhFffiiFHu~O1jyv~w7Yjvu~1OGjUvHfFXuFiuFF~QmGEv9.9h~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.fX9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vHX~OmyGv9ou~8GNvu~OO7vou~zQlvu~7yQvuF9-F99~GQGvX~GQEv9~7Y-vuHF&vgd_optout=0&vgd_cfud=220919&vgd_scsver=366&vgd_rensize=160_600&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=501&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A160%3Brend_h%3A600&&vgd_uspa=0&vgd_sc=NY&vgd_l1rhst=contextual.media.net&hvsid=00000167027699831200958081326736&subBdr=196&bdrid=294&rc=0&rand=1670276998623&acid=d238ff1e28ac4f90818de314cdc14e86&matm=1670276998623&vgd_ltimesrc=1&vgd_ltime=535&vgd_rtime=518&vgd_etm=12&vgd_l1hcsd=A33%7C8033&vgd_l1ch=1&vgd_lhl=2740&vgd_pgid=p12331960t202212052149&vgd_adprefflag=11&vgd_adpref_diff=110&vgd_csip=rtb-appnexus-6bd49c488b-pp42d.SC&vgd_sbSup=1&vgd_nrrs=6202&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_eadm=1&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=225021408&size=160x600&cc=US&sc=NY&chnm=HARMONY&pid=8POJ4N28G&tpid=TMF5G1T&https=1&vif=2&requrl=https%3A%2F%2Fwisconsin.med-info.org&nse=5&vi=1670276998775379456&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B4xegxxzax&bcpf=B48fOnRrolnfOur8xegxxzax&bdrId=294&bid=328263&ntv=0&matchstring=hr%3D0%7Cbcat%3D500670%2C501011&katpre=1&katbid=-102&pgid=p12331960t202212052149&newfl=1&htmlsrc=1&allsc=NY

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-221-200-79.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Mon, 05 Dec 2022 21:49:58 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=57552
content-length: 15

GET
H/1.1 200
OK share42.png
wisconsin.med-info.org/js/ 11 KB
11 KB 11ms
11ms Image
image/png 45.63.18.208
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wisconsin.med-info.org/js/share42.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.63.18.208 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.63.18.208.vultrusercontent.com
Software: Apache /
Resource Hash: 124c6d821741767fedb0d9dab942bc68c73c5405b9281a6c27816b459d974a7d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 21:49:58 GMT
Last-Modified: Fri, 08 Apr 2022 05:25:34 GMT
Server: Apache
ETag: "2b31-5dc1dd2f3a602"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 11057

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 49ms
48ms XHR
application/json 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecb0ad4f71733d89712282a41d6bfa04b13a1dfa1b4607132e344908dc710fc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11133
x-xss-protection: 0

GET
H3

200

/
www.facebook.com/login/ Frame 42AA
Redirect Chain

https://www.facebook.com/v2.0/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df273bc0761e3acc%26domain%3Dwisconsin.med-i...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253...

0
0

104ms
92ms

Document
text/html

2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df273bc0761e3acc%2526domain%253Dwisconsin.med-info.org%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwisconsin.med-info.org%25252Ff6c44d40031d24%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D304%26header%3Dtrue%26height%3D290%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F584377958388207%252F%26locale%3Den_US%26sdk%3Djoey%26show_border%3Dtrue%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D290

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=873cfd80328aedd118508bc5f77d6dd3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://wisconsin.med-info.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 05 Dec 2022 21:49:58 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 079UAbySAeLwSknSOWp4pk64hFjAeEpxlgB7OYvgpjlJF32TWj2QKqlkSNmJeLU/teNBoll9lY0OVlN7ViIgBQ==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Mon, 05 Dec 2022 21:49:58 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v9.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df273bc0761e3acc%2526domain%253Dwisconsin.med-info.org%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwisconsin.med-info.org%25252Ff6c44d40031d24%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D304%26header%3Dtrue%26height%3D290%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F584377958388207%252F%26locale%3Den_US%26sdk%3Djoey%26show_border%3Dtrue%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D290
pragma: no-cache
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: kqgDzJg9w4wefAKXM6TFz3fhGTYWzXxgJSIaSGYWDzj/PedQEcP2IS3S5CTcFLilmeANDnKjQaTIWx85VwcFRw==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
28ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 21:49:58 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EB08 42 B
64 B 40ms
39ms Fetch
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGhZHTezDXz4VK8q4IyA-KZIVtYgWN4RvRoUDws2HLTTNGrwezzJZlq3qVyHZM8zLUKGsLvIvg1iFzxltbheFprqTCmxxYobdSmdQBTEsyWAbZ1hRcKCnovDIp052YQA1l8CWFrHZAA6L2Wf7FG_7mBuvRKoP7xrZ82kp0Zdsiq1Qm_aInPk0qGo4oGd16d1jLxn67iC6Cp6oC8PuH_rO8_ZeFf3-MbO341g3sh7lVQ_QWOIpuazO3qzzfGE-F0dkn37NiKqzEwhRNHy04SpPWVlWEBcJ5defvKIM5YyIBjeoXSUqfdhdhOfn9gchU_Y7gyz0MydzwD8Lr7f1EK2DOxgEV6zahlRBAe1pK9pxPB9w1bRNXlHM5uc2V-hjnFE44l0a2f6-Pdkcij-A2CF-ZQqmZpFstgmgKWHIPuAN6ntiGTIRhQqcX0EAK23uQseci-ec_vLP_I01zPV_9SS2X5us71cEssA2HqYmvg2wFSPP2G0Mb3MtEAMQVDpR5zGWtr_emD4hihBJZfTI6apGmDYC4wwc3BhABIVflLJ7pYEgWl2JNhW-epCWJmrlNtTF_whdX_DeOvVG2L8VLMRxRsbj4TxhMNFMOYrHP1mEOPpkoDcqsU7swgWhPWpOijeQtVrcGOxmM03OZHbSxTUberjtgm6VNQA9D5yeqQBEs5EqLPfFNJX9j3OlNq3OpAlUCtPIj9JUoRjNEue77nrdbUPKE4MUYBLPNeIzdP3P87bEBKYWroyL_uLdRlpTlaGGcCiYIMVMEKdlf0K2d3jz3p23iPLmWpynjdT4xsUw3jSWXExh-OXskwv7hjV-13-L0Qs0mQ-qgjdicU4i3kBNz4Y8R1cB6NW73s2PuwEH7j1bhhGZuqsW8JUul_W9PE2lPH9hVjTxm-jgmqC7SFnZSWRsg7Q&sai=AMfl-YSFM8FXFrlrFej8bPc4e7uBeXA2CxlZ65xXceRLTHFjqxbkw8TiMWYKzi7UTWWIuXHC1aywIU2ZHcUKyRU7jCi5aZw5yrIVW18s40x45OFDM4gLrJePuBdolaZLprRDqDoNRwgRVjlP4yBg&sig=Cg0ArKJSzPTM8R2H14LvEAE&cid=CAQSPADq26N9o9qEzerInDLychAWavmqJMnbDqIWwdg7Wuia0RFEGh9hQCf5LwORZlDykzgZd-L9UtzGUVz0SxgBIBM&id=lidar2&mcvt=1000&p=0,0,90,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1213201053&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670276996795&rpt=957&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6586 13 KB
5 KB 9ms
5ms Document
text/html 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wisconsin.med-info.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 7939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 19:37:39 GMT
expires: Tue, 05 Dec 2023 19:37:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D79B 783 B
535 B 25ms
24ms Document
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e63f8453093b1cb3978c76874191bb1dae49fbe3ce41aa59ca042051d2f99ad0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BBMzS-_8Bj0xKBGSFMOeeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wisconsin.med-info.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-BBMzS-_8Bj0xKBGSFMOeeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 21:49:58 GMT
expires: Mon, 05 Dec 2022 21:49:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 6586 36 KB
16 KB 7ms
5ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 20:57:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 20:57:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D79B 0
0 34ms
32ms Image
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=942285628727111&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6586 0
10 B 5ms
4ms Image
text/plain 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jtJOsA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:49:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EE3A 42 B
64 B 37ms
36ms Fetch
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4ha9H_O3KM3o540AcjmrTxC-mNf7QzLcxeq61LtmC0QDBkH-kkZGlmDu6R2VSu6Nto3fFAnr83af7tD-dRkwiI_y2baf-wZq4K1oKRxL0griMIpV9ilBg-mogX8Bt7pdGkdHqk8nfVMR0SzGk8Di1myHfQlaJEzAlq0reKvdyNGauoen5FnKCyzaa5TedirCpK37xYesHbQ1L4BPBUM5_CZlKrdUszn2FC2MvNghsWYCBf6a6BzxZ3xuYxcSAn8Mn7qvfsUIkPjaEyyCMiHtNIAGV9oze6mmub2iRPBZsBw1rRWshB2LgDI_5tJ_SM4g4WriqPEtuM9RD8VWht6uznhDgqSjJkuakrRuAO7fct1pRmR27sB8QXgz2S8AZUtX89-NVY1SSgDQwCUitzxjsvupASXebFvpuzJ5J4cCFDuBnUMOnA7R_w2ICBRPYht1nh8oIeqoIjOh0pJ5xj4LCzunxib23W-S8jjdsHfgz6bx_BaKBqR8FjNOXitzKqtFjaaJSWTzVs--dWekJu0GLJEzYtjipzIHhRT69pyxXDKmplz30YyBFdPi_uNinFc6J9WBFUH1d9yxhdB8GEnEi4GK4ZoVennvXTH_QB5xkT79YeKXXhLiLBsNWw4gD7nJC03jk-ijoxu0j1Ig5xZz7cempzWNZ5WsPFE_XFO8iIdxb-VmBHkMnSbLo0O6b5m0czIPx8KAHWqbpcvhWu0Ttnk72h0czJxYasc1hOZYq5UgUH52k0ofm4eM_sZb2QhUTmx_8KZqlkSPAU4Q4lSVwnHx8UsZ4JrWkfhO9yILmSLgJBHXx2Uq1O9cNS-oo_ojC1-qJuSpWZfmQsPvdTVmu0zoFQO9nURHo95gudmtioMjeUT-ZH6-2SKkaBg4LzkhyT5kc7qVxpfy6yAfprfwAIHb9fgYQ6xsJV9GMMKB5-rEqt2hbHq-l8FhWCzs6Os745a9FORUag5A6dq0lbFyewTjHNBUXBKLMvgeD7gChs6iWNWHGDi0Jz9O5gOeE&sai=AMfl-YRJ_aN6fn0cK2pCco_Qmfa6_Z-GPxAT1i94Of0IawjZkLaUk9Da8FRwKLgoc2LZteEK6natUk_4pfa0rAf4EO5IMmZDAmDAuViL&sig=Cg0ArKJSzE7Gv2sEXwB8EAE&cid=CAQSGwDq26N9JAfzlXPzNjZjhkIYS19kyvjCmFebDhgBIBM&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=212,841,1000,1049,1049&tos=212,629,159,49,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670276997945&rpt=343&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 36ms
35ms Image
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=942285628727111&bg=!0NOl05fNAAbvMpMzzzI7ACkAdvg8Wi80yntsYuoyr6FjynmvbkwRvlTB4j1pAJpY4rdGFmzLb6aW4wIAAAB5UgAAAANoAQcKAAwn9Oa6RUFpdwFz-HiZAqUG6vx2DEqIaFaUqI3B1LLJ1qv1FLkw6EI_wDtdGnHhH6mWVG_DqBAtwksjSEJb1Sv7aGzsbQCkYof7wKldoR_jihW2rTaJNm2cDRNt3i608QfmAZp6DuEVUavMJt8qQM88iRZRPheEvhSTHkzF3u4tiWaMJ0knajGnmbRkot20YRif0WOg2XGpZISIqDJnzSh85m_eEl8sYJzrXwgID2kyopNegfyEoqV0UjPh50cIkoxYUvW5rdNQyGjyfUWza4AaU5Kln-44oVpsRB4ikLsQ0owT79kxizyd3zuQr8gUsLacuAqRvFVLesa5Sx_RSq0q8hUGdcT-p3PsT5KMEcuwePSozCVgGv8S43IhMmCn9RdxoOvhvXz_0oXozIBNUX7CtwudilKcJjyC1IybAOzi4FzbAW11csM7Q_KC67wxTBx7bc_TTR1YO6usUzNGpFMH1oieCTPus1-fdqjFwIAZEVjBxkR-r6h7uBEhzf8DsHMw5K0RDRpfBZ5oh5DqQj7g5b-skeKjehrryIvlYPq_MVfWZqCKodQFPhYbtlEKIpQhsDiD59BcoVNoX-MB6ItIg-_uH_WGzpoaUhdUbRFinEwGDrZzqAhfD0pa7SLTZGcykz8pxPI0Jgsik__8StBFOC5yh99jCdcYo7NFrxdD6dGp2Bhpp9Yon-JsiygDezZvLzs6k_enFWbty_BpsDxT5u20wL36xIRHbtl01iQAivjTtm-fMSQoOnjjurDQiPh30wZ7xuopQn1Y-rgLlAKrSUpXlZNEPrehPtSv7fn2Vz6QBMhkmGc9qz9JdFy3HhDHPUktps_8bZsFebdAwUW_z7kTgWK-VMa1gYNb4SkpH7nsZjyIkYV8eCxJBNdNBBBL55x_IeO8_3UAdAUbAgq62Rt5Gg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wisconsin.med-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame 7C20 0
17 B 273ms
104ms Ping
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lbbbss57&c=8676353208264&slotId=4338176604132&qqid=CK-Dw9i64_sCFSsGTwgdIcsJwQ&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3e5978e79c0904a5b8667fc9ecfe5df3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 21:49:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKtHcp75GEEaOr5Qpc7dRaE&google_cver=1&google_push=ASkJ3FbT3HETC_YthcPNN7-0jXpcejLARgzZ25jRAIaTxd8D6eDMUdTu3aN_rCpB9liJ_NCz_5AYJJvoO0rGkh2-baH5V_loYDRtbTE

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
wisconsin.med-info.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4vcioe1cprpusa0nlo14ete720
wisconsin.med-info.org/	1970-01-20 08:00:49	Name: popup_user_login Value: yes
.med-info.org/	1970-01-20 17:33:56	Name: _ga_84E59JVSYK Value: GS1.1.1670276996.1.0.1670276996.0.0.0
.med-info.org/	1970-01-20 17:33:56	Name: _ga Value: GA1.1.1813864582.1670276997
.med-info.org/	1970-01-20 17:19:32	Name: __gads Value: ID=dd0c14652bbd96b3-22f49b4c8ed800df:T=1670276996:RT=1670276996:S=ALNI_MYVwW1DliAfNYxP21bzUakX_3Cmvg
.med-info.org/	1970-01-20 17:19:32	Name: __gpi Value: UID=000008c67c685225:T=1670276996:RT=1670276996:S=ALNI_MZJTXyobn1MDFySNyfh0ez9Jn6qRg
.openx.net/	1970-01-20 16:43:32	Name: i Value: a4cd1536-87d1-40ec-9597-3befd3778284\|1670276997
.casalemedia.com/	1970-01-20 16:43:32	Name: CMID Value: Y45nhazpCAI.IUrWvKru1AAA
.casalemedia.com/	1970-01-20 10:07:32	Name: CMPS Value: 044
.casalemedia.com/	1970-01-20 10:07:32	Name: CMPRO Value: 044
.pubmatic.com/	1970-01-20 07:59:23	Name: KTPCACOOKIE Value: YES
.adingo.jp/	1970-01-20 08:41:08	Name: ID Value: 213fc3458791b578c4ddb55a6e15bb4a
.quantserve.com/	1970-01-20 10:07:32	Name: d Value: EGEBCQHeJ4EA
.quantserve.com/	1970-01-20 17:28:11	Name: mc Value: 638e6785-c2d57-a60df-bf688
.pubmatic.com/	1970-01-20 10:07:32	Name: KADUSERCOOKIE Value: F80E3188-33AE-4E8E-9BA8-4BC06C3CE2BA
.doubleclick.net/	1970-01-20 07:58:00	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 17:33:56	Name: IDE Value: AHWqTUnP7e0bP5kO0tf6oZaxbkMWENt39tMmNXV8nnyTVlmIRxsYAKG2p51v5m7OJNE
.casalemedia.com/	1970-01-20 10:07:32	Name: CMTS Value: 3534
.media.net/	1970-01-20 16:43:32	Name: visitor-id Value: 3132785980813212000V10
.mookie1.com/	1970-01-20 17:26:44	Name: id Value: 10598166195870506645
.mookie1.com/	1970-01-20 17:26:44	Name: mdata Value: 1\|10598166195870506645\|1670276998506
.mookie1.com/	1970-01-20 17:26:44	Name: ov Value: 3557515f743e13f624e0436c507241a3
.media.net/	1970-01-20 08:18:06	Name: data-g Value: CAESEE0kWZO-FgwY1sIcWb_93TI~~6

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKtHcp75GEEaOr5Qpc7dRaE&google_cver=1&google_push=ASkJ3FbT3HETC_YthcPNN7-0jXpcejLARgzZ25jRAIaTxd8D6eDMUdTu3aN_rCpB9liJ_NCz_5AYJJvoO0rGkh2-baH5V_loYDRtbTE Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-6918261762299641&fa=1&ifi=8&uci=a!8&btvi=2&xpc=IEmaLd7BH8&p=https%3A//wisconsin.med-info.org Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
beacon.walmart.com
cc.adingo.jp
clients1.google.com
cm.g.doubleclick.net
cms.quantserve.com
cntad.win
code.jquery.com
connect.facebook.net
contextual.media.net
cs.media.net
cse.google.com
csi.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hblg.media.net
i1.ytimg.com
image6.pubmatic.com
lg3.media.net
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
qsearch-a.akamaihd.net
res-a.akamaihd.net
rr3---sn-ab5sznzs.googlevideo.com
rtb.openx.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
warp.media.net
wisconsin.med-info.org
www.facebook.com
www.google-analytics.com
www.google.com
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.117.182.24
104.117.182.27
104.18.33.19
104.36.115.113
142.251.40.162
149.28.59.158
20.242.10.199
2001:4de0:ac18::1:a:3b
23.205.72.21
23.221.200.79
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::200e
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80e::2003
2607:f8b0:4006:80e::2004
2607:f8b0:4006:80f::2002
2607:f8b0:4006:81c::2008
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:820::200a
2607:f8b0:4006:821::200e
2607:f8b0:4006:823::2003
2607:f8b0:4006:823::200e
2607:f8b0:4006:824::200e
2607:f8b0:4006:c::8
2620:116:800b:21:b08a:1dc5:659b:4055
2a00:1450:4001:829::2003
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
35.186.253.211
35.190.90.30
45.63.18.208
54.198.81.87
8.43.72.97
00464e99d3fccffdc4f58f1e9a555c8407d335fa2ef284e6d1016178db8d2570
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03b2cfb5af9161e158dc00a2ccaa95b85f31d6bfa9c1c1d495262360104bfa4c
049548c35249dc077dcd8de9096941ae8f1b26d86eb2e08d23b80cdcbbd7ccbb
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e11a48db8d4ee5ab17d094a2088c78d61756ab495ebf5bbfeb10c3fe5ff9d99
0f02f606ca4151c11cedb29d98df94f802efeb962bff36c7307b6ad014aef7d1
124c6d821741767fedb0d9dab942bc68c73c5405b9281a6c27816b459d974a7d
17cbe22321ab0102bb3a98463765f18e5b81506fd2881e8bfe68976e61e152c8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07
248d57795590a30dd9f066c9bb1e3e442f3746942fe3a48a0bee5233d438bedf
260a3cb1fcdadd36cade027abd78983a830b5967eada9793c191f00ba6ccd633
27e480f018e4c88d20d93dfa41d87c1916429a4ec8f9997605a38172bcfa01af
27ea18da80adee49b52a4f197159d3a7386bc60181b971d038f9c5f023283de0
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2fe0f295cf5414658e0d6b7ff60bd4a54f23345cb8adb35fa5198c68a27634dd
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
3457c37203df18aa22dc1d40a106b0bca1ed024fe231feff413d83a2c08037ad
359b45d75ea990909a4fcb6e7e19ca29f745d3c063c68b92979db16555193dda
3cbe7b8c49090bbf6baa916b571e8b9932ea60823b35f234335c5644c8288409
3f14e3a09c8d56425e0d497c794324a5323002bee504405781bb9d2a4c726c9b
403200cec92609ed3dc0f34f519b268a9acdc2e284489e012fe9ad10846af7a5
40ec8f43763ebb1adef0f0aa3116e2d8c7c965168ec1dde22aae6f61f1948f18
42990e63ecb21c24850dc50d23acc3295170155ce02fae7a88dcbd215ca1fe67
46cf40ab18f249cc38bccb94f40e9395673edeb38166a0ac38accd58ba375fd6
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4c515989a8e418d2918ed4318f438318f53620d5af860a6aa271586cfccb8d54
4cca7e39412114f185d0dbe56ab441808a0031c78c82f4969b8d940b1548d81a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f9aa0c16f4fc5cb347735cf14f530a4f6b401b6aa6545188034e800b2b2a7f7
50648333f979f2fede4091ab0d5e42b4b38fda0258de11cad0943fb70ab66119
5378446b6ad60bb4bb7d3b184780f18fa108b729087f73d5878d60d1648285c8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c7189045ce2e0f65833c76bffce6a370c234587d5576ee39d951a11dcd78d92
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
616f48e920428089790403eb02d4c11299480c9d850f09d0573f20ddd0a0fca5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
647e35c46211deab300aadf3762c5d7f608220b1efa834fbba5773e4c16ec0d6
687b146e9601603f7a9c961a619d93a4a6edbf3a064cdaab0908a8e296b41909
71a8be1afe6e03fc91ef705cffaf7f3058159e8d86b7adb9d78a56cd7f18f577
73f5135b6d8ef3aa686fa7d158bbc79cff2abb2e23ac8cb0e9bc7cd4751487b9
77e151b99d1d7a599978700852ae70bda86b886e157017a22ec94d68de266c0e
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7d87a2a67c2b5b6283af82f11251b407e92f1006917952dd5c16dbf6070a2ad2
7df5ca3b59eea6fc025f5e6ab8d4e10e83dbd7766102394fa53309a4496d9d92
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
84b6bdedc9b65fb2d9d489da5ab4bef197167ce05f39d9507b5298b1d01de612
8e4a5154ef340c5027e548d5ea5c780b84cb0f0027b35d00fe40beb36e25da22
9661ff137344cf8e82b05a37334097e97815287c310a2d54ac1ec37d01d800b5
971cbf0ac68a396082359f3d71e1196ebd151086b7ca462d3404473afbcc0059
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9fe6366fbb6bedf99d42136ff5a048e0cc419ca41b8fc739ad6f4b2583ad6cb6
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a10719f5b5c503040b7d931d1c0b3607bbc84850e4c1374d5aa2ae1bc6ac1b0c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a60290dcbc400e75afedd2983ac8df0b99c0e981220970c90f979bf6c6543dbb
a7a9ba5522849746df0fde0aa08ea1b8be5f5b5db3b96f86ccac4f298904b517
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a95f152c80ae9e159703227129e4f190a2ef05516518e645dadff47ab93515f1
a9dd798ab7ccba088eba971347f97c9578c1265b640c7a941764d7ff983fdcb7
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
adf73aa0305b205766893a466cf07bb217258a7c6412dd0673bc5fa6aab3727b
affb80a34ee48548cd287fafe91063f88535475d5b1a307e44a6f4e57b4ef87c
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1e853a4580c38ce58e73e9d5d810ec7553921015d64971c3138354bd3b2e5a0
b254b19d4d95dba74bb33caaaf8bc632a18457fca2a8c982d8a0aa6e4a311bf1
b91e612dbd56753df5d786357fe9cd5dc670e26fca05f59a3812f0c2374b44a2
bb8ffd4e536f7775eca321b27b54da318b7245306806d504ca6a36dbf4db1d57
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bfb1eb6f26a668c783077b5a9e63d2c1c7bbda0e92ce950107a57e5ed6a094ef
c24007f8d6f56c5cd76f1a809f5469c1ad135fba685dc3fac43a286743868bf3
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c31cb008469d7a4234e428fa2dc03fab1cb31688c1541aadfefa33c2f82bc16f
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
cc17b1d171d7853f99fa37b6b935d12d092baf0d71aea5560afc0870690c8427
d2acaee7cb557780452b56f8ed9616a537b20db8b1d3feb9d9fffe215da07608
d7c3b8587d1c7cc4c961d6dffa39bce15c17d6a29302d134290f1aeda5dc5c61
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e19c5963e47ae102ca8ea9b26062695bc86deaf6154ca8a3084810fd11710586
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5868a14238ba3fd43b1922aa6db736f4b05970b5162451f6e89c0fd70e84b08
e63f8453093b1cb3978c76874191bb1dae49fbe3ce41aa59ca042051d2f99ad0
e69092861abbca09412134d203c8da7928bb65c5a05e59045dd3ff042efbac20
e7f5b851c7222f5aab059befbb412b05a49b302e8997dce63933db6eac043779
e96d5ddd39a2b3989fe4e3f18b134a6f445da1d00d5b9d7ad68a118c4077f8e1
ec1555fc2430d7bf9eaccf108a229ebddd5522f8cdce5663ece904ec011da578
ecb0ad4f71733d89712282a41d6bfa04b13a1dfa1b4607132e344908dc710fc6
ed3f60247ca405063650ca46c7acef274fb36bd9d129efa53109d7bc8e622ad6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a
fc184f96dd18794e204c41075a00923be7e8e568744231d74f2fdf8921f78d29

wisconsin.med-info.org Open in urlscan Pro 45.63.18.208 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

171 Requests

92 %HTTPS

62 %IPv6

27 Domains

44 Subdomains

31 IPs

4 Countries

3192 kBTransfer

6260 kBSize

23 Cookies

59 Outgoing links

Page URL History

Redirected requests

171 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wisconsin.med-info.org Open in urlscan Pro
45.63.18.208 Public Scan

Screenshot
Live screenshot

Full Image

171
Requests

92 %
HTTPS

62 %
IPv6

27
Domains

44
Subdomains

31
IPs

4
Countries

3192 kB
Transfer

6260 kB
Size

23
Cookies

171 HTTP transactions
12 data transactions