usv518.com Open in urlscan Pro
104.21.40.81 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://usv518.com/
Submission: On December 09 via api (December 9th 2023, 11:22:29 pm UTC) from US — Scanned from US

Summary HTTP 127 Redirects Links 103 Behaviour Indicators

Summary

This website contacted 51 IPs in 4 countries across 42 domains to perform 127 HTTP transactions. The main IP is 104.21.40.81, located in and belongs to CLOUDFLARENET, US. The main domain is usv518.com.
TLS certificate: Issued by GTS CA 1P5 on December 9th 2023. Valid for: 3 months.

This is the only time usv518.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	104.21.40.81 104.21.40.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
3	108.138.107.138 108.138.107.138	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:24f... 2600:9000:24f0:c000:19:bcbe:a700:21	16509 (AMAZON-02) (AMAZON-02)
2 12	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2008	15169 (GOOGLE) (GOOGLE)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
2	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
1	54.82.17.205 54.82.17.205	14618 (AMAZON-AES) (AMAZON-AES)
2 3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b130:f3cf:b4f3:7358:30cb	14618 (AMAZON-AES) (AMAZON-AES)
1	34.225.218.210 34.225.218.210	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.214.41 13.224.214.41	16509 (AMAZON-02) (AMAZON-02)
2	18.173.138.29 18.173.138.29	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9b	15169 (GOOGLE) (GOOGLE)
1	13.224.214.100 13.224.214.100	16509 (AMAZON-02) (AMAZON-02)
1	23.4.232.54 23.4.232.54	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.168.105.22 35.168.105.22	14618 (AMAZON-AES) (AMAZON-AES)
2	199.250.161.129 199.250.161.129	26459 (TTD-ASN-01) (TTD-ASN-01)
2 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.211.156.215 35.211.156.215	15169 (GOOGLE) (GOOGLE)
2	104.36.115.111 104.36.115.111	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2620:100:a001... 2620:100:a001::18	19750 (AS-CRITEO) (AS-CRITEO)
2	68.67.179.166 68.67.179.166	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2602:803:c002... 2602:803:c002:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.238.4.127 18.238.4.127	16509 (AMAZON-02) (AMAZON-02)
8	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:821::2001	15169 (GOOGLE) (GOOGLE)
2	13.224.214.10 13.224.214.10	16509 (AMAZON-02) (AMAZON-02)
2 15	2607:f8b0:400... 2607:f8b0:4006:817::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:374	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	93.184.216.86 93.184.216.86	15133 (EDGECAST) (EDGECAST)
2 4	18.238.4.110 18.238.4.110	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.154.8 35.244.154.8	15169 (GOOGLE) (GOOGLE)
1 1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
2	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:807::200e	15169 (GOOGLE) (GOOGLE)
8 10	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
4	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
4	142.250.64.66 142.250.64.66	15169 (GOOGLE) (GOOGLE)
1 1	44.197.19.224 44.197.19.224	14618 (AMAZON-AES) (AMAZON-AES)
2 2	54.156.40.244 54.156.40.244	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	35.168.129.45 35.168.129.45	14618 (AMAZON-AES) (AMAZON-AES)
3 3	63.251.114.136 63.251.114.136	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	2600:1f18:75e... 2600:1f18:75e7:5600:d90b:c352:5424:27fd	14618 (AMAZON-AES) (AMAZON-AES)
1	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.199.164.108 34.199.164.108	14618 (AMAZON-AES) (AMAZON-AES)
1	34.230.132.179 34.230.132.179	14618 (AMAZON-AES) (AMAZON-AES)
2 3	8.28.7.82 8.28.7.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
1 1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
127	51

2 104.21.40.81 (None, )

ASN13335 (CLOUDFLARENET, US)

usv518.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

www.health.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.107.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-107-138.jfk50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f0:c000:19:bcbe:a700:21 (United States)

ASN16509 (AMAZON-02, US)

d30qdagvt44524.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:824::2002 (United States) 2 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.82.17.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-17-205.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:f3cf:b4f3:7358:30cb (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.218.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-218-210.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.214.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-41.phl50.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.138.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-138-29.jfk52.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.214.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-100.phl50.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.4.232.54 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-4-232-54.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.168.105.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-105-22.compute-1.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.250.161.129 (United States)

ASN26459 (TTD-ASN-01, US)

direct.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.156.215 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 215.156.211.35.bc.googleusercontent.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.166 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c002:200::41 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.4.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-127.phl51.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::2001 (United States)

ASN15169 (GOOGLE, US)

1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.214.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-10.phl50.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:817::2001 (United States) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:374 (United States)

ASN13335 (CLOUDFLARENET, US)

tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.216.86 (Lombard, United States)

ASN15133 (EDGECAST, US)

g.3gl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.238.4.110 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-110.phl51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 162.19.138.82 (Frankfurt am Main, Germany) 8 redirects

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.64.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.197.19.224 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-19-224.compute-1.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.156.40.244 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-40-244.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.168.129.45 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-129-45.compute-1.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.251.114.136 (United States) 3 redirects

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:75e7:5600:d90b:c352:5424:27fd (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

capig.dotdashmdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.164.108 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-164-108.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.230.132.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-132-179.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.28.7.82 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.226 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148	280 KB
14	gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	269 KB
14	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	255 KB
11	id5-sync.com 8 redirects cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	46 KB
9	health.com www.health.com — Cisco Umbrella Rank: 108491	344 KB
7	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811 bidder.criteo.com — Cisco Umbrella Rank: 776 dis.eu.criteo.com — Cisco Umbrella Rank: 7334	2 KB
6	pubmatic.com 3 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504 image8.pubmatic.com — Cisco Umbrella Rank: 661 image2.pubmatic.com — Cisco Umbrella Rank: 859	1 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com — Cisco Umbrella Rank: 410	72 KB
5	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 484 dsum.casalemedia.com — Cisco Umbrella Rank: 1364 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	2 KB
5	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 331 direct.adsrvr.org — Cisco Umbrella Rank: 3147	2 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	1 KB
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 537	4 KB
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3016 launchpad.privacymanager.io — Cisco Umbrella Rank: 2702 geo.privacymanager.io — Cisco Umbrella Rank: 2070	28 KB
3	lijit.com 3 redirects ce.lijit.com — Cisco Umbrella Rank: 835	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	liadm.com 1 redirects idx.liadm.com — Cisco Umbrella Rank: 2268 rp.liadm.com — Cisco Umbrella Rank: 1632 rp4.liadm.com — Cisco Umbrella Rank: 6685	1 KB
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1751 beacon.krxd.net — Cisco Umbrella Rank: 699	556 B
2	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1020 B
2	360yield.com 2 redirects ice.360yield.com — Cisco Umbrella Rank: 1817	1 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 465	1 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 563	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	128 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327	888 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	169 KB
2	tru.am tru.am — Cisco Umbrella Rank: 4736	12 KB
2	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 229	1 KB
2	bidswitch.net grid.bidswitch.net — Cisco Umbrella Rank: 1196	720 B
2	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 718	1 KB
2	rlcdn.com api.rlcdn.com Failed idsync.rlcdn.com — Cisco Umbrella Rank: 408	838 B
2	usv518.com usv518.com	94 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	dotdashmdp.com capig.dotdashmdp.com — Cisco Umbrella Rank: 15563	348 B
1	gumgum.com 1 redirects rtb.gumgum.com — Cisco Umbrella Rank: 1472	274 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940	270 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 777	631 B
1	3gl.net g.3gl.net — Cisco Umbrella Rank: 7060	11 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1042	17 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	98 KB
1	cloudfront.net d30qdagvt44524.cloudfront.net	376 B
127	42

	Domain	Requested by
15	tpc.googlesyndication.com	2 redirects securepubads.g.doubleclick.net tpc.googlesyndication.com 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
12	securepubads.g.doubleclick.net	2 redirects www.health.com securepubads.g.doubleclick.net
10	id5-sync.com	8 redirects usv518.com
9	www.health.com	usv518.com www.health.com
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com usv518.com www.googletagservices.com
4	www.googleadservices.com
4	fonts.gstatic.com	fonts.googleapis.com
4	encrypted-tbn3.gstatic.com	1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
4	sb.scorecardresearch.com	2 redirects
4	fastlane.rubiconproject.com	www.health.com
3	image8.pubmatic.com	2 redirects
3	ce.lijit.com	3 redirects
3	1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	match.adsrvr.org	2 redirects www.health.com
3	c.amazon-adsystem.com	www.health.com c.amazon-adsystem.com
2	dsum.casalemedia.com	2 redirects
2	ice.360yield.com	2 redirects
2	pixel.tapad.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	encrypted-tbn1.gstatic.com	1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
2	encrypted-tbn0.gstatic.com	1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
2	www.gstatic.com	1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
2	www.googletagservices.com	1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
2	fonts.googleapis.com	1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
2	px.ads.linkedin.com	1 redirects
2	idsync.rlcdn.com	2 redirects
2	connect.facebook.net	usv518.com connect.facebook.net
2	tru.am	www.googletagmanager.com tru.am
2	geo.privacymanager.io	launchpad.privacymanager.io
2	ib.adnxs.com	www.health.com
2	bidder.criteo.com	www.health.com
2	hbopenbid.pubmatic.com	www.health.com
2	grid.bidswitch.net	www.health.com
2	htlb.casalemedia.com	www.health.com
2	direct.adsrvr.org	www.health.com
2	pixel.adsafeprotected.com	www.health.com
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	usv518.com	www.health.com
1	image2.pubmatic.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	dsum-sec.casalemedia.com
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	www.facebook.com
1	capig.dotdashmdp.com	usv518.com
1	dis.eu.criteo.com	1 redirects
1	rtb.gumgum.com	1 redirects
1	lb.eu-1-id5-sync.com	usv518.com
1	pippio.com	1 redirects
1	g.3gl.net	usv518.com
1	www.google.com	tpc.googlesyndication.com
1	launchpad.privacymanager.io	launchpad-wrapper.privacymanager.io
1	cdn.id5-sync.com	usv518.com
1	secure.cdn.fastclick.net	usv518.com
1	launchpad-wrapper.privacymanager.io	usv518.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	idx.liadm.com	www.health.com
1	www.googletagmanager.com	usv518.com
1	d30qdagvt44524.cloudfront.net	www.health.com
0	api.rlcdn.com Failed	www.health.com
127	68

This site contains links to these domains. Also see Links.

Domain
www.health.com
www.facebook.com
twitter.com
www.pinterest.com
www.instagram.com
www.youtube.com
jackienewgent.com
www.coachkastor.com
www.teamusa.org
www.cdc.gov
doi.org
www.heart.org
medlineplus.gov
www.cancer.gov
acaai.org
www.doi.org
www.eatright.org
www.fda.gov
www.skincancer.org
www.ncbi.nlm.nih.gov
www.dotdashmeredith.com

Subject Issuer	Validity	Valid
usv518.com GTS CA 1P5	`2023-12-09` - `2024-03-08`	3 months	crt.sh
health.com R3	`2023-10-12` - `2024-01-10`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-08-31` - `2024-09-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-27`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-18` - `2023-12-17`	3 months	crt.sh
g.3gl.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-23` - `2024-07-23`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
capig.dotdashmdp.com Amazon RSA 2048 M03	`2023-08-16` - `2024-09-13`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://usv518.com/
Frame ID: E0FD224656A0308174DC8EAAEFB7E603
Requests: 78 HTTP requests in this frame

Frame: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EA47CBC17556B69D10B6858B085DC8BE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 695E836510EB1F3BB663EE9F26EE3800
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E3A6D61E1F9E4D761AE6DC109E781C13
Requests: 2 HTTP requests in this frame

Frame: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 40EB8D0B5AA69B5B4853107DDD3DBA46
Requests: 18 HTTP requests in this frame

Frame: https://g.3gl.net/jp//v3.3.5/M
Frame ID: F38F112222C23FEB59EDCE3B0256850E
Requests: 1 HTTP requests in this frame

Frame: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 14138B90D6D3231146E0F8C0242F281B
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 769E7F55A9A1533EC91D74547B5F64B7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 1AD0594898A2EF88055CB8C655269AD5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

26 Simple Diet and Fitness Tips

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

127
Requests

89 %
HTTPS

41 %
IPv6

42
Domains

68
Subdomains

51
IPs

4
Countries

1852 kB
Transfer

5085 kB
Size

67
Cookies

103 Outgoing links

These are links going to different origins than the main page.

URL: https://www.health.com/weight-loss/30-simple-diet-and-fitness-tips#main
Title: Skip to content

Search URL Search Domain Scan URL

URL: https://www.health.com/
Title: Health

Search URL Search Domain Scan URL

URL: https://www.health.com/weight-loss/30-simple-diet-and-fitness-tips
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.health.com/news
Title: News

Search URL Search Domain Scan URL

URL: https://www.health.com/diseases-conditions
Title: Conditions A - Z

Search URL Search Domain Scan URL

URL: https://www.health.com/condition/anxiety
Title: Anxiety

Search URL Search Domain Scan URL

URL: https://www.health.com/condition/infectious-diseases/coronavirus
Title: Coronavirus

Search URL Search Domain Scan URL

URL: https://www.health.com/condition/type-2-diabetes
Title: Type 2 Diabetes

Search URL Search Domain Scan URL

URL: https://www.health.com/condition/headaches-and-migraines
Title: Headaches and Migraines

Search URL Search Domain Scan URL

URL: https://www.health.com/condition/heart-disease
Title: Heart Disease

Search URL Search Domain Scan URL

URL: https://www.health.com/nutrition
Title: Nutrition

Search URL Search Domain Scan URL

URL: https://www.health.com/wellness
Title: Wellness

Search URL Search Domain Scan URL

URL: https://www.health.com/mental-health-6951502
Title: Mental Health

Search URL Search Domain Scan URL

URL: https://www.health.com/fitness
Title: Fitness

Search URL Search Domain Scan URL

URL: https://www.health.com/beauty/skincare
Title: Skincare

Search URL Search Domain Scan URL

URL: https://www.health.com/condition/sexual-health
Title: Sexual Health

Search URL Search Domain Scan URL

URL: https://www.health.com/what-to-buy-6951517
Title: What to Buy

Search URL Search Domain Scan URL

URL: https://www.health.com/news-and-deals-7091248
Title: News & Deals

Search URL Search Domain Scan URL

URL: https://www.health.com/food-beverages-and-meal-kits-6951521
Title: Meal Kits

Search URL Search Domain Scan URL

URL: https://www.health.com/oral-and-dental-products-6951524
Title: Oral & Dental Care

Search URL Search Domain Scan URL

URL: https://www.health.com/skincare-products-6951522
Title: Skincare Products

Search URL Search Domain Scan URL

URL: https://www.health.com/therapy-subscriptions-and-telemedicine-6951526
Title: Therapy Subscriptions

Search URL Search Domain Scan URL

URL: https://www.health.com/about-us-5223970
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.health.com/health-com-s-editorial-process-5224046
Title: Editorial Process

Search URL Search Domain Scan URL

URL: https://www.health.com/health-com-s-medical-expert-board-5224047
Title: Medical Expert Board

Search URL Search Domain Scan URL

URL: https://www.health.com/health-com-s-anti-racism-pledge-5224049
Title: Anti-Racism Pledge

Search URL Search Domain Scan URL

URL: https://www.health.com/how-health-com-test-products-5224057
Title: Testing and Vetting Products

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Health/

Search URL Search Domain Scan URL

URL: https://twitter.com/health_com_

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/health/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/health/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCF11Yrx9bAy2Q6j6lgo0JwQ

Search URL Search Domain Scan URL

URL: https://www.health.com/eat-well-6951509
Title: Eat Well

Search URL Search Domain Scan URL

URL: https://www.health.com/author/leslie-barrie
Title: Leslie Barrie

Search URL Search Domain Scan URL

URL: https://www.health.com/weight-loss/30-simple-diet-and-fitness-tips#toc-our-editorial-process
Title: health's editorial guidelines

Search URL Search Domain Scan URL

URL: https://www.health.com/elizabeth-barnes-rdn-6751116
Title: Elizabeth Barnes, RDN

Search URL Search Domain Scan URL

URL: https://jackienewgent.com/
Title: Jackie Newgent, RD

Search URL Search Domain Scan URL

URL: https://www.coachkastor.com/about/
Title: Andrew Kastor

Search URL Search Domain Scan URL

URL: https://www.health.com/weight-loss/best-snacks-for-weight-loss
Title: healthy snack options

Search URL Search Domain Scan URL

URL: https://www.health.com/weight-loss/best-superfoods-for-weight-loss
Title: 10 Foods That May Help With Weight Loss

Search URL Search Domain Scan URL

URL: https://www.health.com/ice-baths-8404207
Title: ice baths

Search URL Search Domain Scan URL

URL: https://www.health.com/weight-loss/how-often-should-you-weigh-yourself
Title: how often to weigh yourself

Search URL Search Domain Scan URL

URL: https://www.health.com/fitness/does-muscle-weigh-more-than-fat
Title: What Weighs More: Muscle or Fat?

Search URL Search Domain Scan URL

URL: https://www.health.com/weight-loss/14-ways-to-cut-portions-without-feeling-hungry
Title: portion control

Search URL Search Domain Scan URL

URL: https://www.health.com/nutrition/citrus-fruit-health-benefits
Title: lime, lemon, and orange wedge

Search URL Search Domain Scan URL

URL: https://www.health.com/condition/infectious-diseases/best-kn95-masks
Title: sunglasses

Search URL Search Domain Scan URL

URL: https://www.health.com/fitness/make-running-fun
Title: Ways To Enjoy Running

Search URL Search Domain Scan URL

URL: https://www.health.com/mind-body
Title: body fat.

Search URL Search Domain Scan URL

URL: https://www.health.com/nutrition/is-beef-jerky-healthy
Title: Cayenne pepper

Search URL Search Domain Scan URL

URL: https://www.health.com/fitness/20-minute-hiit-workout
Title: HIIT

Search URL Search Domain Scan URL

URL: https://www.health.com/fitness/best-running-shoes-with-arch-support
Title: running shoes

Search URL Search Domain Scan URL

URL: https://www.health.com/style/cheap-workout-clothes
Title: sports bras

Search URL Search Domain Scan URL

URL: https://www.teamusa.org/usa-track-and-field/athletes/deena-kastor
Title: Deena Kastor

Search URL Search Domain Scan URL

URL: https://www.health.com/nutrition/night-workout-nutrition
Title: post-workout

Search URL Search Domain Scan URL

URL: https://www.health.com/fitness/what-to-eat-before-running
Title: What To Eat When You Run

Search URL Search Domain Scan URL

URL: https://www.health.com/weight-loss/healthy-eating-habits
Title: healthy eating habits

Search URL Search Domain Scan URL

URL: https://www.health.com/nutrition/is-brown-rice-healthy
Title: carbs

Search URL Search Domain Scan URL

URL: https://www.health.com/food/to-go-protein-snacks
Title: snacks with a lot of protein

Search URL Search Domain Scan URL

URL: https://www.health.com/mind-body/ways-prevent-thigh-rub
Title: anti-chafing products

Search URL Search Domain Scan URL

URL: https://www.health.com/fitness/how-many-days-work-out
Title: How Many Days To Work Out

Search URL Search Domain Scan URL

URL: https://www.cdc.gov/healthyweight/healthy_eating/drinks.html
Title: Rethink your drink

Search URL Search Domain Scan URL

URL: https://www.cdc.gov/healthyweight/healthy_eating/water-and-healthier-drinks.html
Title: Water and healthier drinks

Search URL Search Domain Scan URL

URL: https://doi.org/10.1016/j.ptsp.2021.01.004
Title: Heat and cold therapy reduce pain in patients with delayed onset muscle soreness: A systematic review and meta-analysis of 32 randomized controlled trials

Search URL Search Domain Scan URL

URL: https://doi.org/10.1007/s40279-015-0431-7
Title: Can water temperature and immersion time influence the effect of cold water immersion on muscle soreness? A systematic review and meta-analysis

Search URL Search Domain Scan URL

URL: https://www.heart.org/en/news/2022/12/09/youre-not-a-polar-bear-the-plunge-into-cold-water-comes-with-risks
Title: You're not a polar bear: the plunge into cold water comes with risks

Search URL Search Domain Scan URL

URL: https://medlineplus.gov/ency/article/000540.htm
Title: Cryoglobulinemia

Search URL Search Domain Scan URL

URL: https://medlineplus.gov/raynaudsdisease.html
Title: Raynaud's disease

Search URL Search Domain Scan URL

URL: https://www.cancer.gov/publications/dictionaries/cancer-terms/def/dysesthesia
Title: Dysesthesia

Search URL Search Domain Scan URL

URL: https://acaai.org/allergies/allergic-conditions/skin-allergy/hives/
Title: Hives

Search URL Search Domain Scan URL

URL: https://www.doi.org/10.5772/intechopen.104454
Title: Sugar and its impact on health. In: Malnutrition [Working Title]

Search URL Search Domain Scan URL

URL: https://www.cdc.gov/nutrition/data-statistics/be-sugar-smart.html
Title: Be sugar smart: limiting added sugars can improve health

Search URL Search Domain Scan URL

URL: https://www.cdc.gov/nutrition/data-statistics/added-sugars.html
Title: Get the facts: added sugars

Search URL Search Domain Scan URL

URL: https://doi.org/10.1037/bul0000216
Title: Effects of music in exercise and sport: A meta-analytic review

Search URL Search Domain Scan URL

URL: https://www.eatright.org/health/lifestyle/seasonal/helpful-tips-for-healthy-holiday-parties
Title: Helpful tips for healthy holiday parties

Search URL Search Domain Scan URL

URL: https://www.cdc.gov/healthyweight/healthy_eating/index.html
Title: Healthy eating for a healthy weight

Search URL Search Domain Scan URL

URL: https://www.eatright.org/food/planning-and-prep/cooking-tips-and-trends/get-to-know-your-spice-rack
Title: Get to know your spice rack

Search URL Search Domain Scan URL

URL: https://doi.org/10.1007/s40279-014-0245-z
Title: Exercise-related transient abdominal pain(ETAP)

Search URL Search Domain Scan URL

URL: https://www.doi.org/10.3945/an.113.004325
Title: Resistant starch: promise for improving human health

Search URL Search Domain Scan URL

URL: https://www.doi.org/10.1128/mBio.01343-17
Title: Impact of dietary resistant starch on the human gut microbiome, metaproteome, and metabolome

Search URL Search Domain Scan URL

URL: https://www.fda.gov/drugs/understanding-over-counter-medicines/sunscreen-how-help-protect-your-skin-sun
Title: Sunscreen: how to help protect your skin from the sun

Search URL Search Domain Scan URL

URL: https://www.skincancer.org/skin-cancer-prevention/seal-of-recommendation/
Title: Seal of recommendation

Search URL Search Domain Scan URL

URL: https://www.ncbi.nlm.nih.gov/books/NBK559033/
Title: High fiber diet

Search URL Search Domain Scan URL

URL: https://www.doi.org/10.1249/JES.0000000000000226
Title: Consistent morning exercise may be beneficial for individuals with obesity

Search URL Search Domain Scan URL

URL: https://www.health.com/30-30-30-8391851
Title: <img src="https://www.health.com/thmb/1ucHahtL2lULXjqdN3ICTRyqCks=/282x188/filters:no_upscale():max_bytes(150000):strip_icc()/303030-0d100f638d924553bce7eb878eb0506b.jpg" width="282" height="188" class="img--noscript card__img universal-image__image" alt="Young African woman standing by her kitchen stove in the morning and plating up a freshly made breakfast" /> What Is the 30/30/30 Method?

Search URL Search Domain Scan URL

URL: https://www.health.com/benefits-of-cold-showers-8401921
Title: <img src="https://www.health.com/thmb/jyESQMBAusmymgpcbf6m_6lPQp4=/282x188/filters:no_upscale():max_bytes(150000):strip_icc()/Health-Stocksy_txpff25f97fFUq300_Medium_4472070-c1a2c820e3cf4584817d29c3081f6364.jpg" width="282" height="188" class="img--noscript card__img universal-image__image" alt=" a woman relaxing in the shower" /> What Are the Benefits of Taking a Cold Shower?

Search URL Search Domain Scan URL

URL: https://www.health.com/fitness/best-workout-tank-tops
Title: <img src="https://www.health.com/thmb/LdRz2_fviyjf425ABpwWQi2WYfM=/282x188/filters:no_upscale():max_bytes(150000):strip_icc()/workout-tank-tops-tout-2ded21c008d34991b6c502ce26d6ca33.jpg" width="282" height="188" class="img--noscript card__img universal-image__image" alt="Workout Tank Tops" /> The 12 Best Workout Tank Tops for Every Type of Sweat Session

Search URL Search Domain Scan URL

URL: https://www.health.com/best-sports-bras-7371907
Title: <img src="https://www.health.com/thmb/l-YgnmKPDu9AJ_0wRaKqCCS8M6k=/282x188/filters:no_upscale():max_bytes(150000):strip_icc()/12-Best-Sports-Bras-of-2023-tout-5c39a914656f44c896047730f310ee82.jpg" width="282" height="188" class="img--noscript card__img universal-image__image" alt="Best Sports Bras of 2023" /> The 12 Best Sports Bras, Tested Studio to Street and Every Workout In Between

Search URL Search Domain Scan URL

URL: https://www.health.com/mind-body/20-signs-youre-too-obsessed-with-your-weight
Title: <img src="https://www.health.com/thmb/buM3lVqFP4D6FiLTVHsflsE3PR4=/282x188/filters:no_upscale():max_bytes(150000):strip_icc()/Health-GettyImages-1199692981-996c0773aa754b67a9a6554cb80cdb7c.jpg" width="282" height="188" class="img--noscript card__img universal-image__image" alt="A woman stands on a scale" /> 18 Signs You May Be Too Focused on Weight Loss

Search URL Search Domain Scan URL

URL: https://www.health.com/fasted-cardio-8380393
Title: <img src="https://www.health.com/thmb/kXHv4O1ygdtvD8EEfEuBhmTEI8U=/282x188/filters:no_upscale():max_bytes(150000):strip_icc()/Health-GettyImages-1406897522-4f23c3e8f3014bd8bc715855ec7c19d5.jpg" width="282" height="188" class="img--noscript card__img universal-image__image" alt="woman eating granola for breakfast" /> Should You Eat Before a Morning Workout? Experts Say It Depends on Your Goals

Search URL Search Domain Scan URL

URL: https://www.health.com/fitness/cool-gifts-guys
Title: <img src="https://www.health.com/thmb/f0_D7qPFq9Pj7ZzTNn99y0sq8DI=/282x188/filters:no_upscale():max_bytes(150000):strip_icc()/51-best-gifts-for-guys-who-love-to-work-out-9498c46d88b74a86bb629dc99cf5324e.jpg" width="282" height="188" class="img--noscript card__img universal-image__image" alt="51-best-gifts-for-guys-who-love-to-work-out" /> The 51 Best Gifts for Guys Who Love to Work Out

Search URL Search Domain Scan URL

URL: https://www.health.com/best-sports-bras-for-large-breasts-7510899
Title: <img src="https://www.health.com/thmb/kqRPe-VWZ2bJW5a09Jtu9cydJ7g=/282x188/filters:no_upscale():max_bytes(150000):strip_icc()/hlt-best-sports-bras-for-large-breasts-tout-f08d0077fafd4727a0d9e47d16bd28a7.jpg" width="282" height="188" class="img--noscript card__img universal-image__image" alt="Best Sports Bras for Large Breasts" /> The 12 Best Sports Bras For Big Breasts, Tested and Reviewed

Search URL Search Domain Scan URL

URL: https://www.health.com/best-exercise-bikes-8383802
Title: <img src="https://www.health.com/thmb/eozaLV6at8uzmhRkQPSVHvgQ_P8=/282x188/filters:no_upscale():max_bytes(150000):strip_icc()/Best-Exercise-Bikes-HLT-tout-01484f03a9834d88b738e235096f18c8.jpg" width="282" height="188" class="img--noscript card__img universal-image__image" alt="An exercise bike in the center of a green background." /> The 8 Best Exercise Bikes for Home Workouts, Tested and Reviewed

Search URL Search Domain Scan URL

URL: https://www.health.com/style/high-waisted-leggings
Title: <img src="https://www.health.com/thmb/vTAm3Qf_-SlB2CWbh4RHdhV0HZs=/282x188/filters:no_upscale():max_bytes(150000):strip_icc()/15-best-high-waisted-workout-leggings-of-2023-dff5271163d3486db42ea67b87cf70f3.jpg" width="282" height="188" class="img--noscript card__img universal-image__image" alt="High Waisted Workout Leggings" /> The 15 Best High-Waisted Leggings for Every Workout

Search URL Search Domain Scan URL

URL: https://www.health.com/condition/menstruation/5-things-to-know-about-exercising-during-your-period
Title: <img src="https://www.health.com/thmb/J3zfUQ7GU8_CjTqeNH55i3dGXEg=/282x188/filters:no_upscale():max_bytes(150000):strip_icc()/Workout-on-period-89c2b0808aea43418b48fe3f497a300b.jpg" width="282" height="188" class="img--noscript card__img universal-image__image" alt="A woman doing a yoga workout in her apartment" /> Exercises to Do and Avoid While Working Out During Your Period

Search URL Search Domain Scan URL

URL: https://www.health.com/fitness/fitness-journals
Title: <img src="https://www.health.com/thmb/v8BO_4FRbshaGK9RkfutY4w3d4g=/282x188/filters:no_upscale():max_bytes(150000):strip_icc()/the-13-best-fitness-journals-9e1d2d406b7f4cb2a13c8d054bd3f728.jpg" width="282" height="188" class="img--noscript card__img universal-image__image" alt="The 13 Best Fitness Journals" /> The 13 Best Fitness Journals to Track Your Health and Wellness Goals

Search URL Search Domain Scan URL

URL: https://www.health.com/fitness/cardio-workouts/12-3-30-workout
Title: <img src="https://www.health.com/thmb/LgaQNZLr9jZwRiLntEHpLfzmlfM=/282x188/filters:no_upscale():max_bytes(150000):strip_icc()/Health-GettyImages-564725097-f422985b1b6c4ea1857b87e12ca560ef.jpg" width="282" height="188" class="img--noscript card__img universal-image__image" alt="Man walking on inclined treadmill" /> Is the '12-3-30' Treadmill Routine a Good Workout?

Search URL Search Domain Scan URL

URL: https://www.health.com/fitness/nauseous-from-working-out
Title: <img src="https://www.health.com/thmb/0nOpoI-3AckOstEuyzDfN4fng6U=/282x188/filters:no_upscale():max_bytes(150000):strip_icc()/gettyimages-157334099-2000-fe0b5bd962a6415c80cc1433079c61b7.jpg" width="282" height="188" class="img--noscript card__img universal-image__image" alt="Woman sitting down after workout feeling nauseous" /> 7 Reasons for Nausea After a Workout

Search URL Search Domain Scan URL

URL: https://www.dotdashmeredith.com/brands-privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.dotdashmeredith.com/brands-termsofservice
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.dotdashmeredith.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.dotdashmeredith.com/advertising
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.health.com/weight-loss/30-simple-diet-and-fitness-tips#toc-contact-us
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.dotdashmeredith.com/
Title: Dotdash Meredith

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fusv518.com%2F&domain=usv518.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=JgBBOXxsZXNqUUZsOEhqRkt1MzlDRU9EcjBtelRpdWQvK05VN0s2M2doZUlNci9rNGlZclJjK0F1eWI1WTNpVkpEVmN1K2tkdkxYRCtFbWNJYjc1ZW02RG9HZmFFWFJNbUxhbjBvSTQrSndIbHlFazdaZm9hR2YvSVJrNVBKRWI1clRKRmgzSG1NRDZHSktuM0NkVThLNHgzblJ4YTFDMStNWVJ4LzhvaVllSWNrYm5GMGRhUlBZVWxGemZoa2g4MGFUaTVodjk2S1h3QUtWVTNJVkNQYUE5OHJkZ2kzK1FsYWJHR1AzVldsSTFIVEV3PXw&cppv=2

Request Chain 25

https://rp.liadm.com/j?dtstmp=1702164139447&se=e30&duid=c1f793757d80--01hh8e72wv0adxjfw4pt0c8900&pu=https%3A%2F%2Fusv518.com%2F&wpn=prebid HTTP 302
https://rp4.liadm.com/j?se=e30&duid=c1f793757d80--01hh8e72wv0adxjfw4pt0c8900&dtstmp=1702164139447&wpn=prebid&pu=https%3A%2F%2Fusv518.com%2F&i6=MjAwMTo1NTA6MWQwNToxOjo3

Request Chain 72

https://sb.scorecardresearch.com/b?c1=2&c2=6036459&ns__t=1702164140934&ns_c=UTF-8&c8=26%20Simple%20Diet%20and%20Fitness%20Tips&c7=https%3A%2F%2Fusv518.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6036459&ns__t=1702164140934&ns_c=UTF-8&c8=26%20Simple%20Diet%20and%20Fitness%20Tips&c7=https%3A%2F%2Fusv518.com%2F&c9=

Request Chain 73

https://idsync.rlcdn.com/459989.gif?partner_uid=58ddbb47-18e6-4d9e-8ff6-3d79cee9252d HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CNWJHBIwCiwIARDH8QEaJDU4ZGRiYjQ3LTE4ZTYtNGQ5ZS04ZmY2LTNkNzljZWU5MjUyZBAAGg0Ire3TqwYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=184e8484316695b97e3bb84a9f5e5d1c2ac816c1908210517d26c3234ae40bbf791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=184e8484316695b97e3bb84a9f5e5d1c2ac816c1908210517d26c3234ae40bbf791426b5417dce21&rand=00998415 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=184e8484316695b97e3bb84a9f5e5d1c2ac816c1908210517d26c3234ae40bbf791426b5417dce21&rand=00998415&expected_cookie=910b66ed-5d68-4911-aadc-1b7c8e456f97

Request Chain 74

https://sb.scorecardresearch.com/c2/6036459/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 88

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOC6o_afKhCwCRiwCTIIyPC0mtCeWjM HTTP 301
https://tpc.googlesyndication.com/simgad/7775594092382834397

Request Chain 105

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOC6o_afKhCwCRiwCTIIyPC0mtCeWjM HTTP 301
https://tpc.googlesyndication.com/simgad/7775594092382834397

Request Chain 113

https://securepubads.g.doubleclick.net/pagead/adview?ai=CInqerPZ0ZaeUEtXH6toPitmfkAeF6Y_adNKZrPOkErnu8MiqARABIKj9wBJgyYaAgNyjxBCgAaHAmPEoyAEJqQJJKF1x_LeCPuACAKgDAcgDywSqBKkCT9CKhKGuFUWzzmMW6eAQnRJ6x_Uju5g8QemqtVMp6U1HHtwduMiDuXiJUN1yYC5I9EeZaOvD3DMMyQ7_v9b9EosFkxi_255MhinZI1cXNqIMJ9mrMw4Q6i5FnCDbz6KowvmKejd-3mkvOjZ8E1-EC4tmBcldFrKTcSlnI4o8D59O0SflntoAm3TXABxWL_aatZIZj9N-JO-FJlRsk63x6QPhU4qUb7A1onxED3YfsH9U9lx5WaxZ2r7ESIop_w39Y4gotOuDXKlpby0__-xawSDKbMeomQL2D7b__Xxx_c_-U1xIGsgcGQt5EomPRA9NuT27Oy_CYSHJBsA-5E-o5_IWZMXCMFiV1EsJsKth_OhWpjf50OkYNeE_9auhK_x4JobUHkBCkv62wATqrpqpwATgBAGIBa2t-5pNkgUECAQYAZIFBAgFGASgBi6AB_Dq6ZIEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEN-fJ9IIHQiAYRABGB0yAooCOgKAQEi9_cE6WPz6t8e_g4MDmgn_AWh0dHBzOi8vd3d3LnRlbXUuY29tL2t1aXBlci91bjEuaHRtbD9zdWJqPWZlZWQtdW4mX2JnX2ZzPTEmX3BfbWF0MV90eXBlPTEmX3BfanVtcF9pZD03MjUmX3hfdnN0X3NjZW5lPWFkZyZsb2NhbGVfb3ZlcnJpZGU9MjExfmVuflVTRCZnb29kc19pZD02MDEwOTk1MTUwNjgyNjYmX3BfcmZzPTEmX3hfYWRzX3N1Yl9jaGFubmVsPW90aGVyJl94X2Fkc19jaGFubmVsPWdvb2dsZSZfeF9iZ19hZGlkPWdkMTg2MzkyNS0xJnRvcGljX2NsYXNzaWZ5PTEyNIAKA8gLAaIMFCoSChDktLEC7rWxArW4sQKsurEC2gwRCgsQoNWD9rCPjszJARICAQPiDRMI7bK4x7-DgwMV1aNaBR2K7Ady2BML0BUBgBcBshceChwIABIUcHViLTY5ODMzMDcyODk2ODkyMDYY2o4R&sigh=EVzlXAp02CQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSYADICaaN6kk1VcRDvdJeYwsqxOAjnD6ymmPzPDlrrHYJwQib9umVULAtGCWz-_-ILwwArvBT4fLEoyAimy0EcICPTP2a2OYaqOwLFS0yvWXctMC1F07IpF7YIiG0Hw1KhBgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xba87bb7b562ad1880000000000000000%22,%222%22:%220x11a46dcd6e39b3810000000000000000%22,%223%22:%220x56cfee8034934c9a0000000000000000%22,%224%22:%220x95dd17b70068c4d40000000000000000%22,%225%22:%220x1a7e84713981ac2a0000000000000000%22},%22debug_key%22:%221576187449921519131%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214269399517477685265%22}&andc=true

Request Chain 115

https://id5-sync.com/i/957/8.gif?id5id=ID5*3KTjbQYAn-T4cm47iDEPnR1wzn_ZGeWTcKQk-JX-PJFzzTTC0gl7Dhdp82CZf1Ixc89btaDVbIOK3pqh1wTA4g&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F957%2F441%2F7%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/957/441/7/2.gif?puid=u_c621e22d-80ad-49cc-989c-89d12d05b535&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1 HTTP 303
https://id5-sync.com/k/155.gif?puid=AAGruE7K6e0AABSRtWhjbw&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F957%2F108%2F5%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F957%2F108%2F5%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/957/108/5/4.gif?puid=e4cb3078-6ea4-4eea-a041-6a97974febda&gdpr=0&gdpr_consent= HTTP 302
https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F957%2F203%2F4%2F5.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/957/203/4/5.gif?puid=db8d4428-d7c9-47cb-8a3a-7ea3ed6c5ce7&gdpr=0&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-503075RPuRHmvmZhpd_A9OQeIjCNNc6ZMPSlfGrszA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F957%2F124%2F3%2F6.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-503075RPuRHmvmZhpd_A9OQeIjCNNc6ZMPSlfGrszA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F957%2F124%2F3%2F6.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/cq/957/124/3/6.gif?puid=f8a45600-dd97-4b48-bed9-0101691e7550&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=9bbfdd52-6469-429a-8a1f-09a08c7c7783&ttl=%%TTL%% HTTP 302
https://ce.lijit.com/merge?pid=85&3pid=AAGruE7K6e0AABSRtWhjbw&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F957%2F1241%2F1%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
https://ce.lijit.com/merge?pid=85&3pid=AAGruE7K6e0AABSRtWhjbw&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F957%2F1241%2F1%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5&dnr=1 HTTP 302
https://id5-sync.com/c/957/1241/1/8.gif?puid=Hy26dRZHARaGy6iCRrOLQ3Q7&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=27&3pid=9bbfdd52-6469-429a-8a1f-09a08c7c7783&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F957%2F1245%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
https://id5-sync.com/c/957/1245/0/9.gif?puid=Hy26dRZHARaGy6iCRrOLQ3Q7&gdpr=0&gdpr_consent=

Request Chain 118

https://securepubads.g.doubleclick.net/pagead/adview?ai=CO1h9rPZ0ZfO5LZ6N6toPu_uVkAmF6Y_adNKZrPOkEpu7y5yDFxABIKj9wBJgyYaAgNyjxBCgAaHAmPEoyAEJqQJJKF1x_LeCPuACAKgDAcgDy4SAgASqBLACT9BPDwa0NegfVYo2suyAO74lJx2Vy4US-A3_I9PFLKRWhoQZ-EeXTW-DuiSCIvde4um2-AAbWl7AH9o6PT974Rzy9nhB9LsXw6-zK248Q4Ua4pQDDEEvuoUF6NjOm3mAo3Mf40i5AfrEhHLBrDKvrEbBEG-4t-XkljtdAtXH1urz_udc2XSuleoecmmbO6S_Q21V_23EKXC0ccpZF6bAS8cNLBbnpKDk8EqmKRlN5Ec0rC16IdVtgClomzzt6_a0IgQFLCUQAEfH5ApEY1_lUpJQiK8UvgEFwP4heKioAgKWp0ds4IW3OU0xEsP_MIPaXswDHS-e7hcuPMg_YUrK-W9q9gHxjnZeQfboVpYhPXgocMzKOQtrPh-02bIr7RGD1zS7YKC6lQSMOGjw1NO9XMAE6q6aqcAE4AQBiAWtrfuaTZIFBAgEGAGSBQQIBRgEoAYugAfw6umSBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBCAwzXSCB0IgGEQARgdMgKKAjoCgEBIvf3BOligjrrHv4ODA5oJ_wFodHRwczovL3d3dy50ZW11LmNvbS9rdWlwZXIvdW4xLmh0bWw_c3Viaj1mZWVkLXVuJl9iZ19mcz0xJl9wX21hdDFfdHlwZT0xJl9wX2p1bXBfaWQ9NzI1Jl94X3ZzdF9zY2VuZT1hZGcmbG9jYWxlX292ZXJyaWRlPTIxMX5lbn5VU0QmZ29vZHNfaWQ9NjAxMDk5NTE1MDY4MjY2Jl9wX3Jmcz0xJl94X2Fkc19zdWJfY2hhbm5lbD1vdGhlciZfeF9hZHNfY2hhbm5lbD1nb29nbGUmX3hfYmdfYWRpZD1nZDE4NjM5MjUtMSZ0b3BpY19jbGFzc2lmeT0xMjSACgPICwGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAtoMEAoKELDe4pmn0cD5PhICAQPiDRMIrcG6x7-DgwMVnoZaBR27fQWS2BML0BUBgBcBshceChwIABIUcHViLTY5ODMzMDcyODk2ODkyMDYY2o4R&sigh=9UbyNLzuOaE&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSiwEAyAmmjSCDmdlY3A0gud44PEZ7PBjeqgWmmbMJcpRnFAcSiG3AaRlMOQtscFMU0zcFM1eLuyDXEV-uc6lTNG5BPVcdJ8o57319hjuKa5t8CehnouS3f0iIqEu1KkC_tMnzzDZU066FI2ITAxNjiVLy11giHlZjL7mceM-Hfz1nYUmrgW6YDL1TEG2yGAE&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xba87bb7b562ad1880000000000000000%22,%222%22:%220x11a46dcd6e39b3810000000000000000%22,%223%22:%220x56cfee8034934c9a0000000000000000%22,%224%22:%220x95dd17b70068c4d40000000000000000%22,%225%22:%220x1a7e84713981ac2a0000000000000000%22},%22debug_key%22:%2213666952024828547209%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22500357391625169441%22}&andc=true

Request Chain 126

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=1005818&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=1005818&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1 HTTP 302
https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZXT2r7t8-GJ965h3pf0jpAAA HTTP 302
https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZXT2r7t8-GJ965h3pf0jpAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662091143077437

Request Chain 127

https://match.adsrvr.org/track/usersync?us_privacy=&gdpr=0&gdpr_consent=undefined&ust=image HTTP 302
https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=9bbfdd52-6469-429a-8a1f-09a08c7c7783 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=9bbfdd52-6469-429a-8a1f-09a08c7c7783

Request Chain 128

https://image8.pubmatic.com/AdServer/ImgSync?p=158139 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=158139&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzY0NzY1OEQtMzFGQy00MjUyLUI3OEQtODk1NTNBMDBEODZF&gdpr=-1&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

127 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
usv518.com/ 243 KB
47 KB 826ms
637ms Document
text/html 104.21.40.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usv518.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed14ad16d7ca467d578ac692a3bc317e39b2bede07d7c266bcd4dc064ca74895

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8330fd44eb0621e7-MIA
content-encoding: br
content-type: text/html;charset=utf-8
date: Sat, 09 Dec 2023 23:22:18 GMT
expires: Sat, 09 Dec 2023 23:22:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1wFoJVP9x7u0dO31V5cbLOlJKX69fFmoD5rfeS41cBUYzW8wPiMALZ68yiJDnP0kox60WgNnyFlpqX8YXHM0jtyYVayuS4pOTsuTAUiFgcnSEFF%2BwVTwfKJPk%2BD"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 eNqlV122oyAM3tBwXMR9nU1EjMotggewvd39hJ9atRTp3IcKCfmSECBJG-vACd5MoJzEhlvbeA7-aV4XxAQDslkCx1HLDs0q5FcnEOrJ0NOsFSpnGzDEIA1pZFwrRwskaRbuFoPdyorWj-wXVza6OxtAV9Ghzhrvwq-g4ia6AWkcUQyj-xpBDfhXWDKMJsssuZO26...
www.health.com/static/1.162.0/cache/ 129 KB
20 KB 125ms
34ms Stylesheet
text/css 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.health.com/static/1.162.0/cache/eNqlV122oyAM3tBwXMR9nU1EjMotggewvd39hJ9atRTp3IcKCfmSECBJG-vACd5MoJzEhlvbeA7-aV4XxAQDslkCx1HLDs0q5FcnEOrJ0NOsFSpnGzDEIA1pZFwrRwskaRbuFoPdyorWj-wXVza6OxtAV9Ghzhrvwq-g4ia6AWkcUQyj-xpBDfhXWDKMJsssuZO26l1K81JERgTpxk47WmMV8scIHugaKJmkc1vJ2aDnCDVkWIWNKriKgda0alpD0twsUxuPYkPnHHqDPEGdbOO4h-MG6jXZpT0qe7L-Q9-EDnZEIajtXQqFKYpxXrL4EP9AFBY3asOc1tKJuXSRnTOiXfwxRX82DCYcThUPKllpKqzt3Ir2aj3d3CeruQDJiBMTyUqe3MMNLoN5v8EkbEcw8clPJMm23JzhLLoW5PDHUVCYnRH5eCArXA550mfwO91R7_L3LVGsNRq6T7JP0LXTGHWw79uvPCmAMyUj1KT4LQCjlDcziD63yQk7AUlsNjSaO9srfSPci4H8YRxmf5c-8z3cUs7K9SmDG90kw-eT40oja6Xml_ioe4SgmJLD5ZeqOEipF1e6uw8tPWLXAr-8MErgCa31zUcLytflPVny3erFcLQMFMVPuMeLf2WWEjPYeHnwZyYItOR02HsB81DLkq0YpQPzU7xQPo-vLtuKzsj4BoYZEPJEuBVSthpMwlmSvNzZk_sZvBqnaO26SZ-RrthYL_FH-JOAriYOMtTl4NK7PvFExCKP9dAgF4anoXSEpIhJ6hqfs5xeHoNWEM6rDp_36WlRFEdjqarERHWgc8BB6hZkYy9i9lVlbdT3dAGZmp84nFRd6iWkcPdQdjfzHKrXZiIbvvn2RRLBUO3bkyfGokfB1nN6gukXKS03iCrg9mQhCL3WjoIQhzMbQSjqX6d1GJ-07Y6o65Lo70YHdmTP-_BomLIr5xs9h776QxdU6iENxbyvO7IUvgVPFN6sROcjkTS_cP4BaZK9ag.min.css

Requested by

Host: usv518.com
URL: https://usv518.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c299eb1c547a7c785f99a2e7d9b46a0cd0ca862c049d597f3a414cc76811961b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.health.com
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.health.com
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.health.com
strict-transport-security: max-age=15552000
content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.health.com
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 23:22:18 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
via: 1.1 varnish, 1.1 varnish
age: 154018
x-cache: HIT, HIT
content-length: 19836
x-served-by: cache-iad-kcgs7200038-IAD, cache-iad-kiad7000108-IAD, cache-mia-kmia1760066-MIA
referrer-policy: no-referrer-when-downgrade
x-timer: S1702164138.480395,VS0,VE1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7818/re.p"}]}
content-type: text/css;charset=utf-8
x-abt-application-version: 1.162.0
cache-control: max-age=31556926
accept-ranges: bytes
x-cache-hits: 7, 3

GET
H2 200 eNqFk2FuwyAMhS80xh0mTfs7Vb2AAw5xQ3AGJlV7-jnV1LUdS6UIJX6fw8M2tggIOTtBkojW8TRzwiTFRjhxFXso-hg3oBtf7D18WKHzqdAZleDUU3hEfr4ideUOb_2KwaNvCI55pGZKFYokba1PZkv2PG3qH5_7RnTB5DlbGTKLhhpERmUq7jO4kVJoEJO-mC4jj... Show response
www.health.com/static/1.162.0/cache/ 109 KB
34 KB 130ms
39ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.health.com/static/1.162.0/cache/eNqFk2FuwyAMhS80xh0mTfs7Vb2AAw5xQ3AGJlV7-jnV1LUdS6UIJX6fw8M2tggIOTtBkojW8TRzwiTFRjhxFXso-hg3oBtf7D18WKHzqdAZleDUU3hEfr4ideUOb_2KwaNvCI55pGZKFYokba1PZkv2PG3qH5_7RnTB5DlbGTKLhhpERmUq7jO4kVJoEJO-mC4jjDOTFvqKqDYgRBk8i9uyd9MkV3J_WRobzbUrtWsIu_1bIyqr5Z107wveuroxDqcON7yAv_S4JvqqaEpkMWuvn2cI5ICi1TIFeoxU5JrzFw6ztM4KAc1CeNzYLch0GadIbjTyT4MeB7a81rQgxUGHcKsRRXJ1UjP69SaIxtb04ozafl6BTGEQk4Hic5b0niUSNL9JRmEtQP4G1hlwYA.min.js

Requested by

Host: usv518.com
URL: https://usv518.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0ca439ae95b1e3223806c8eae156e96a7425e845d6286f80c55ee919c551dd54

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.health.com
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.health.com
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.health.com
content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.health.com
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
date: Sat, 09 Dec 2023 23:22:18 GMT
age: 188586
x-cache: HIT, HIT
content-length: 34368
x-served-by: cache-iad-kjyo7100021-IAD, cache-iad-kjyo7100021-IAD, cache-mia-kmia1760066-MIA
referrer-policy: no-referrer-when-downgrade
x-timer: S1702164138.480325,VS0,VE2
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7818/re.p"}]}
content-type: application/javascript;charset=utf-8
x-abt-application-version: 1.162.0
cache-control: max-age=31556926
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 icon-error.png
www.health.com/static/1.162.0/icons/symbols/ 833 B
1003 B 145ms
145ms Image
image/png 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.health.com/static/1.162.0/icons/symbols/icon-error.png

Requested by

Host: usv518.com
URL: https://usv518.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5fee74b1af0e1a3691da012bf658411db5e629546eb5e0ecfe187d171f094dfe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.health.com
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.health.com
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.health.com
strict-transport-security: max-age=15552000
content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.health.com
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 23:22:18 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
age: 188698
x-cache: MISS, HIT
content-length: 833
x-served-by: cache-iad-kjyo7100177-IAD, cache-iad-kjyo7100177-IAD, cache-mia-kmia1760066-MIA
referrer-policy: no-referrer-when-downgrade
x-timer: S1702164138.493872,VS0,VE1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7818/re.p"}]}
content-type: image/png;charset=utf-8
x-abt-application-version: 1.162.0
cache-control: max-age=31556926
accept-ranges: bytes
x-cache-hits: 0, 7

GET
H2 200 eating-berries-oats-GettyImages-968935098-2000-17acc2971bda4402815669d5d1c96258.jpg
www.health.com/thmb/_40aFZ1mPkSswFujQu5Sbh3arEY=/750x0/filters:no_upscale():max_bytes(150000):strip_icc()/ 50 KB
51 KB 149ms
149ms Image
image/jpeg 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.health.com/thmb/_40aFZ1mPkSswFujQu5Sbh3arEY=/750x0/filters:no_upscale():max_bytes(150000):strip_icc()/eating-berries-oats-GettyImages-968935098-2000-17acc2971bda4402815669d5d1c96258.jpg
Requested by: Host: usv518.com
URL: https://usv518.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 917a3363e01b9d2ffcf9156ab3c078651d3b6d3dda7c683770bb7eaa422777d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:18 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
age: 3938011
x-cache: HIT, HIT
content-length: 51533
x-served-by: cache-iad-kjyo7100051-IAD, cache-iad-kjyo7100084-IAD, cache-mia-kmia1760066-MIA
last-modified: Thu, 28 Apr 2022 18:39:55 GMT
server: AmazonS3
x-timer: S1702164138.494014,VS0,VE2
etag: "971705919b1ead4c602006aeffc3b66f"
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7818/re.p"}]}
content-type: image/jpeg
cache-control: max-age=31536000,public,no-transform
accept-ranges: bytes
x-robots-tag: noai, noimageai
x-cache-hits: 11, 1

GET
H2 200 icon-check-circle.png
www.health.com/static/1.162.0/icons/symbols/ 966 B
2 KB 34ms
34ms Image
image/png 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.health.com/static/1.162.0/icons/symbols/icon-check-circle.png

Requested by

Host: usv518.com
URL: https://usv518.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bab12959d9a1f918e24d77d6913a2ba4b19a7fbb1dfef010a10fd7fa51f88533

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.health.com
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.health.com
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.health.com
strict-transport-security: max-age=15552000
content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.health.com
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 23:22:18 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
age: 188698
x-cache: MISS, HIT
content-length: 966
x-served-by: cache-iad-kjyo7100126-IAD, cache-iad-kjyo7100126-IAD, cache-mia-kmia1760066-MIA
referrer-policy: no-referrer-when-downgrade
x-timer: S1702164139.645317,VS0,VE0
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7818/re.p"}]}
content-type: image/png;charset=utf-8
x-abt-application-version: 1.162.0
cache-control: max-age=31556926
accept-ranges: bytes
x-cache-hits: 0, 14

GET
H2 200 eNqNVGtyozAMvtB6mZ5h_-4lZCxAibCpZUjp6StM0hJKgBkGW2_ps6RCEiQqixZ8YizuFJOV4qLfe49x_FM8K6mgT8SUCMXYnjiZG6XGvNRu9WIG8MQMRsoYmNdaZWi74NEnKcgnjB64cFhhnOzzJaLbMSolVvn3IouFKn7M_ukTDZO_5kp_MXccQFVp9ZBmTRPxF... Show response
www.health.com/static/1.162.0/cache/ 175 KB
56 KB 38ms
37ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.health.com/static/1.162.0/cache/eNqNVGtyozAMvtB6mZ5h_-4lZCxAibCpZUjp6StM0hJKgBkGW2_ps6RCEiQqixZ8YizuFJOV4qLfe49x_FM8K6mgT8SUCMXYnjiZG6XGvNRu9WIG8MQMRsoYmNdaZWi74NEnKcgnjB64cFhhnOzzJaLbMSolVvn3IouFKn7M_ukTDZO_5kp_MXccQFVp9ZBmTRPxFinNmb4Q7Ti7katRzwapbtK_BnyN_0kSevW4xTzhK4XAibrHuVdKn5oQzcPgsuacCCahJGAjDcT82Ev623wrSYVcwxjpEMtmRZ6IO5DDYDqGcYb-crsTa9tVT7P8tbVg2uvAFupcS03VHnhudgifowF3ImWIKmc0FaKzUF5_MfbwalFE0zIW_NQaz-ROcAuCc4d34B1YDWc5LGJtDBNNkuCNhD6WmKskrx2N5iGSA5RFietoKckBgFaXgg0QZyylNFNu5od7YO5VNvwsmZk8frOK8YMmKBbvttCqOVhdQA2Cy1M4HVt6VYitak9jObU8QtROfiZ3cnE6J6G-H3lhbMXwMFCdMb8nokUOi-uBTdUz68pF9NnumTwGatrVcIPx4Lnh7W00cyFnC_4CFXZ6nw.min.js

Requested by

Host: usv518.com
URL: https://usv518.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

da3af5afaea2e74fe28d1eb402363bddd2254e5a5beb9961625774290fcc5f40

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.health.com
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.health.com
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.health.com
content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.health.com
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
date: Sat, 09 Dec 2023 23:22:18 GMT
age: 188731
x-cache: HIT, HIT
content-length: 57173
x-served-by: cache-iad-kiad7000092-IAD, cache-iad-kcgs7200095-IAD, cache-mia-kmia1760066-MIA
referrer-policy: no-referrer-when-downgrade
x-timer: S1702164139.669509,VS0,VE4
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7818/re.p"}]}
content-type: application/javascript;charset=utf-8
x-abt-application-version: 1.162.0
cache-control: max-age=31556926
accept-ranges: bytes
x-cache-hits: 11, 1

GET
H2 200 plusjakartasans.woff2
www.health.com/static/fonts/ 15 KB
16 KB 102ms
34ms Font
application/font-woff2 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.health.com/static/fonts/plusjakartasans.woff2

Requested by

Host: www.health.com
URL: https://www.health.com/static/1.162.0/cache/eNqlV122oyAM3tBwXMR9nU1EjMotggewvd39hJ9atRTp3IcKCfmSECBJG-vACd5MoJzEhlvbeA7-aV4XxAQDslkCx1HLDs0q5FcnEOrJ0NOsFSpnGzDEIA1pZFwrRwskaRbuFoPdyorWj-wXVza6OxtAV9Ghzhrvwq-g4ia6AWkcUQyj-xpBDfhXWDKMJsssuZO26l1K81JERgTpxk47WmMV8scIHugaKJmkc1vJ2aDnCDVkWIWNKriKgda0alpD0twsUxuPYkPnHHqDPEGdbOO4h-MG6jXZpT0qe7L-Q9-EDnZEIajtXQqFKYpxXrL4EP9AFBY3asOc1tKJuXSRnTOiXfwxRX82DCYcThUPKllpKqzt3Ir2aj3d3CeruQDJiBMTyUqe3MMNLoN5v8EkbEcw8clPJMm23JzhLLoW5PDHUVCYnRH5eCArXA550mfwO91R7_L3LVGsNRq6T7JP0LXTGHWw79uvPCmAMyUj1KT4LQCjlDcziD63yQk7AUlsNjSaO9srfSPci4H8YRxmf5c-8z3cUs7K9SmDG90kw-eT40oja6Xml_ioe4SgmJLD5ZeqOEipF1e6uw8tPWLXAr-8MErgCa31zUcLytflPVny3erFcLQMFMVPuMeLf2WWEjPYeHnwZyYItOR02HsB81DLkq0YpQPzU7xQPo-vLtuKzsj4BoYZEPJEuBVSthpMwlmSvNzZk_sZvBqnaO26SZ-RrthYL_FH-JOAriYOMtTl4NK7PvFExCKP9dAgF4anoXSEpIhJ6hqfs5xeHoNWEM6rDp_36WlRFEdjqarERHWgc8BB6hZkYy9i9lVlbdT3dAGZmp84nFRd6iWkcPdQdjfzHKrXZiIbvvn2RRLBUO3bkyfGokfB1nN6gukXKS03iCrg9mQhCL3WjoIQhzMbQSjqX6d1GJ-07Y6o65Lo70YHdmTP-_BomLIr5xs9h776QxdU6iENxbyvO7IUvgVPFN6sROcjkTS_cP4BaZK9ag.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

847dce60a52a4bb58320489d3df9dcf0daa69615deebb0f77c9c846bb005d7ed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.health.com
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.health.com
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.health.com/static/1.162.0/cache/eNqlV122oyAM3tBwXMR9nU1EjMotggewvd39hJ9atRTp3IcKCfmSECBJG-vACd5MoJzEhlvbeA7-aV4XxAQDslkCx1HLDs0q5FcnEOrJ0NOsFSpnGzDEIA1pZFwrRwskaRbuFoPdyorWj-wXVza6OxtAV9Ghzhrvwq-g4ia6AWkcUQyj-xpBDfhXWDKMJsssuZO26l1K81JERgTpxk47WmMV8scIHugaKJmkc1vJ2aDnCDVkWIWNKriKgda0alpD0twsUxuPYkPnHHqDPEGdbOO4h-MG6jXZpT0qe7L-Q9-EDnZEIajtXQqFKYpxXrL4EP9AFBY3asOc1tKJuXSRnTOiXfwxRX82DCYcThUPKllpKqzt3Ir2aj3d3CeruQDJiBMTyUqe3MMNLoN5v8EkbEcw8clPJMm23JzhLLoW5PDHUVCYnRH5eCArXA550mfwO91R7_L3LVGsNRq6T7JP0LXTGHWw79uvPCmAMyUj1KT4LQCjlDcziD63yQk7AUlsNjSaO9srfSPci4H8YRxmf5c-8z3cUs7K9SmDG90kw-eT40oja6Xml_ioe4SgmJLD5ZeqOEipF1e6uw8tPWLXAr-8MErgCa31zUcLytflPVny3erFcLQMFMVPuMeLf2WWEjPYeHnwZyYItOR02HsB81DLkq0YpQPzU7xQPo-vLtuKzsj4BoYZEPJEuBVSthpMwlmSvNzZk_sZvBqnaO26SZ-RrthYL_FH-JOAriYOMtTl4NK7PvFExCKP9dAgF4anoXSEpIhJ6hqfs5xeHoNWEM6rDp_36WlRFEdjqarERHWgc8BB6hZkYy9i9lVlbdT3dAGZmp84nFRd6iWkcPdQdjfzHKrXZiIbvvn2RRLBUO3bkyfGokfB1nN6gukXKS03iCrg9mQhCL3WjoIQhzMbQSjqX6d1GJ-07Y6o65Lo70YHdmTP-_BomLIr5xs9h776QxdU6iENxbyvO7IUvgVPFN6sROcjkTS_cP4BaZK9ag.min.css
Origin: https://usv518.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.health.com
content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.health.com
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 23:22:18 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
age: 2218579
x-cache: HIT, HIT
content-length: 15484
x-served-by: cache-iad-kjyo7100066-IAD, cache-iad-kjyo7100066-IAD, cache-mia-kmia1760062-MIA
referrer-policy: no-referrer-when-downgrade
x-timer: S1702164139.743400,VS0,VE1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7818/re.p"}]}
content-type: application/font-woff2;charset=utf-8
access-control-allow-origin: *
x-abt-application-version: 1.153.0
cache-control: max-age=31556926
accept-ranges: bytes
x-cache-hits: 1867, 8

GET
DATA 200
OK truncated
/ 492 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90558b7023dd8c461e9f68c62e57c0058cf64bd2b53a3146fb6e2a2bbb6dd9d0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/gif;charset=utf-8

GET
H2 200 source-serif-pro-v15-latin-regular.woff2
www.health.com/static/fonts/ 18 KB
18 KB 64ms
37ms Font
application/font-woff2 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.health.com/static/fonts/source-serif-pro-v15-latin-regular.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ae11e6cd19ef32c311a04ebfa1b2633bf3465f8b8a4a4babc8874fa8eec08abf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.health.com
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.health.com
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.health.com/static/1.162.0/cache/eNqlV122oyAM3tBwXMR9nU1EjMotggewvd39hJ9atRTp3IcKCfmSECBJG-vACd5MoJzEhlvbeA7-aV4XxAQDslkCx1HLDs0q5FcnEOrJ0NOsFSpnGzDEIA1pZFwrRwskaRbuFoPdyorWj-wXVza6OxtAV9Ghzhrvwq-g4ia6AWkcUQyj-xpBDfhXWDKMJsssuZO26l1K81JERgTpxk47WmMV8scIHugaKJmkc1vJ2aDnCDVkWIWNKriKgda0alpD0twsUxuPYkPnHHqDPEGdbOO4h-MG6jXZpT0qe7L-Q9-EDnZEIajtXQqFKYpxXrL4EP9AFBY3asOc1tKJuXSRnTOiXfwxRX82DCYcThUPKllpKqzt3Ir2aj3d3CeruQDJiBMTyUqe3MMNLoN5v8EkbEcw8clPJMm23JzhLLoW5PDHUVCYnRH5eCArXA550mfwO91R7_L3LVGsNRq6T7JP0LXTGHWw79uvPCmAMyUj1KT4LQCjlDcziD63yQk7AUlsNjSaO9srfSPci4H8YRxmf5c-8z3cUs7K9SmDG90kw-eT40oja6Xml_ioe4SgmJLD5ZeqOEipF1e6uw8tPWLXAr-8MErgCa31zUcLytflPVny3erFcLQMFMVPuMeLf2WWEjPYeHnwZyYItOR02HsB81DLkq0YpQPzU7xQPo-vLtuKzsj4BoYZEPJEuBVSthpMwlmSvNzZk_sZvBqnaO26SZ-RrthYL_FH-JOAriYOMtTl4NK7PvFExCKP9dAgF4anoXSEpIhJ6hqfs5xeHoNWEM6rDp_36WlRFEdjqarERHWgc8BB6hZkYy9i9lVlbdT3dAGZmp84nFRd6iWkcPdQdjfzHKrXZiIbvvn2RRLBUO3bkyfGokfB1nN6gukXKS03iCrg9mQhCL3WjoIQhzMbQSjqX6d1GJ-07Y6o65Lo70YHdmTP-_BomLIr5xs9h776QxdU6iENxbyvO7IUvgVPFN6sROcjkTS_cP4BaZK9ag.min.css
Origin: https://usv518.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.health.com
content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.health.com
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 23:22:18 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
age: 2729745
x-cache: HIT, HIT
content-length: 18044
x-served-by: cache-iad-kiad7000095-IAD, cache-iad-kiad7000095-IAD, cache-mia-kmia1760062-MIA
referrer-policy: no-referrer-when-downgrade
x-timer: S1702164139.743765,VS0,VE1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7818/re.p"}]}
content-type: application/font-woff2;charset=utf-8
access-control-allow-origin: *
x-abt-application-version: 1.152.0
cache-control: max-age=31556926
accept-ranges: bytes
x-cache-hits: 14912, 8

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 270 KB
66 KB 224ms
72ms Script
application/javascript 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.health.com
URL: https://www.health.com/static/1.162.0/cache/eNqFk2FuwyAMhS80xh0mTfs7Vb2AAw5xQ3AGJlV7-jnV1LUdS6UIJX6fw8M2tggIOTtBkojW8TRzwiTFRjhxFXso-hg3oBtf7D18WKHzqdAZleDUU3hEfr4ideUOb_2KwaNvCI55pGZKFYokba1PZkv2PG3qH5_7RnTB5DlbGTKLhhpERmUq7jO4kVJoEJO-mC4jjDOTFvqKqDYgRBk8i9uyd9MkV3J_WRobzbUrtWsIu_1bIyqr5Z107wveuroxDqcON7yAv_S4JvqqaEpkMWuvn2cI5ICi1TIFeoxU5JrzFw6ztM4KAc1CeNzYLch0GadIbjTyT4MeB7a81rQgxUGHcKsRRXJ1UjP69SaIxtb04ozafl6BTGEQk4Hic5b0niUSNL9JRmEtQP4G1hlwYA.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd0464c1b94d39e8958ba7a4c594cec1c1625ec4c5c154aa9ffc51de38e04da6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 22:43:25 GMT
content-encoding: gzip
via: 1.1 ffa4b37ccdc94a8c62bf6b6414725210.cloudfront.net (CloudFront), 1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 22:47:10 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK50-P3
age: 2334
x-amz-server-side-encryption: AES256
etag: W/"ccfaf15c322e197d2e6d0d6bd5642adc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: KcQDlsGO27jl1LjQBK7PPsz8PQh1V77A9Fx94BE2K-QPTm1C9JbKzA==

GET
H2 200 segments Show response
d30qdagvt44524.cloudfront.net/production/ 15 B
376 B 457ms
151ms Script
text/javascript 2600:9000:24f0:c000:19:bcbe:a700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d30qdagvt44524.cloudfront.net/production/segments?muid=58ddbb47-18e6-4d9e-8ff6-3d79cee9252d
Requested by: Host: www.health.com
URL: https://www.health.com/static/1.162.0/cache/eNqFk2FuwyAMhS80xh0mTfs7Vb2AAw5xQ3AGJlV7-jnV1LUdS6UIJX6fw8M2tggIOTtBkojW8TRzwiTFRjhxFXso-hg3oBtf7D18WKHzqdAZleDUU3hEfr4ideUOb_2KwaNvCI55pGZKFYokba1PZkv2PG3qH5_7RnTB5DlbGTKLhhpERmUq7jO4kVJoEJO-mC4jjDOTFvqKqDYgRBk8i9uyd9MkV3J_WRobzbUrtWsIu_1bIyqr5Z107wveuroxDqcON7yAv_S4JvqqaEpkMWuvn2cI5ICi1TIFeoxU5JrzFw6ztM4KAc1CeNzYLch0GadIbjTyT4MeB7a81rQgxUGHcKsRRXJ1UjP69SaIxtb04ozafl6BTGEQk4Hic5b0niUSNL9JRmEtQP4G1hlwYA.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:c000:19:bcbe:a700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 727b3ff0c716fa8e38788e3dab83691b06edf37ca523b826f9ef67700021516b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:19 GMT
via: 1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
x-amzn-trace-id: Root=1-6574f6ab-5c94c2383ca0f566230ee2d2;Sampled=0;lineage=abd734a0:0
x-amzn-requestid: 687987c5-7c36-4d47-9e57-5527ed07185f
x-cache: Miss from cloudfront
content-type: text/javascript
x-amz-apigw-id: Pst6yHyBIAMEqkw=
content-length: 15
x-amz-cf-id: gszRniVSdIkSDf7yXLyBHWNGsEBPkcUWztv9R_kmmgJmrsggZweWzw==

GET
H2 200 prebid.js Show response
www.health.com/static/1.162.0/static/mantle/static/js/prebidjs/default/dist/ 461 KB
147 KB 35ms
35ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.health.com/static/1.162.0/static/mantle/static/js/prebidjs/default/dist/prebid.js

Requested by

Host: www.health.com
URL: https://www.health.com/static/1.162.0/cache/eNqFk2FuwyAMhS80xh0mTfs7Vb2AAw5xQ3AGJlV7-jnV1LUdS6UIJX6fw8M2tggIOTtBkojW8TRzwiTFRjhxFXso-hg3oBtf7D18WKHzqdAZleDUU3hEfr4ideUOb_2KwaNvCI55pGZKFYokba1PZkv2PG3qH5_7RnTB5DlbGTKLhhpERmUq7jO4kVJoEJO-mC4jjDOTFvqKqDYgRBk8i9uyd9MkV3J_WRobzbUrtWsIu_1bIyqr5Z107wveuroxDqcON7yAv_S4JvqqaEpkMWuvn2cI5ICi1TIFeoxU5JrzFw6ztM4KAc1CeNzYLch0GadIbjTyT4MeB7a81rQgxUGHcKsRRXJ1UjP69SaIxtb04ozafl6BTGEQk4Hic5b0niUSNL9JRmEtQP4G1hlwYA.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cc7866cb30d4d96494e616c19331c85dc123f71c8447b95ae7c44dc8ff96d79d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.health.com
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.health.com
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.health.com
content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.health.com
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
date: Sat, 09 Dec 2023 23:22:18 GMT
age: 188731
x-cache: HIT, HIT
content-length: 150153
x-served-by: cache-iad-kjyo7100044-IAD, cache-iad-kjyo7100044-IAD, cache-mia-kmia1760066-MIA
referrer-policy: no-referrer-when-downgrade
x-timer: S1702164139.820606,VS0,VE2
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7818/re.p"}]}
content-type: application/javascript;charset=utf-8
x-abt-application-version: 1.162.0
cache-control: max-age=31556926
accept-ranges: bytes
x-cache-hits: 28, 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 410ms
126ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adb9929af16d4f0eee3d9765464d580492566f0818d213d6748af38ee0355820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29067
x-xss-protection: 0
server: cafe
etag: 481 / 19700 / 31080021 / config-hash: 18041799505519846586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 23:22:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 328 KB
98 KB 362ms
81ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P3X3VT7

Requested by

Host: usv518.com
URL: https://usv518.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2ecafde4bb13020fe3582ba845ab334f0448f6feaa622d17b9a15da32675a9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100318
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Dec 2023 23:22:19 GMT

POST
H2 200 / Show response
usv518.com/ 242 KB
47 KB 638ms
636ms XHR
text/html 104.21.40.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usv518.com/?url=https%3A%2F%2Fusv518.com%2F
Requested by: Host: www.health.com
URL: https://www.health.com/static/1.162.0/cache/eNqFk2FuwyAMhS80xh0mTfs7Vb2AAw5xQ3AGJlV7-jnV1LUdS6UIJX6fw8M2tggIOTtBkojW8TRzwiTFRjhxFXso-hg3oBtf7D18WKHzqdAZleDUU3hEfr4ideUOb_2KwaNvCI55pGZKFYokba1PZkv2PG3qH5_7RnTB5DlbGTKLhhpERmUq7jO4kVJoEJO-mC4jjDOTFvqKqDYgRBk8i9uyd9MkV3J_WRobzbUrtWsIu_1bIyqr5Z107wveuroxDqcON7yAv_S4JvqqaEpkMWuvn2cI5ICi1TIFeoxU5JrzFw6ztM4KAc1CeNzYLch0GadIbjTyT4MeB7a81rQgxUGHcKsRRXJ1UjP69SaIxtb04ozafl6BTGEQk4Hic5b0niUSNL9JRmEtQP4G1hlwYA.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a767164119117f308e2bf331ee6cd7eea4ba2849c2072a74eaba9ebae417df77

Request headers

Referer: https://usv518.com/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 09 Dec 2023 23:22:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teLcRaPeXVov4P1E1Vniy8Eti1gIyPyRcLDlLoEMNpAAD7nud6vwVjBgEMwSSfc4mn%2BI1iT05yV8GnH8aCdVuIVAnI889vktyfpOAJVRWh44uS77rsz6H4is4sBt"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8330fd4c0a5821e7-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Dec 2023 23:22:18 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 248ms
58ms Preflight
application/json 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fusv518.com%2F&domain=usv518.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://usv518.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://usv518.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 09 Dec 2023 23:22:18 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 403628
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fusv518.com%2F&domain=usv518.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=JgBBOXxsZXNqUUZsOEhqRkt1MzlDRU9EcjBtelRpdWQvK05VN0s2M2doZUlNci9rNGlZclJjK0F1eWI1WTNpVkpEVmN1K2tkdkxYRCtFbWNJYjc1ZW02RG9HZmFFWFJNbUxhbjBvSTQrSndIbHlFazdaZm9hR2YvSVJrNV...

362 B
650 B

168ms
56ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=JgBBOXxsZXNqUUZsOEhqRkt1MzlDRU9EcjBtelRpdWQvK05VN0s2M2doZUlNci9rNGlZclJjK0F1eWI1WTNpVkpEVmN1K2tkdkxYRCtFbWNJYjc1ZW02RG9HZmFFWFJNbUxhbjBvSTQrSndIbHlFazdaZm9hR2YvSVJrNVBKRWI1clRKRmgzSG1NRDZHSktuM0NkVThLNHgzblJ4YTFDMStNWVJ4LzhvaVllSWNrYm5GMGRhUlBZVWxGemZoa2g4MGFUaTVodjk2S1h3QUtWVTNJVkNQYUE5OHJkZ2kzK1FsYWJHR1AzVldsSTFIVEV3PXw&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

63309939cb4a2a54802141c4809c7ebb51ef0459b3fcc57a4933fbcb17f9d408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 23:22:18 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 756649
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 23:22:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
access-control-allow-origin: https://usv518.com
location: https://mug.criteo.com/sid?cpp=JgBBOXxsZXNqUUZsOEhqRkt1MzlDRU9EcjBtelRpdWQvK05VN0s2M2doZUlNci9rNGlZclJjK0F1eWI1WTNpVkpEVmN1K2tkdkxYRCtFbWNJYjc1ZW02RG9HZmFFWFJNbUxhbjBvSTQrSndIbHlFazdaZm9hR2YvSVJrNVBKRWI1clRKRmgzSG1NRDZHSktuM0NkVThLNHgzblJ4YTFDMStNWVJ4LzhvaVllSWNrYm5GMGRhUlBZVWxGemZoa2g4MGFUaTVodjk2S1h3QUtWVTNJVkNQYUE5OHJkZ2kzK1FsYWJHR1AzVldsSTFIVEV3PXw&cppv=2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 493555
content-length: 0
expires: 0

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 46113 Show response
idx.liadm.com/idex/prebid/ 50 B
452 B 262ms
61ms Fetch
application/json 54.82.17.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/prebid/46113?duid=c1f793757d80--01hh8e72wv0adxjfw4pt0c8900&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=medianet&resolve=magnite&resolve=pubmatic&resolve=openx

Requested by

Host: www.health.com
URL: https://www.health.com/static/1.162.0/static/mantle/static/js/prebidjs/default/dist/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.17.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-17-205.compute-1.amazonaws.com

Software

Resource Hash

2f265aedd803ecf79ebdae2e5cc17e321dd5aab05c83061e98fecdc47ede3006

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 09 Dec 2023 23:22:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 2
content-type: application/json
access-control-allow-origin: https://usv518.com
cache-control: max-age=86399, private
access-control-allow-credentials: true
trace-id: a1f09395967cad91
content-length: 50
expires: Sun, 10 Dec 2023 23:22:19 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
560 B 245ms
59ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=uyuqun9&fmt=json
Requested by: Host: www.health.com
URL: https://www.health.com/static/1.162.0/static/mantle/static/js/prebidjs/default/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 44226fb374957695322423ac2401982cdc94b837295a4461fbc0176902d0a8fe

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 09 Dec 2023 23:22:19 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://usv518.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Mon, 08 Jan 2024 23:22:19 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 230ms
105ms XHR
application/javascript 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:20 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 6741f9acf28bc52b25f06e9986a71e26.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: YJRu9mIQ8-3KT9SjHQi2FtOUIWjoi6mhdpgjppfZKlGvca5ncQHMog==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 68ms
67ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3077
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 08 Dec 2024 22:31:02 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 61 B
77 B 226ms
90ms XHR
application/json 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=usv518.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b892059064a3641c6f49b51238f32533a8ca9e4bbe202962ed1977b6e04afa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
x-xss-protection: 0
expires: Sat, 09 Dec 2023 23:22:19 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 275ms
56ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 09 Dec 2023 23:22:19 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 395186
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 127ms
34ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3X3VT7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 23:13:11 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 548
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 10 Dec 2023 01:13:11 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1702164139447&se=e30&duid=c1f793757d80--01hh8e72wv0adxjfw4pt0c8900&pu=https%3A%2F%2Fusv518.com%2F&wpn=prebid
https://rp4.liadm.com/j?se=e30&duid=c1f793757d80--01hh8e72wv0adxjfw4pt0c8900&dtstmp=1702164139447&wpn=prebid&pu=https%3A%2F%2Fusv518.com%2F&i6=MjAwMTo1NTA6MWQwNToxOjo3

13 B
318 B

292ms
60ms

Fetch
application/json

34.225.218.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?se=e30&duid=c1f793757d80--01hh8e72wv0adxjfw4pt0c8900&dtstmp=1702164139447&wpn=prebid&pu=https%3A%2F%2Fusv518.com%2F&i6=MjAwMTo1NTA6MWQwNToxOjo3
Protocol: H2
Server: 34.225.218.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-218-210.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:19 GMT
x-pixel-event-id: 8860868e-04c4-4683-9e05-023d83af094b
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: null
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: https://rp4.liadm.com/j?se=e30&duid=c1f793757d80--01hh8e72wv0adxjfw4pt0c8900&dtstmp=1702164139447&wpn=prebid&pu=https%3A%2F%2Fusv518.com%2F&i6=MjAwMTo1NTA6MWQwNToxOjo3
access-control-allow-origin: https://usv518.com
date: Sat, 09 Dec 2023 23:22:19 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

GET
H2 200 3446 Show response
config.aps.amazon-adsystem.com/configs/ 505 B
781 B 387ms
64ms Script
application/javascript 13.224.214.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3446
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-41.phl50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 82736fa40d3095feb1f0a4c1c58c68395f3f6cf30f8f72aef9cab94abb908fe5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:05:30 GMT
via: 1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PHL50-C1
age: 1009
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 505
x-amz-cf-id: qOi9ZoT4zLvY-9cMqgIwJoPBW545rf-CaFY3AiO-gW1HrfMMX8NK7A==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
2 KB 76ms
75ms XHR
application/json 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3446&u=https%3A%2F%2Fusv518.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: 8bc8bb2ef9a799f3719e64256b03f6e9e8ed60a1ba1d1337e03a1a23cd33ac03

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:32:58 GMT
via: 1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P3
age: 20961
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://usv518.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1392
x-amz-cf-id: q68hEDRpUK8lSs7dO9XR8iHkKaJViHd0CDp9zMqb1IH7DwDIsLn4Ow==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
499 B 401ms
85ms XHR
text/javascript 18.173.138.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3446&u=https%3A%2F%2Fusv518.com%2F&pid=B5aCyLxxYP3zo&cb=0&ws=1600x1200&v=23.1129.2055&t=1250&slots=%5B%7B%22sd%22%3A%22leaderboard-flex-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F3865%2Fddm.usv518.com%2Ftier1%2Fstructuredcontent%2Fdiv-gpt-leaderboard-flex-1%22%2C%22kv%22%3A%7B%7D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22square-flex-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F3865%2Fddm.usv518.com%2Ftier1%2Fstructuredcontent%2Fdiv-gpt-square-flex-1%22%2C%22kv%22%3A%7B%7D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%5D&pj=%7B%22tax1%22%3A%22hlt_Wellness%22%2C%22tax2%22%3A%22hlt_Nutrition%22%2C%22si_section%22%3A%22hlt_Nutrition%22%2C%22tax0%22%3A%22hlt_Homepage%22%2C%22tax3%22%3A%22hlt_eat-well%22%2C%22si_pagegroup%22%3A%22Wellness%22%7D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22tax1%22%3A%22hlt_Wellness%22%2C%22tax2%22%3A%22hlt_Nutrition%22%2C%22si_section%22%3A%22hlt_Nutrition%22%2C%22tax0%22%3A%22hlt_Homepage%22%2C%22tax3%22%3A%22hlt_eat-well%22%2C%22si_pagegroup%22%3A%22Wellness%22%7D%7D%7D%7D%7D&bb=[]&schain=1.0%2C1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.138.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-138-29.jfk52.r.cloudfront.net

Software

Server /

Resource Hash

159bd804f3a207ce59088ef63f186ba5b3d906d5245b7bfa882a6a6c3f6a9314

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:19 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 e2730004afe9197a527c2569a0e0d39a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK52-P2
x-amz-rid: 3QMRDEA0P24MD348EAZZ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://usv518.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: XEt_U3R776c539P-7YD1xG8mJwKCCF1tMUx3toZILLufmVH6fN1FzQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
498 B 394ms
86ms XHR
text/javascript 18.173.138.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3446&u=https%3A%2F%2Fusv518.com%2F&pid=B5aCyLxxYP3zo&cb=1&ws=1600x1200&v=23.1129.2055&t=1250&slots=%5B%7B%22sd%22%3A%22square-flex-2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F3865%2Fddm.usv518.com%2Ftier1%2Fstructuredcontent%2Fdiv-gpt-square-flex-2%22%2C%22kv%22%3A%7B%7D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22square-fixed-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F3865%2Fddm.usv518.com%2Ftier1%2Fstructuredcontent%2Fdiv-gpt-square-fixed-1%22%2C%22kv%22%3A%7B%7D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%5D&pj=%7B%22tax1%22%3A%22hlt_Wellness%22%2C%22tax2%22%3A%22hlt_Nutrition%22%2C%22si_section%22%3A%22hlt_Nutrition%22%2C%22tax0%22%3A%22hlt_Homepage%22%2C%22tax3%22%3A%22hlt_eat-well%22%2C%22si_pagegroup%22%3A%22Wellness%22%7D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22tax1%22%3A%22hlt_Wellness%22%2C%22tax2%22%3A%22hlt_Nutrition%22%2C%22si_section%22%3A%22hlt_Nutrition%22%2C%22tax0%22%3A%22hlt_Homepage%22%2C%22tax3%22%3A%22hlt_eat-well%22%2C%22si_pagegroup%22%3A%22Wellness%22%7D%7D%7D%7D%7D&bb=[]&schain=1.0%2C1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.138.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-138-29.jfk52.r.cloudfront.net

Software

Server /

Resource Hash

1694b0332dc2a4166d195a82c5f95151b08871a1061cfefed8752137870dd858

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:19 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 e2730004afe9197a527c2569a0e0d39a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK52-P2
x-amz-rid: TJRTWX6JG31F9RE3AAVD
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://usv518.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: v7-37NLRk7VUI5wA6_dv-BeLRitJ4dkJ4075g_ZSsllTIS6TiV2x5A==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
142 B 62ms
61ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1555554601&t=event&ni=1&qt=0&_s=1&dl=https%3A%2F%2Fusv518.com%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&dt=26%20Simple%20Diet%20and%20Fitness%20Tips&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB%20Tests&ea=Map%20Vertical%20Proctor%20Data&el=%7B%2299-0%22%3A%22rtbTracking%20%7C%20control%20%7C%20%7C%200%22%2C%2299-1%22%3A%22useOxygen%20%7C%20useOxygen%20%7C%20use%20the%20Oxygenated%20ad%20unit%20format%20and%20slot%20names%20%7C%201%22%2C%2299-2%22%3A%22userIdAuctionDelay%20%7C%20active%20%7C%20active%20%7C%201%22%2C%2299-3%22%3A%22useFloorSearch%20%7C%20active%20%7C%20search%20API%20flooring%20system%20%7C%201%22%2C%2299-4%22%3A%22fiftyPercentAdRefresh%20%7C%20active%20%7C%20Ads%20refresh%20when%2050%25%20in%20view%20%7C%201%22%2C%2299-5%22%3A%22scAdsScript%20%7C%20active%20%7C%20Sc-ads.js%20is%20loaded%20in%20mantle%20inside%20listScCommerceTemplates.%20Sc-ads.js%20stops%20loading%20through%20commerce%20%7C%201%22%2C%2299-6%22%3A%22recipescDesktopAdRefresh%20%7C%20active%20%7C%20active%2C%20right%20rail%20ads%20timed%20refresh%20active%20%7C%201%22%2C%2299-7%22%3A%22liveIntentConnectedIdTest%20%7C%20control%20%7C%20LiveIntent%20ConnectedID%20is%20enabled%20%7C%200%22%7D&_u=YEBAAUABAAAAACACI~&jid=579498597&gjid=1459153233&cid=152247690.1702164140&tid=UA-49158591-39&_gid=1084616680.1702164140&_r=1&_slc=1&gtm=45He3bt0n81P3X3VT7v862680616&cd13=GTM-P3X3VT7&cd14=101&cd42=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36&cd46=%7B%22robots%22%3A%22max-image-preview%3Alarge%2C%20NOODP%2C%20NOYDIR%22%2C%22fb%3Aapp_id%22%3A%22979081782488298%22%7D&cd47=false&cd48=Direct&cd49=2022-12-19T10%3A20%3A11.000-05%3A00&cd94=%7B%22otabc%22%3A%220%22%2C%22otgrp%22%3A%22undefined%22%2C%22otgeo%22%3A%22undefined%22%7D&gcd=11l1l1l1l1&dma=0&z=2094949672

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 23:22:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://usv518.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
342 B 314ms
73ms XHR
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-49158591-39&cid=152247690.1702164140&jid=2004206491&gjid=1892516653&_gid=1084616680.1702164140&_u=YGDAgUABAAAAAGACIAC~&z=642561604

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 09 Dec 2023 23:22:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://usv518.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 34ms
34ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1555554601&t=pageview&qt=0&_s=1&dl=https%3A%2F%2Fusv518.com%2F&dr=&dp=https%3A%2F%2Fwww.health.com%2Fweight-loss%2F30-simple-diet-and-fitness-tips&ul=en-us&de=UTF-8&dt=26%20Simple%20Diet%20and%20Fitness%20Tips&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgUABAAAAACACIAC~&jid=2004206491&gjid=1892516653&cid=152247690.1702164140&tid=UA-49158591-39&_gid=1084616680.1702164140&gtm=45He3bt0n81P3X3VT7v862680616&cd1=5239694&cd2=STRUCTUREDCONTENT&cd3=1000113&cd4=110&cd5=250360&cd6=165332465582370&cd7=5225216%7C5248294%7C5248334%7C6951509&cd8=Health%7CWellness%7CNutrition%7CEat%20Well&cd9=&cd10=S-8404207%7CS-8391851%7CS-8401921%7CS-5241487%7CS-7371907%7CS-5239289%7CS-8380393%7CS-5239310&cd11=n04f48eaf730d4e02afab1163b0b8f69723&cd12=n04f48eaf730d4e02afab1163b0b8f69723&cd13=GTM-P3X3VT7&cd14=101&cd15=IR&cd16=0&cd17=&cd18=BROADVIDEO&cd19=extraLarge&cd30=3.14.358&cd31=&cd32=k8s-prod&cd33=healthdotcom&cd34=us-east-1&cd35=1.162.0&cd36=healthdotcom-launcher&cd37=&cd38=58ddbb47-18e6-4d9e-8ff6-3d79cee9252d&cd41=pc&cd42=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36&cd43=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36&cd44=single%20page&cd45=&cd46=%7B%22robots%22%3A%22max-image-preview%3Alarge%2C%20NOODP%2C%20NOYDIR%22%2C%22fb%3Aapp_id%22%3A%22979081782488298%22%7D&cd47=false&cd48=Direct&cd49=2022-12-19T10%3A20%3A11.000-05%3A00&cd94=%7B%22otabc%22%3A%220%22%2C%22otgrp%22%3A%22undefined%22%2C%22otgeo%22%3A%22undefined%22%7D&gcd=11l1l1l1l1&dma=0&z=1482525541

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:19:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 39795
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/08378bf6-c29a-482b-88a2-bf3e3bcf4974/ 6 KB
2 KB 303ms
69ms Script
text/javascript 13.224.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/08378bf6-c29a-482b-88a2-bf3e3bcf4974/launchpad-liveramp.js
Requested by: Host: usv518.com
URL: https://usv518.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-100.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a4feb5399d6f379f9290d45f4c6fb21a8e0546d3ff6da83d755c2d365f1369c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: vUMLDsY4tDuFcnsCEMCHCmcNKrXbJmif
content-encoding: gzip
via: 1.1 558a7274c3bf9c351a26dc5ddb8c820a.cloudfront.net (CloudFront)
date: Sat, 09 Dec 2023 17:58:00 GMT
x-amz-cf-pop: PHL50-C1
age: 19470
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Wed, 06 Dec 2023 21:25:44 GMT
server: AmazonS3
etag: W/"6e53a9d35bd17b8c10bb6f148fd6dc23"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: FgRyzZy_5Td5ztG8Oh3NNSVXYtueqvSSjT3Qb8RePrVJu2-OHvNRUA==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 302ms
68ms Script
application/javascript 23.4.232.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: usv518.com
URL: https://usv518.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.4.232.54 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-4-232-54.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:19 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
x-serial: 1
x-check-cacheable: YES
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
x-akamai-pragma-client-ip: 10.44.130.72, 4.7.166.99
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Sat, 09 Dec 2023 23:37:19 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 151 KB
33 KB 280ms
46ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: usv518.com
URL: https://usv518.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: 0NETFSVB20P7G5Q6
age: 1749
etag: W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8330fd526c8625a0-MIA
x-amz-id-2: ZBcj16d26z7u9R/OuFzrXHOVCnbeDV/7PMG5psORhuMvWUR/zL30rWK2qqN6EaoKjgAas7Yw83C+nb6oI5hB+g==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 428 B
657 B 284ms
117ms Fetch
application/json 35.168.105.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=926268&slot=%7Bid:leaderboard-flex-1,ss:%5B728.90,970.90,970.250%5D,p:3865/ddm.usv518.com/tier1/structuredcontent/Wellness%7D&slot=%7Bid:square-flex-1,ss:%5B300.250,300.600,300.1050,160.600%5D,p:3865/ddm.usv518.com/tier1/structuredcontent/Wellness%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fusv518.com%252F
Requested by: Host: www.health.com
URL: https://www.health.com/static/1.162.0/static/mantle/static/js/prebidjs/default/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.105.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-105-22.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2906980ba88d671b3be949900db8029e2ed3b2abc19ba451f5d48981a85b65ac

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 09 Dec 2023 23:22:20 GMT
server: nginx
x-server-name: app62.va.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://usv518.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 615 B
845 B 267ms
101ms Fetch
application/json 35.168.105.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=926268&slot=%7Bid:square-flex-2,ss:%5B300.250,300.600,160.600%5D,p:3865/ddm.usv518.com/tier1/structuredcontent/Wellness%7D&slot=%7Bid:square-fixed-1,ss:%5B300.250%5D,p:3865/ddm.usv518.com/tier1/structuredcontent/Wellness%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fusv518.com%252F
Requested by: Host: www.health.com
URL: https://www.health.com/static/1.162.0/static/mantle/static/js/prebidjs/default/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.105.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-105-22.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f2977f5138dde407df7c45bd570b2e31808208b2cb948ac9ee864c91a2d8701a

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 09 Dec 2023 23:22:20 GMT
server: nginx
x-server-name: app01.va.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://usv518.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

POST
H/1.1 200
OK dotdash Show response
direct.adsrvr.org/bid/bidder/ 0
394 B 221ms
77ms Fetch
application/json 199.250.161.129
TTD-ASN-01

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/dotdash
Requested by: Host: www.health.com
URL: https://www.health.com/static/1.162.0/static/mantle/static/js/prebidjs/default/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 09 Dec 2023 23:22:19 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://usv518.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
319 B 186ms
105ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=1005814
Requested by: Host: www.health.com
URL: https://www.health.com/static/1.162.0/static/mantle/static/js/prebidjs/default/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f6a91a0565ef148b5076493542fa1d12c866bf7ed29237b18e4a87f44708647

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 23:22:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTglhKnnECWa%2BS%2FXPpyMmhsA3CinphFbU9GJWQx%2BvaC%2BejxLpqIx%2FUtNJX%2FGRN93TmB%2BLIZmLcsAugkBQ30rpp6vTyZlB3l7kMUYBzTc4%2FojT6t5ghtkkQW5NOhdzGdrsnAMY75G"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://usv518.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8330fd526ced7486-MIA
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 22 B
359 B 323ms
66ms Fetch
application/json 35.211.156.215
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: www.health.com
URL: https://www.health.com/static/1.162.0/static/mantle/static/js/prebidjs/default/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.156.215 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 215.156.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a4425a95bbde1e10413ddadfdf0335fadb2991686a75e2afb1e5a935180bb529

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

Date: Sat, 09 Dec 2023 23:22:20 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://usv518.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 47

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
112 B 245ms
77ms Fetch 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.health.com
URL: https://www.health.com/static/1.162.0/static/mantle/static/js/prebidjs/default/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://usv518.com
date: Sat, 09 Dec 2023 23:22:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
189 B 171ms
56ms Fetch 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.22.0&cb=82588369364&lsavail=1&bundle=ZsnmTF9INyUyRlZmelNZWXlLalN5cEQ3eXhWdUtQczcxN2JyNTc1WHAlMkZlM1VlR0J4ayUyRndNdWZ0aG5USjZqVHJjS2ZPSzJ2RnJZc3pWOWl6U2VnJTJGNFpWUHN0aVVxYkFJVXZSNHhLWXF3Q0E1ek1vRXJWdEgwQTA0ayUyRmlINmtmOUJKbXZjYjg

Requested by

Host: www.health.com
URL: https://www.health.com/static/1.162.0/static/mantle/static/js/prebidjs/default/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://usv518.com
date: Sat, 09 Dec 2023 23:22:19 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 249 B
807 B 293ms
129ms Fetch
application/json 68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.health.com
URL: https://www.health.com/static/1.162.0/static/mantle/static/js/prebidjs/default/dist/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

69f9c44c720213068ec94aacfbc390ac848a14c4ed97d0dbb1960effaef0fbf4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 23:22:20 GMT
an-x-request-uuid: c77b75fa-2156-497c-9417-9072beccc82d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://usv518.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.68; 38.132.118.68; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 249
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 552 B
1 KB 230ms
66ms Fetch
application/json 2602:803:c002:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7499&site_id=426756&zone_id=2441392&size_id=2&alt_size_ids=55%2C57&eid_criteo.com=-hmLMl9KWGEzJTJCc2FhWmJuc1Fjc0dpNG1pTUtUT0EzWlk3VFlwMGNxUGJBV1NZV3ZSUXJvdlNaODZFSjZuRHJISlRUNGVuUjhzbExCbGpma092SHdTQ1ElMkJFTFElM0QlM0Q%5E1&tpid_liveintent.com=cUAKpj5fxL0rB8m2HM3n2FBY499wijxPKr8UjQ&eid_liveintent.com=cUAKpj5fxL0rB8m2HM3n2FBY499wijxPKr8UjQ&eid_pubcid.org=70fe4fd0-bdc2-44f1-a116-694d95f749e8%5E1&tpid_tdid=9bbfdd52-6469-429a-8a1f-09a08c7c7783&eid_adserver.org=9bbfdd52-6469-429a-8a1f-09a08c7c7783&rf=https%3A%2F%2Fusv518.com%2F&tg_i.domain=usv518.com&tg_i.page=https%3A%2F%2Fusv518.com%2F&tg_i.tax1=hlt_Wellness&tg_i.tax2=hlt_Nutrition&tg_i.tax0=hlt_Homepage&tg_i.tax3=hlt_eat-well&tg_i.mobile=0&tg_i.pbadslot=%2F3865%2Fddm.usv518.com%2Ftier1%2Fstructuredcontent%2Fdiv-gpt-leaderboard-flex-1&tk_flint=pbjs_lite_v8.22.0&l_pb_bid_id=2388161a2fb3178&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F3865%2Fddm.usv518.com%2Ftier1%2Fstructuredcontent%2Fdiv-gpt-leaderboard-flex-1&slots=1&rand=0.03141213178081892
Requested by: Host: www.health.com
URL: https://www.health.com/static/1.162.0/static/mantle/static/js/prebidjs/default/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 386fae2bb184273045545bcac78178b5be1c81de27279a4c77a810f575f6b31a

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 23:22:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://usv518.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 552
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 551 B
889 B 231ms
67ms Fetch
application/json 2602:803:c002:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7499&site_id=426756&zone_id=2441404&size_id=15&alt_size_ids=9%2C10%2C54&eid_criteo.com=-hmLMl9KWGEzJTJCc2FhWmJuc1Fjc0dpNG1pTUtUT0EzWlk3VFlwMGNxUGJBV1NZV3ZSUXJvdlNaODZFSjZuRHJISlRUNGVuUjhzbExCbGpma092SHdTQ1ElMkJFTFElM0QlM0Q%5E1&tpid_liveintent.com=cUAKpj5fxL0rB8m2HM3n2FBY499wijxPKr8UjQ&eid_liveintent.com=cUAKpj5fxL0rB8m2HM3n2FBY499wijxPKr8UjQ&eid_pubcid.org=70fe4fd0-bdc2-44f1-a116-694d95f749e8%5E1&tpid_tdid=9bbfdd52-6469-429a-8a1f-09a08c7c7783&eid_adserver.org=9bbfdd52-6469-429a-8a1f-09a08c7c7783&rf=https%3A%2F%2Fusv518.com%2F&tg_i.domain=usv518.com&tg_i.page=https%3A%2F%2Fusv518.com%2F&tg_i.tax1=hlt_Wellness&tg_i.tax2=hlt_Nutrition&tg_i.tax0=hlt_Homepage&tg_i.tax3=hlt_eat-well&tg_i.mobile=0&tg_i.pbadslot=%2F3865%2Fddm.usv518.com%2Ftier1%2Fstructuredcontent%2Fdiv-gpt-square-flex-1&tk_flint=pbjs_lite_v8.22.0&l_pb_bid_id=24d43ea191fc616&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F3865%2Fddm.usv518.com%2Ftier1%2Fstructuredcontent%2Fdiv-gpt-square-flex-1&slots=1&rand=0.495098072034011
Requested by: Host: www.health.com
URL: https://www.health.com/static/1.162.0/static/mantle/static/js/prebidjs/default/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6fa7fa410ba94ca25ef597c33465f5725a6ce1639fcd4795c6e8c546d7a114a0

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 23:22:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://usv518.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 551
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 548 B
886 B 225ms
67ms Fetch
application/json 2602:803:c002:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7499&site_id=426756&zone_id=2441406&size_id=15&alt_size_ids=9%2C10&eid_criteo.com=-hmLMl9KWGEzJTJCc2FhWmJuc1Fjc0dpNG1pTUtUT0EzWlk3VFlwMGNxUGJBV1NZV3ZSUXJvdlNaODZFSjZuRHJISlRUNGVuUjhzbExCbGpma092SHdTQ1ElMkJFTFElM0QlM0Q%5E1&tpid_liveintent.com=cUAKpj5fxL0rB8m2HM3n2FBY499wijxPKr8UjQ&eid_liveintent.com=cUAKpj5fxL0rB8m2HM3n2FBY499wijxPKr8UjQ&eid_pubcid.org=70fe4fd0-bdc2-44f1-a116-694d95f749e8%5E1&tpid_tdid=9bbfdd52-6469-429a-8a1f-09a08c7c7783&eid_adserver.org=9bbfdd52-6469-429a-8a1f-09a08c7c7783&rf=https%3A%2F%2Fusv518.com%2F&tg_i.domain=usv518.com&tg_i.page=https%3A%2F%2Fusv518.com%2F&tg_i.tax1=hlt_Wellness&tg_i.tax2=hlt_Nutrition&tg_i.tax0=hlt_Homepage&tg_i.tax3=hlt_eat-well&tg_i.mobile=0&tg_i.pbadslot=%2F3865%2Fddm.usv518.com%2Ftier1%2Fstructuredcontent%2Fdiv-gpt-square-flex-2&tk_flint=pbjs_lite_v8.22.0&l_pb_bid_id=26589800576e486&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F3865%2Fddm.usv518.com%2Ftier1%2Fstructuredcontent%2Fdiv-gpt-square-flex-2&slots=1&rand=0.4888803555636161
Requested by: Host: www.health.com
URL: https://www.health.com/static/1.162.0/static/mantle/static/js/prebidjs/default/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 58dc4c5f7346bbfeeeb76aa70580a24002641fd8912ec2b391ea81272365a0ce

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 23:22:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://usv518.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 548
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 529 B
867 B 226ms
68ms Fetch
application/json 2602:803:c002:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7499&site_id=426756&zone_id=2441400&size_id=15&eid_criteo.com=-hmLMl9KWGEzJTJCc2FhWmJuc1Fjc0dpNG1pTUtUT0EzWlk3VFlwMGNxUGJBV1NZV3ZSUXJvdlNaODZFSjZuRHJISlRUNGVuUjhzbExCbGpma092SHdTQ1ElMkJFTFElM0QlM0Q%5E1&tpid_liveintent.com=cUAKpj5fxL0rB8m2HM3n2FBY499wijxPKr8UjQ&eid_liveintent.com=cUAKpj5fxL0rB8m2HM3n2FBY499wijxPKr8UjQ&eid_pubcid.org=70fe4fd0-bdc2-44f1-a116-694d95f749e8%5E1&tpid_tdid=9bbfdd52-6469-429a-8a1f-09a08c7c7783&eid_adserver.org=9bbfdd52-6469-429a-8a1f-09a08c7c7783&rf=https%3A%2F%2Fusv518.com%2F&tg_i.domain=usv518.com&tg_i.page=https%3A%2F%2Fusv518.com%2F&tg_i.tax1=hlt_Wellness&tg_i.tax2=hlt_Nutrition&tg_i.tax0=hlt_Homepage&tg_i.tax3=hlt_eat-well&tg_i.mobile=0&tg_i.pbadslot=%2F3865%2Fddm.usv518.com%2Ftier1%2Fstructuredcontent%2Fdiv-gpt-square-fixed-1&tk_flint=pbjs_lite_v8.22.0&l_pb_bid_id=279cabd7810125e&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F3865%2Fddm.usv518.com%2Ftier1%2Fstructuredcontent%2Fdiv-gpt-square-fixed-1&slots=1&rand=0.17049252029546613
Requested by: Host: www.health.com
URL: https://www.health.com/static/1.162.0/static/mantle/static/js/prebidjs/default/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 39dc5478283aaac4a2ad2270203659a0e43eb6070dfcb89df5ddbb9ab3feb5f7

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 23:22:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://usv518.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 529
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
361 B 303ms
67ms Fetch
application/json 35.211.156.215
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: www.health.com
URL: https://www.health.com/static/1.162.0/static/mantle/static/js/prebidjs/default/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.156.215 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 215.156.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8671dff47a1474a2e10e0cc9485364ad23196de4d0c5c84818966906cad916e3

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

Date: Sat, 09 Dec 2023 23:22:20 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://usv518.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
577 B 224ms
71ms Fetch
application/json 68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.health.com
URL: https://www.health.com/static/1.162.0/static/mantle/static/js/prebidjs/default/dist/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 23:22:20 GMT
an-x-request-uuid: c75f2c52-e15b-4e5a-94d3-a3bb9b3d4abb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://usv518.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.68; 38.132.118.68; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 232ms
84ms Fetch 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.health.com
URL: https://www.health.com/static/1.162.0/static/mantle/static/js/prebidjs/default/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://usv518.com
date: Sat, 09 Dec 2023 23:22:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
542 B 133ms
79ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=1005818
Requested by: Host: www.health.com
URL: https://www.health.com/static/1.162.0/static/mantle/static/js/prebidjs/default/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9abba6801df0f94a091442236899db1020fd9fdc69767921821b606528078ca6

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 23:22:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4wxTfVU5ZBBENaOYzix8w7UG1uevTqw4Zea%2BaAWOGH5p0o%2FSxHObEdJq8TMIPAUtwiufk5j1ZOwnrJky4coSU3nbBAb2yYc0Chj6QnvdbTEsBpYphKDx32VJeFF%2BR45LlFaClWk"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://usv518.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8330fd526cf37486-MIA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK dotdash Show response
direct.adsrvr.org/bid/bidder/ 0
394 B 200ms
71ms Fetch
application/json 199.250.161.129
TTD-ASN-01

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/dotdash
Requested by: Host: www.health.com
URL: https://www.health.com/static/1.162.0/static/mantle/static/js/prebidjs/default/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 09 Dec 2023 23:22:19 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://usv518.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
188 B 151ms
57ms Fetch 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.22.0&cb=29265118967&lsavail=1&bundle=ZsnmTF9INyUyRlZmelNZWXlLalN5cEQ3eXhWdUtQczcxN2JyNTc1WHAlMkZlM1VlR0J4ayUyRndNdWZ0aG5USjZqVHJjS2ZPSzJ2RnJZc3pWOWl6U2VnJTJGNFpWUHN0aVVxYkFJVXZSNHhLWXF3Q0E1ek1vRXJWdEgwQTA0ayUyRmlINmtmOUJKbXZjYjg

Requested by

Host: www.health.com
URL: https://www.health.com/static/1.162.0/static/mantle/static/js/prebidjs/default/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://usv518.com
date: Sat, 09 Dec 2023 23:22:19 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/latest/ 126 KB
26 KB 266ms
70ms Script
application/x-javascript 18.238.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by: Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/08378bf6-c29a-482b-88a2-bf3e3bcf4974/launchpad-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-127.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1548aabd8c69698cd8f0247200a23f032283ebe6598bbc1cf166738ca8fcf332

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: rdrhieZQC2WprZTCGMCd_who_ZPxalVg
content-encoding: br
via: 1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
date: Sat, 09 Dec 2023 23:00:17 GMT
last-modified: Thu, 07 Dec 2023 13:00:09 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 1324
x-amz-server-side-encryption: AES256
etag: W/"c1b3b71914ce20f869f6824fcd85078d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: KqzA-EJW53M7f2_JuVwP-z87jWZ1vkhkEssx_icwhTil7U3y10n3Tw==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 153 KB
45 KB 616ms
615ms Fetch
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1558577313728012&correlator=904702458351447&eid=31080079%2C31080021%2C44809721&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=3865%2Cddm.usv518.com%2Ctier1%2Cstructuredcontent%2CWellness&enc_prev_ius=0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x90%7C970x250%7C728x91&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702164140198&lmt=1702164140&adxs=436&adys=160&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fusv518.com%2F&vis=1&psz=1600x-1&msz=1600x-1&fws=516&ohw=1600&ga_vid=152247690.1702164140&ga_sid=1702164140&ga_hid=1555554601&ga_fc=true&dlt=1702164138368&idt=1165&ppid=58ddbb47-18e6-4d9e-8ff6-3d79cee9252d&prev_scp=floor_id%3Dec5c5a52eac64682b841060d269b3b5c%26floor%3D5%26entryType%3Ddirect%26leaid%3D250360%26docId%3D5239694%26viewtype%3Dbroadvideo%26type%3Dstructuredcontent%26ptax%3Dhlt_Nutrition%26tax1%3Dhlt_Wellness%26tax2%3Dhlt_Nutrition%26t%3D110%26au%3D1000113%26tier%3DL%26jny%3D0%26leuid%3D165332465582370%26id%3D5239694%26tax3%3Dhlt_eat-well%26srid%3DpPcHJ%26slot%3Dleaderboard-flex-1%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26rtd_ias_pub%3D40%252C50%252C60%26rtd_ias_grm%3D40%252C50%252C60%26rtd_ias_vw%3D40%252C50%252C60%26rtd_ias_fr%3Dtrue%26rtd_ias_ias-kw%3DIAS_UNSCORED_PG%26rtd_ias_drg%3DveryLow%26rtd_ias_vio%3DveryLow%26rtd_ias_off%3DveryLow%26rtd_ias_hat%3DveryLow%26rtd_ias_dlm%3DveryLow%26rtd_ias_alc%3DveryLow%26rtd_ias_adt%3DveryLow%26vid%3D1&cust_params=ugc%3D0%26hgt%3D1200%26wdth%3D1600%26abtest%3Dlcid1%26tax0%3DHealth%26rid%3Dn04f48eaf730d4e02afab1163b0b8f69723%26sid%3Dn04f48eaf730d4e02afab1163b0b8f69723%26mtax%3D13869%252C32497%252C11013%26sentiment%3Dpositive%26concepts%3Dworkoutbuddy%252CJackieNewgent%252CAndrewKastor%252Cstarch%252Cgoals%252Csomeone%252CFitness%26taxons%3DHealth%252CNutrition%26w%3DextraLarge%26ab%3D99%252C99%252C99%252C99%252C99%252C99%252C99%252C99%26pv%3D1%26muid%3D58ddbb47-18e6-4d9e-8ff6-3d79cee9252d&adks=2841913613&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7994942011cc67e16611c1415e53a5592de154e768bf8fc498dc2eb595c7be7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45771
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://usv518.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 236ms
96ms XHR
application/json 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1df868b3de427d9c9fd0d9d51bae83f6590ba6ced15c81d1f3191f7cdc548ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12259
x-xss-protection: 0

GET
H2 200 container.html Show response
1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EA47 6 KB
3 KB 274ms
80ms Document
text/html 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usv518.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 23:22:20 GMT
expires: Sun, 08 Dec 2024 23:22:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 156 KB
45 KB 994ms
994ms Fetch
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1558577313728012&correlator=904702458351447&eid=31080079%2C31080021%2C44809721&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=3865%2Cddm.usv518.com%2Ctier1%2Cstructuredcontent%2CWellness&enc_prev_ius=0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%7C299x251%7C300x600%7C300x1050%7C160x600%7C300x251&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702164140240&lmt=1702164140&adxs=998&adys=574&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fusv518.com%2F&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=1600&ga_vid=152247690.1702164140&ga_sid=1702164140&ga_hid=1555554601&ga_fc=true&dlt=1702164138368&idt=1165&ppid=58ddbb47-18e6-4d9e-8ff6-3d79cee9252d&prev_scp=floor_id%3D67f1e0eb9594472db1188b01bf2eeeca%26floor%3D5%26entryType%3Ddirect%26leaid%3D250360%26docId%3D5239694%26viewtype%3Dbroadvideo%26type%3Dstructuredcontent%26ptax%3Dhlt_Nutrition%26tax1%3Dhlt_Wellness%26tax2%3Dhlt_Nutrition%26t%3D110%26au%3D1000113%26tier%3DL%26jny%3D0%26leuid%3D165332465582370%26id%3D5239694%26tax3%3Dhlt_eat-well%26srid%3DNPk7A%26slot%3Dsquare-flex-1%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26rtd_ias_grm%3D40%26rtd_ias_vw%3D40%252C50%252C60%252C70%26rtd_ias_fr%3Dtrue%26rtd_ias_ias-kw%3DIAS_UNSCORED_PG%26rtd_ias_drg%3DveryLow%26rtd_ias_vio%3DveryLow%26rtd_ias_off%3DveryLow%26rtd_ias_hat%3DveryLow%26rtd_ias_dlm%3DveryLow%26rtd_ias_alc%3DveryLow%26rtd_ias_adt%3DveryLow%26vid%3D1&cust_params=ugc%3D0%26hgt%3D1200%26wdth%3D1600%26abtest%3Dlcid1%26tax0%3DHealth%26rid%3Dn04f48eaf730d4e02afab1163b0b8f69723%26sid%3Dn04f48eaf730d4e02afab1163b0b8f69723%26mtax%3D13869%252C32497%252C11013%26sentiment%3Dpositive%26concepts%3Dworkoutbuddy%252CJackieNewgent%252CAndrewKastor%252Cstarch%252Cgoals%252Csomeone%252CFitness%26taxons%3DHealth%252CNutrition%26w%3DextraLarge%26ab%3D99%252C99%252C99%252C99%252C99%252C99%252C99%252C99%26pv%3D1%26muid%3D58ddbb47-18e6-4d9e-8ff6-3d79cee9252d&adks=1711029095&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b81b6a492c7f545b61b52634e93d9696300cbd2adde88277fe1f66064b1a3b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:21 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45682
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://usv518.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 616 B
288 B 1137ms
1137ms Fetch
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1558577313728012&correlator=904702458351447&eid=31080079%2C31080021%2C44809721&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=3865%2Cddm.usv518.com%2Ctier1%2Cstructuredcontent%2CWellness&enc_prev_ius=0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C300x250%7C300x251%7C300x600%7C300x601%7C2x1%7C160x600%7C300x252&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702164140253&lmt=1702164140&adxs=998&adys=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fusv518.com%2F&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=1600&ga_vid=152247690.1702164140&ga_sid=1702164140&ga_hid=1555554601&ga_fc=true&dlt=1702164138368&idt=1165&ppid=58ddbb47-18e6-4d9e-8ff6-3d79cee9252d&prev_scp=floor_id%3Dffd372d3f1af421c946f7f5b1f148a66%26floor%3D5%26entryType%3Ddirect%26leaid%3D250360%26docId%3D5239694%26viewtype%3Dbroadvideo%26type%3Dstructuredcontent%26ptax%3Dhlt_Nutrition%26tax1%3Dhlt_Wellness%26tax2%3Dhlt_Nutrition%26t%3D110%26au%3D1000113%26tier%3DL%26jny%3D0%26leuid%3D165332465582370%26id%3D5239694%26tax3%3Dhlt_eat-well%26srid%3DEEKja%26slot%3Dsquare-flex-2%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26rtd_ias_fr%3Dtrue%26rtd_ias_ias-kw%3DIAS_UNSCORED_PG%26rtd_ias_drg%3DveryLow%26rtd_ias_vio%3DveryLow%26rtd_ias_off%3DveryLow%26rtd_ias_hat%3DveryLow%26rtd_ias_dlm%3DveryLow%26rtd_ias_alc%3DveryLow%26rtd_ias_adt%3DveryLow%26vid%3D1&cust_params=ugc%3D0%26hgt%3D1200%26wdth%3D1600%26abtest%3Dlcid1%26tax0%3DHealth%26rid%3Dn04f48eaf730d4e02afab1163b0b8f69723%26sid%3Dn04f48eaf730d4e02afab1163b0b8f69723%26mtax%3D13869%252C32497%252C11013%26sentiment%3Dpositive%26concepts%3Dworkoutbuddy%252CJackieNewgent%252CAndrewKastor%252Cstarch%252Cgoals%252Csomeone%252CFitness%26taxons%3DHealth%252CNutrition%26w%3DextraLarge%26ab%3D99%252C99%252C99%252C99%252C99%252C99%252C99%252C99%26pv%3D1%26muid%3D58ddbb47-18e6-4d9e-8ff6-3d79cee9252d&adks=1464308999&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

826ef3565345b10e06dadc59c6b777a8cda15e6b78541972a08adc3eaa7b5bd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:21 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://usv518.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 616 B
289 B 1318ms
1318ms Fetch
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1558577313728012&correlator=904702458351447&eid=31080079%2C31080021%2C44809721&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=3865%2Cddm.usv518.com%2Ctier1%2Cstructuredcontent%2CWellness&enc_prev_ius=0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C300x250%7C299x251%7C300x253&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702164140272&lmt=1702164140&adxs=998&adys=2464&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fusv518.com%2F&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=1600&ga_vid=152247690.1702164140&ga_sid=1702164140&ga_hid=1555554601&ga_fc=true&dlt=1702164138368&idt=1165&ppid=58ddbb47-18e6-4d9e-8ff6-3d79cee9252d&prev_scp=floor_id%3Dc7cdcfc7c07242e4a8a1e6f5b363f3a9%26floor%3D5%26entryType%3Ddirect%26leaid%3D250360%26docId%3D5239694%26viewtype%3Dbroadvideo%26type%3Dstructuredcontent%26ptax%3Dhlt_Nutrition%26tax1%3Dhlt_Wellness%26tax2%3Dhlt_Nutrition%26t%3D110%26au%3D1000113%26tier%3DL%26jny%3D0%26leuid%3D165332465582370%26id%3D5239694%26tax3%3Dhlt_eat-well%26srid%3DfabWk%26slot%3Dsquare-fixed-1%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26rtd_ias_fr%3Dtrue%26rtd_ias_ias-kw%3DIAS_UNSCORED_PG%26rtd_ias_drg%3DveryLow%26rtd_ias_vio%3DveryLow%26rtd_ias_off%3DveryLow%26rtd_ias_hat%3DveryLow%26rtd_ias_dlm%3DveryLow%26rtd_ias_alc%3DveryLow%26rtd_ias_adt%3DveryLow%26vid%3D1&cust_params=ugc%3D0%26hgt%3D1200%26wdth%3D1600%26abtest%3Dlcid1%26tax0%3DHealth%26rid%3Dn04f48eaf730d4e02afab1163b0b8f69723%26sid%3Dn04f48eaf730d4e02afab1163b0b8f69723%26mtax%3D13869%252C32497%252C11013%26sentiment%3Dpositive%26concepts%3Dworkoutbuddy%252CJackieNewgent%252CAndrewKastor%252Cstarch%252Cgoals%252Csomeone%252CFitness%26taxons%3DHealth%252CNutrition%26w%3DextraLarge%26ab%3D99%252C99%252C99%252C99%252C99%252C99%252C99%252C99%26pv%3D1%26muid%3D58ddbb47-18e6-4d9e-8ff6-3d79cee9252d&adks=1270083456&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9e8f36d038e411c4af79a5af611add7b4ef85531d112b81f08d93a0fbf05bdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:21 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://usv518.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 512 B
261 B 1304ms
1304ms Fetch
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1558577313728012&correlator=904702458351447&eid=31080079%2C31080021%2C44809721&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=3865%2Cddm.usv518.com%2Cntv1&enc_prev_ius=0%2F1%2F2&prev_iu_szs=320x50%7C1x3&fluid=height&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702164140288&lmt=1702164140&adxs=302&adys=1810&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fusv518.com%2F&vis=1&psz=600x0&msz=600x0&fws=4&ohw=1600&ga_vid=152247690.1702164140&ga_sid=1702164140&ga_hid=1555554601&ga_fc=true&dlt=1702164138368&idt=1165&ppid=58ddbb47-18e6-4d9e-8ff6-3d79cee9252d&prev_scp=floor_id%3DNOFLOOR%26entryType%3Ddirect%26leaid%3D250360%26docId%3D5239694%26viewtype%3Dbroadvideo%26type%3Dstructuredcontent%26ptax%3Dhlt_Nutrition%26tax1%3Dhlt_Wellness%26tax2%3Dhlt_Nutrition%26t%3D110%26au%3D1000113%26tier%3DL%26jny%3D0%26leuid%3D165332465582370%26id%3D5239694%26tax3%3Dhlt_eat-well%26srid%3DSxNE3%26slot%3Dnative%26vid%3D1&cust_params=ugc%3D0%26hgt%3D1200%26wdth%3D1600%26abtest%3Dlcid1%26tax0%3DHealth%26rid%3Dn04f48eaf730d4e02afab1163b0b8f69723%26sid%3Dn04f48eaf730d4e02afab1163b0b8f69723%26mtax%3D13869%252C32497%252C11013%26sentiment%3Dpositive%26concepts%3Dworkoutbuddy%252CJackieNewgent%252CAndrewKastor%252Cstarch%252Cgoals%252Csomeone%252CFitness%26taxons%3DHealth%252CNutrition%26w%3DextraLarge%26ab%3D99%252C99%252C99%252C99%252C99%252C99%252C99%252C99%26pv%3D1%26muid%3D58ddbb47-18e6-4d9e-8ff6-3d79cee9252d&adks=1137464586&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

572bf71f796a41bbe8a57f57414c2dff7e0b71a021f01beb98aa9956741180e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 231
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://usv518.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 417ms
253ms Preflight
application/json 13.224.214.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-10.phl50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://usv518.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sat, 09 Dec 2023 23:22:20 GMT
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront), 1.1 e2aea636b5bbfa67100e8bdb9eda1cf6.cloudfront.net (CloudFront)
x-amz-apigw-id: Pst7BE-HDoEEgeA=
x-amz-cf-id: mzTPeXY8JUhk_xGInGhZQew4xqAQIPKRkolr5zl0XBUBmwQXJSH1Gg==
x-amz-cf-pop: PHL50-C1 PHL50-C1
x-amzn-requestid: a1c5c5ae-e779-4327-8901-aa2f9fa67909
x-cache: Miss from cloudfront

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
616 B 64ms
64ms Fetch
application/json 13.224.214.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-10.phl50.r.cloudfront.net
Software: /
Resource Hash: b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9

Request headers

Accept: application/json
Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 09 Dec 2023 08:30:53 GMT
via: 1.1 ded2db8c78a1ad7377261200a0bb44fa.cloudfront.net (CloudFront), 1.1 e2aea636b5bbfa67100e8bdb9eda1cf6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD61-P2, PHL50-C1
age: 53487
x-amzn-requestid: efcb7bc0-fa43-4577-afb9-bc5305f400b6
x-amzn-trace-id: Root=1-657425bd-5a0f85da3327bf713e0260bf;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: PqrVnFurDoEEegw=
content-length: 30
x-amz-cf-id: NWOOt5noFQylL6qQMYEVxJe0gFjakaIQ9_ZV8Wd22SaxwNPkbEi_-A==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 229ms
88ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 23:22:20 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 695E 13 KB
5 KB 66ms
64ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usv518.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 63543
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 05:43:17 GMT
expires: Sun, 08 Dec 2024 05:43:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E3A6 829 B
1 KB 229ms
87ms Document
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d25d9281410b5f184a0db719586b6174c625553cb574ed52e26c6e64a120db61

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-L-E6ZjStaa4j2u9864n2SA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://usv518.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-L-E6ZjStaa4j2u9864n2SA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 23:22:20 GMT
expires: Sat, 09 Dec 2023 23:22:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 695E 39 KB
15 KB 199ms
66ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:44:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 20:44:53 GMT

GET
H2 200 container.html Show response
1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 40EB 6 KB
3 KB 67ms
66ms Document
text/html 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usv518.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 23:22:20 GMT
expires: Sun, 08 Dec 2024 23:22:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 meredith.js Show response
tru.am/scripts/custom/ 4 KB
2 KB 130ms
48ms Script
application/javascript 2606:4700:20::681a:374
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/custom/meredith.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3X3VT7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:374 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93d192a031c69be44e45f709700850be648793329a5aa09f3265c6b924035489

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 747359
x-guploader-uploadid: ABPtcPopexQtT93SlUXYmsy1xTBN1hVpqR09Ke3AqiszCIRPYjNxybTmIk11d4-KbWPmv4liitc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 27 Jul 2023 23:11:46 GMT
server: cloudflare
etag: W/"a200afd49c97b765c908fb2aecf04f28"
vary: Accept-Encoding
x-goog-hash: crc32c=9eljBQ==, md5=ogCv1JyXt2XJCPsq7PBPKA==
x-goog-generation: 1690499506898168
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUP3MGNUJHr%2FVNiN9iRnWV%2FN3dLRmmcRvm8wm4F33n6AVcp4Xa1SlllLD7GWAnztMNRTr4mBu6%2BvJhbyh04Tp4a%2F8XPRv6l3cbkDcfPEJn0PHSxLMZWS%2BrxX41pI5w8xL7KGNg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-goog-stored-content-length: 3764
cf-ray: 8330fd597a5831fb-MIA
expires: Sat, 30 Nov 2024 07:46:22 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 200ms
66ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: usv518.com
URL: https://usv518.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Dec 2023 23:22:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: dOwyVMbmcyGy5dNS/19FOcGrd0FNqMh9Nb8MF5NrbVA9GDwCUCNU4t3VL9dQXVhC3rd2328DmOI9Ut7JFgzT2g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 M Show response
g.3gl.net/jp//v3.3.5/ Frame F38F 34 KB
11 KB 165ms
36ms Script
text/javascript 93.184.216.86
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://g.3gl.net/jp//v3.3.5/M
Requested by: Host: usv518.com
URL: https://usv518.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.216.86 Lombard, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mic/9B13) /
Resource Hash: 5a92e349c2463ec6d97447a8b10a87c9f717ec1b804db1a65de6fbb7c4a99d16

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:21 GMT
content-encoding: gzip
last-modified: Sat, 09 Dec 2023 22:35:26 GMT
server: ECS (mic/9B13)
age: 2815
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: public
timing-allow-origin: *
content-length: 10825
expires: Sun, 10 Dec 2023 00:22:21 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6036459&ns__t=1702164140934&ns_c=UTF-8&c8=26%20Simple%20Diet%20and%20Fitness%20Tips&c7=https%3A%2F%2Fusv518.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=6036459&ns__t=1702164140934&ns_c=UTF-8&c8=26%20Simple%20Diet%20and%20Fitness%20Tips&c7=https%3A%2F%2Fusv518.com%2F&c9=

0
223 B

70ms
70ms

Image
text/plain

18.238.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6036459&ns__t=1702164140934&ns_c=UTF-8&c8=26%20Simple%20Diet%20and%20Fitness%20Tips&c7=https%3A%2F%2Fusv518.com%2F&c9=
Protocol: H2
Server: 18.238.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-110.phl51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:21 GMT
via: 1.1 155cf052093c04a91231ce0752765784.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: PHL51-P1
x-amz-cf-id: lOIy_YRPrlq9FfisWn6sov-eu6n6bYv8cmCwL4XfaANpiCkJaeYNag==
x-cache: Miss from cloudfront

Redirect headers

date: Sat, 09 Dec 2023 23:22:21 GMT
via: 1.1 155cf052093c04a91231ce0752765784.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=6036459&ns__t=1702164140934&ns_c=UTF-8&c8=26%20Simple%20Diet%20and%20Fitness%20Tips&c7=https%3A%2F%2Fusv518.com%2F&c9=
content-length: 0
x-amz-cf-id: bjdzy2WA-bc5mbNdhIh8TRsk67JViWJQPNIOsGuuvuNOFk6meK5e5A==

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://idsync.rlcdn.com/459989.gif?partner_uid=58ddbb47-18e6-4d9e-8ff6-3d79cee9252d
https://idsync.rlcdn.com/1000.gif?memo=CNWJHBIwCiwIARDH8QEaJDU4ZGRiYjQ3LTE4ZTYtNGQ5ZS04ZmY2LTNkNzljZWU5MjUyZBAAGg0Ire3TqwYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=184e8484316695b97e3bb84a9f5e5d1c2ac816c1908210517d26c3234ae40bbf791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=184e8484316695b97e3bb84a9f5e5d1c2ac816c1908210517d26c3234ae40bbf791426b5417dce21&rand=00998415
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=184e8484316695b97e3bb84a9f5e5d1c2ac816c1908210517d26c3234ae40bbf791426b5417dce21&rand=00998415&expected_cookie=910b66ed-5d68-4911-aadc-1b7c8e456f97

0
142 B

86ms
86ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=184e8484316695b97e3bb84a9f5e5d1c2ac816c1908210517d26c3234ae40bbf791426b5417dce21&rand=00998415&expected_cookie=910b66ed-5d68-4911-aadc-1b7c8e456f97
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:21 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: CB93FE95047F4AAB8531EA3C1024BEA1 Ref B: MIAEDGE1321 Ref C: 2023-12-09T23:22:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYMG/kD4XNJgLyL2dAI/g==

Redirect headers

date: Sat, 09 Dec 2023 23:22:20 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: B1494BEDC8C04F41AE40E7BA2BBB0502 Ref B: MIAEDGE1321 Ref C: 2023-12-09T23:22:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: /db_sync?pid=10339&puuid=184e8484316695b97e3bb84a9f5e5d1c2ac816c1908210517d26c3234ae40bbf791426b5417dce21&rand=00998415&expected_cookie=910b66ed-5d68-4911-aadc-1b7c8e456f97
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYMG/kBWZHXssY3W+LhOQ==

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6036459/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
364 B

65ms
64ms

Script
application/javascript

18.238.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 18.238.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-110.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:30:15 GMT
via: 1.1 155cf052093c04a91231ce0752765784.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:48:48 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 64327
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 0
x-amz-cf-id: ocuOKUCC-EwbN18qN1md-CbTn0tFn6bUnnOMYqRpXBtNDRXTR2gU6w==

Redirect headers

date: Sat, 09 Dec 2023 23:22:21 GMT
via: 1.1 155cf052093c04a91231ce0752765784.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
location: /internal-c2/default/cs.js
content-length: 0
x-amz-cf-id: o4-vVOa6nr-lET9pgXJbzSovA9xgaNl2k9h5I7Kf27pi7IRPEY4tEg==

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
270 B 441ms
143ms Fetch
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: usv518.com
URL: https://usv518.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

d7d104bafc8b22c4ddac871d6a72aac20a7da5bb422dd894252c81410707d45c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://usv518.com
date: Sat, 09 Dec 2023 23:22:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E3A6 0
0 93ms
91ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=1558577313728012&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ Frame 40EB 4 KB
1 KB 226ms
82ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 23:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 22:21:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 23:22:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 40EB 2 KB
822 B 67ms
65ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 18:51:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 18:51:50 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 40EB 24 KB
9 KB 68ms
65ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10079
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:34:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 40EB 3 KB
1 KB 83ms
80ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:34:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10071
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:34:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 40EB 20 KB
8 KB 68ms
67ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 18:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 18:51:48 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 40EB 202 KB
64 KB 261ms
87ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 23:22:21 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 40EB 37 KB
16 KB 221ms
68ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 01:38:21 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 40EB 11 KB
12 KB 225ms
66ms Image
image/jpeg 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRlxXhPPBe9coS8Dgm2F253yywumltbuKONTI4dS6-mQP66lgAFsTlxVJANaG0&usqp=CAI

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39042902d359aef11106ffb4110155585ae7a487d32d4949d9256ca9162aed6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:53:54 GMT
x-content-type-options: nosniff
age: 311307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11299
x-xss-protection: 0
last-modified: Sun, 01 Oct 2023 04:25:58 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 05 Dec 2024 08:53:54 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 40EB 14 KB
14 KB 283ms
132ms Image
image/jpeg 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSgfdUPttFii31GzhqhP1r-4rHKaLtrf-HadwdwnayhskhaW5PtbDXlVy5wWA&usqp=CAI

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f524fbdd1f01bfa302c3c6a76c754436fb99bcaaea581c64d6ae5be390c3fddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 15:50:57 GMT
x-content-type-options: nosniff
age: 286284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14098
x-xss-protection: 0
last-modified: Sun, 04 Feb 2024 04:52:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 05 Dec 2024 15:50:57 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 40EB 22 KB
22 KB 217ms
66ms Image
image/jpeg 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRzFSoFLJ__7o4cNA-yozvmrM5ZbuPJJonAqX4m_9qt_i_EJWO3tu8pp2awhD0&usqp=CAI

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1df8d70b77010794aa9a8d3493c888941ab8339926c121c6d77d2f5ee78263af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:46:13 GMT
x-content-type-options: nosniff
age: 9368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22278
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 05:42:54 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 08 Dec 2024 20:46:13 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 40EB 28 KB
29 KB 217ms
67ms Image
image/jpeg 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRfGdZEkB5XL7mjrvzHeG-98bXQIz8__dUSk3zObcsMgLiOTN_GRDQfOlRdUQ&usqp=CAI

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d8fb2683bed8c78682a33c81668df4389f68d0ba078451a25c49510660f318f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:10:36 GMT
x-content-type-options: nosniff
age: 310305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28709
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 03:45:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 05 Dec 2024 09:10:36 GMT

GET
H3

200

7775594092382834397
tpc.googlesyndication.com/simgad/ Frame 40EB
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOC6o_afKhCwCRiwCTIIyPC0mtCeWjM
https://tpc.googlesyndication.com/simgad/7775594092382834397

77 KB
77 KB

68ms
68ms

Image
image/png

2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7775594092382834397

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:22:21 GMT
x-content-type-options: nosniff
age: 309600
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79088
x-xss-protection: 0
last-modified: Thu, 25 May 2023 12:39:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 05 Dec 2024 09:22:21 GMT

Redirect headers

date: Fri, 08 Dec 2023 23:42:27 GMT
x-content-type-options: nosniff
server: cafe
age: 85194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/7775594092382834397
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Jan 2024 23:42:27 GMT

GET
H2 200 ta-pagesocial-sdk.js Show response
tru.am/scripts/ 27 KB
11 KB 45ms
45ms Script
text/javascript 2606:4700:20::681a:374
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/custom/meredith.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:374 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 916840
x-guploader-uploadid: ABPtcPrpQhi99xQaTVw15RFPkQyZ554g02-TxulTaec3d4ACwumFp1rxTE_fsPpg8ltl-7YgsSj4NwrRxg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Jul 2022 07:45:14 GMT
server: cloudflare
etag: W/"2925c8da90d1d29f7899fa52629fe37d"
vary: Accept-Encoding
x-goog-hash: crc32c=TsbXyg==, md5=KSXI2pDR0p94mfpSYp/jfQ==
x-goog-generation: 1658389514760491
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FA9w8KEoZ%2Fcn3SGPp%2BQGZDl6ul5jH1hX53ilPaANwm%2FRX351nOk%2BwuV2kL4mSTXcty8i4QTp1WGMI9ho27VeZEqTdrXWWfeOoAm8TlFVjs4RaoqGXNcwLvaVUeZMXtXKc6HryQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
x-goog-stored-content-length: 27860
cf-ray: 8330fd59dae231fb-MIA
expires: Wed, 29 Nov 2023 08:41:51 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 695E 0
10 B 71ms
69ms Image
text/plain 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?MAJsZw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ Frame 40EB 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43de94e5d09bd212a64d5bfa94c150b6c5d34c83c2b2ded84448452c97d4713f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1413 6 KB
3 KB 72ms
69ms Document
text/html 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usv518.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 23:22:20 GMT
expires: Sun, 08 Dec 2024 23:22:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1576393572602771 Show response
connect.facebook.net/signals/config/ 367 KB
115 KB 536ms
535ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1576393572602771?v=2.9.138&r=stable&domain=usv518.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

94780a88e87037b60248c09569a3f2d8cbb640df559a42347d662c8907b2b75a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Dec 2023 23:22:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: cYkEdYnYjai7XJzZfDukFSiMHUX+xcfaOcQO1MBrRctuSK/TqA875w3yGcWV7e8UQW3jGyVtXRAlK03uxHYPnQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1413 4 KB
705 B 81ms
80ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 23:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 22:24:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 23:22:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1413 2 KB
822 B 78ms
68ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 01:52:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 1413 24 KB
9 KB 78ms
69ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:39:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9744
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:39:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1413 3 KB
1 KB 89ms
79ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 01:52:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1413 20 KB
8 KB 83ms
74ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 01:52:55 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1413 202 KB
64 KB 107ms
94ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 23:22:21 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 1413 37 KB
15 KB 78ms
66ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 01:38:21 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 1413 11 KB
11 KB 78ms
67ms Image
image/jpeg 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRlxXhPPBe9coS8Dgm2F253yywumltbuKONTI4dS6-mQP66lgAFsTlxVJANaG0&usqp=CAI

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39042902d359aef11106ffb4110155585ae7a487d32d4949d9256ca9162aed6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:53:54 GMT
x-content-type-options: nosniff
age: 311307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11299
x-xss-protection: 0
last-modified: Sun, 01 Oct 2023 04:25:58 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 05 Dec 2024 08:53:54 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 1413 14 KB
14 KB 76ms
66ms Image
image/jpeg 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSgfdUPttFii31GzhqhP1r-4rHKaLtrf-HadwdwnayhskhaW5PtbDXlVy5wWA&usqp=CAI

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f524fbdd1f01bfa302c3c6a76c754436fb99bcaaea581c64d6ae5be390c3fddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 15:50:57 GMT
x-content-type-options: nosniff
age: 286284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14098
x-xss-protection: 0
last-modified: Sun, 04 Feb 2024 04:52:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 05 Dec 2024 15:50:57 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 1413 18 KB
18 KB 77ms
68ms Image
image/jpeg 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQjidBTmiioarxeZq165DhJpVGNYJlXVYrLqjG0glFxIvaTwPiwroCCt88Emw&usqp=CAI

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2320cfcc7c95904b573d756dcda8e599f0fb7d2fc23c042c842fdf1b5d16e0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:01:10 GMT
x-content-type-options: nosniff
age: 310871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18400
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 05:03:55 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 05 Dec 2024 09:01:10 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 1413 36 KB
36 KB 87ms
78ms Image
image/jpeg 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQJshOsjTOzLDPCxXCzPj9sP4oS3FuOkwUIdflvDUgUEgOEMag9o0JA_jAhhg&usqp=CAI

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b10c73618a36459290c577b4a46b6b1deef1b5d7c4963d7f9094e183db272fdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:01:32 GMT
x-content-type-options: nosniff
age: 310849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36683
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 10:19:33 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 05 Dec 2024 09:01:32 GMT

GET
H3

200

7775594092382834397
tpc.googlesyndication.com/simgad/ Frame 1413
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOC6o_afKhCwCRiwCTIIyPC0mtCeWjM
https://tpc.googlesyndication.com/simgad/7775594092382834397

77 KB
77 KB

71ms
71ms

Image
image/png

2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7775594092382834397

Requested by

Host: 1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
URL: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:22:21 GMT
x-content-type-options: nosniff
age: 309600
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79088
x-xss-protection: 0
last-modified: Thu, 25 May 2023 12:39:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 05 Dec 2024 09:22:21 GMT

Redirect headers

date: Fri, 08 Dec 2023 23:42:27 GMT
x-content-type-options: nosniff
server: cafe
age: 85194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/7775594092382834397
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Jan 2024 23:42:27 GMT

POST
H2 200 v3 Show response
id5-sync.com/gm/ 697 B
1 KB 466ms
145ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: usv518.com
URL: https://usv518.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

be9bea6770d651de48544f9826037d79adac947e28f36d515e3895f8d2b75d23

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://usv518.com
date: Sat, 09 Dec 2023 23:22:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 40EB 21 KB
21 KB 206ms
67ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:39:58 GMT
x-content-type-options: nosniff
age: 96143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 20:39:58 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 40EB 20 KB
20 KB 268ms
130ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:05:56 GMT
x-content-type-options: nosniff
age: 310585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 09:05:56 GMT

GET
DATA 200
OK truncated
/ Frame 1413 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67872a169ee77a9cccfa91914f20177406b6ed43126f9b386c8cd56a2cf94d08

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 1413 21 KB
21 KB 197ms
157ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:39:58 GMT
x-content-type-options: nosniff
age: 96143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 20:39:58 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 1413 20 KB
20 KB 221ms
184ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:05:56 GMT
x-content-type-options: nosniff
age: 310585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 09:05:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 96ms
95ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=1558577313728012&bg=!6Oul66TNAAY3kmNgF5I7ADQBe5WfODg6ZtHkVhLEATa--fYZZrmyUc7Jmm-O0gP6OSUXA5Ew0p5uf5P4XFDbqCwog9MXAgAAAHpSAAAABGgBB5kC3q40oIY38IGyskeX08fcPti4_V7ijdsn_b7tfIqLmkeGj63PNhbFsqqZmk8n34iCNQq_GuUH3aVgcfPRs7eeIwSuzeo13dHi76zNMtjS4pUZ7us7yxvbMPzC6Hnl6Zc3PtBLpVE9y_2iHlAMVjoAMKfUB7hrHpRh_IELdXsKmGA4RLJtyJDubr-w3HYhPSYNu4Q9HGJv0A_OR4TmHyn3fbsvt5M26Zi5R6RGRVZ6nsR_xf4fA7a2fISrTpZTyRpWpLwU-YVp5PVqEM7fSrnQGG3PdHgxvmpunPS3yPtMjegvp3nMd8vOyFNrGK1GqcEZQx9Yr8RsAECL23rpUmaPLAHR0U2DPHQ09GLpQSe8WjAD2Ifz89AodeVZm73pTdMWge6yGVpgd5G74Wdv_OxDm-maRxziNduD4HOVMpQCfH6g4Ec4y_uQP6KkBgDdbxhG017FVkrNZZDB408gi8H-HuD_spJlG53cM1vnwwlnFu25cmTUvHUbRiqEnV8WVVOnAkwawkQOGhzsxBO5RrVMxMsEWy3KRaXEMpbo7ENk7NBlpQK2-osKTPO8lcGhUXuNhWSwHSyrb37_P3WbIhrREVenjXDMCnHRjXfBZaYZpqGXnQ47NeeU_5ufnOrGVNier2Vlvw8iaH5U9zeUh-0gqj1N02G1ClktGFOoHzsk67YQN-rqoe9SNUwUo7SdQ3n5FXUs9eb5YKcW5jl4N_ZmfICNoACSy-S0vgMojLtQlIv0jU41H_1a7-ArJvQ22JbFW8qDpUqXbZYyW-HzzyWvNRKfBIYOCc0meaBCQ1ibFnAqS4joAebwXAUlpR3Si3q9J8AqWbB595ys9xSenRg3ljNELp_wxiRaeuoYiE07QUnxrkbQD-c4dBMhxcMMDg_jeqErV18lPR6aXzsrT_QE8pHRni8Mqyd1BYN5WohoWwDe7-Qk4hJVvrJP-Mu4u45NorOXRxzBaiWX1pyMnrta
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 40EB
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CInqerPZ0ZaeUEtXH6toPitmfkAeF6Y_adNKZrPOkErnu8MiqARABIKj9wBJgyYaAgNyjxBCgAaHAmPEoyAEJqQJJKF1x_LeCPuACAKgDAcgDywSqBKkCT9CKhKGuFUWzzmMW6eAQnRJ6...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xba87bb7b562ad1880000000000000000%22,%222%22:%220x11a46dcd6e39b3810000000000000000%22,%223%22:%220x56cfee...

0
0

230ms
93ms

Fetch
text/css

142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xba87bb7b562ad1880000000000000000%22,%222%22:%220x11a46dcd6e39b3810000000000000000%22,%223%22:%220x56cfee8034934c9a0000000000000000%22,%224%22:%220x95dd17b70068c4d40000000000000000%22,%225%22:%220x1a7e84713981ac2a0000000000000000%22},%22debug_key%22:%221576187449921519131%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214269399517477685265%22}&andc=true

Protocol

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:22 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xba87bb7b562ad1880000000000000000","2":"0x11a46dcd6e39b3810000000000000000","3":"0x56cfee8034934c9a0000000000000000","4":"0x95dd17b70068c4d40000000000000000","5":"0x1a7e84713981ac2a0000000000000000"},"debug_key":"1576187449921519131","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"14269399517477685265"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 23:22:22 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 23:22:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xba87bb7b562ad1880000000000000000","2":"0x11a46dcd6e39b3810000000000000000","3":"0x56cfee8034934c9a0000000000000000","4":"0x95dd17b70068c4d40000000000000000","5":"0x1a7e84713981ac2a0000000000000000"},"debug_key":"1576187449921519131","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"14269399517477685265"}&andc=true
access-control-allow-origin: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 769E 50 KB
19 KB 72ms
72ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: usv518.com
URL: https://usv518.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 08:29:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 226364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 08:29:37 GMT

GET
H2

200

9.gif
id5-sync.com/c/957/1245/0/
Redirect Chain

https://id5-sync.com/i/957/8.gif?id5id=ID5*3KTjbQYAn-T4cm47iDEPnR1wzn_ZGeWTcKQk-JX-PJFzzTTC0gl7Dhdp82CZf1Ixc89btaDVbIOK3pqh1wTA4g&o=api&gdpr_consent=undefined&gdpr=false
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F957%2F441%2F7%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://id5-sync.com/c/957/441/7/2.gif?puid=u_c621e22d-80ad-49cc-989c-89d12d05b535&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1
https://id5-sync.com/k/155.gif?puid=AAGruE7K6e0AABSRtWhjbw&id5AccountNum=155&numCascadesAllowed=9
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F957%2F108%2F5%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F957%2F108%2F5%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gd...
https://id5-sync.com/c/957/108/5/4.gif?puid=e4cb3078-6ea4-4eea-a041-6a97974febda&gdpr=0&gdpr_consent=
https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F957%2F203%2F4%2F5.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/957/203/4/5.gif?puid=db8d4428-d7c9-47cb-8a3a-7ea3ed6c5ce7&gdpr=0&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-503075RPuRHmvmZhpd_A9OQeIjCNNc6ZMPSlfGrszA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F957%2F124%2F3%2F6.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-503075RPuRHmvmZhpd_A9OQeIjCNNc6ZMPSlfGrszA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F957%2F124%2F3%2F6.gif%3Fp...
https://id5-sync.com/cq/957/124/3/6.gif?puid=f8a45600-dd97-4b48-bed9-0101691e7550&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=9bbfdd52-6469-429a-8a1f-09a08c7c7783&ttl=%%TTL%%
https://ce.lijit.com/merge?pid=85&3pid=AAGruE7K6e0AABSRtWhjbw&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F957%2F1241%2F1%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26g...
https://ce.lijit.com/merge?pid=85&3pid=AAGruE7K6e0AABSRtWhjbw&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F957%2F1241%2F1%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26g...
https://id5-sync.com/c/957/1241/1/8.gif?puid=Hy26dRZHARaGy6iCRrOLQ3Q7&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=27&3pid=9bbfdd52-6469-429a-8a1f-09a08c7c7783&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F957%2F1245%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%...
https://id5-sync.com/c/957/1245/0/9.gif?puid=Hy26dRZHARaGy6iCRrOLQ3Q7&gdpr=0&gdpr_consent=

43 B
1 KB

145ms
144ms

Image
image/gif

162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/957/1245/0/9.gif?puid=Hy26dRZHARaGy6iCRrOLQ3Q7&gdpr=0&gdpr_consent=

Protocol

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 09 Dec 2023 23:22:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 23:22:25 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://id5-sync.com/c/957/1245/0/9.gif?puid=Hy26dRZHARaGy6iCRrOLQ3Q7&gdpr=0&gdpr_consent=
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ewr1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 94ms
93ms Preflight
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CInqerPZ0ZaeUEtXH6toPitmfkAeF6Y_adNKZrPOkErnu8MiqARABIKj9wBJgyYaAgNyjxBCgAaHAmPEoyAEJqQJJKF1x_LeCPuACAKgDAcgDywSqBKkCT9CKhKGuFUWzzmMW6eAQnRJ6x_Uju5g8QemqtVMp6U1HHtwduMiDuXiJUN1yYC5I9EeZaOvD3DMMyQ7_v9b9EosFkxi_255MhinZI1cXNqIMJ9mrMw4Q6i5FnCDbz6KowvmKejd-3mkvOjZ8E1-EC4tmBcldFrKTcSlnI4o8D59O0SflntoAm3TXABxWL_aatZIZj9N-JO-FJlRsk63x6QPhU4qUb7A1onxED3YfsH9U9lx5WaxZ2r7ESIop_w39Y4gotOuDXKlpby0__-xawSDKbMeomQL2D7b__Xxx_c_-U1xIGsgcGQt5EomPRA9NuT27Oy_CYSHJBsA-5E-o5_IWZMXCMFiV1EsJsKth_OhWpjf50OkYNeE_9auhK_x4JobUHkBCkv62wATqrpqpwATgBAGIBa2t-5pNkgUECAQYAZIFBAgFGASgBi6AB_Dq6ZIEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEN-fJ9IIHQiAYRABGB0yAooCOgKAQEi9_cE6WPz6t8e_g4MDmgn_AWh0dHBzOi8vd3d3LnRlbXUuY29tL2t1aXBlci91bjEuaHRtbD9zdWJqPWZlZWQtdW4mX2JnX2ZzPTEmX3BfbWF0MV90eXBlPTEmX3BfanVtcF9pZD03MjUmX3hfdnN0X3NjZW5lPWFkZyZsb2NhbGVfb3ZlcnJpZGU9MjExfmVuflVTRCZnb29kc19pZD02MDEwOTk1MTUwNjgyNjYmX3BfcmZzPTEmX3hfYWRzX3N1Yl9jaGFubmVsPW90aGVyJl94X2Fkc19jaGFubmVsPWdvb2dsZSZfeF9iZ19hZGlkPWdkMTg2MzkyNS0xJnRvcGljX2NsYXNzaWZ5PTEyNIAKA8gLAaIMFCoSChDktLEC7rWxArW4sQKsurEC2gwRCgsQoNWD9rCPjszJARICAQPiDRMI7bK4x7-DgwMV1aNaBR2K7Ady2BML0BUBgBcBshceChwIABIUcHViLTY5ODMzMDcyODk2ODkyMDYY2o4R&sigh=EVzlXAp02CQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSYADICaaN6kk1VcRDvdJeYwsqxOAjnD6ymmPzPDlrrHYJwQib9umVULAtGCWz-_-ILwwArvBT4fLEoyAimy0EcICPTP2a2OYaqOwLFS0yvWXctMC1F07IpF7YIiG0Hw1KhBgB&template_id=494&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 23:22:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 95ms
94ms Preflight
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CO1h9rPZ0ZfO5LZ6N6toPu_uVkAmF6Y_adNKZrPOkEpu7y5yDFxABIKj9wBJgyYaAgNyjxBCgAaHAmPEoyAEJqQJJKF1x_LeCPuACAKgDAcgDy4SAgASqBLACT9BPDwa0NegfVYo2suyAO74lJx2Vy4US-A3_I9PFLKRWhoQZ-EeXTW-DuiSCIvde4um2-AAbWl7AH9o6PT974Rzy9nhB9LsXw6-zK248Q4Ua4pQDDEEvuoUF6NjOm3mAo3Mf40i5AfrEhHLBrDKvrEbBEG-4t-XkljtdAtXH1urz_udc2XSuleoecmmbO6S_Q21V_23EKXC0ccpZF6bAS8cNLBbnpKDk8EqmKRlN5Ec0rC16IdVtgClomzzt6_a0IgQFLCUQAEfH5ApEY1_lUpJQiK8UvgEFwP4heKioAgKWp0ds4IW3OU0xEsP_MIPaXswDHS-e7hcuPMg_YUrK-W9q9gHxjnZeQfboVpYhPXgocMzKOQtrPh-02bIr7RGD1zS7YKC6lQSMOGjw1NO9XMAE6q6aqcAE4AQBiAWtrfuaTZIFBAgEGAGSBQQIBRgEoAYugAfw6umSBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBCAwzXSCB0IgGEQARgdMgKKAjoCgEBIvf3BOligjrrHv4ODA5oJ_wFodHRwczovL3d3dy50ZW11LmNvbS9rdWlwZXIvdW4xLmh0bWw_c3Viaj1mZWVkLXVuJl9iZ19mcz0xJl9wX21hdDFfdHlwZT0xJl9wX2p1bXBfaWQ9NzI1Jl94X3ZzdF9zY2VuZT1hZGcmbG9jYWxlX292ZXJyaWRlPTIxMX5lbn5VU0QmZ29vZHNfaWQ9NjAxMDk5NTE1MDY4MjY2Jl9wX3Jmcz0xJl94X2Fkc19zdWJfY2hhbm5lbD1vdGhlciZfeF9hZHNfY2hhbm5lbD1nb29nbGUmX3hfYmdfYWRpZD1nZDE4NjM5MjUtMSZ0b3BpY19jbGFzc2lmeT0xMjSACgPICwGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAtoMEAoKELDe4pmn0cD5PhICAQPiDRMIrcG6x7-DgwMVnoZaBR27fQWS2BML0BUBgBcBshceChwIABIUcHViLTY5ODMzMDcyODk2ODkyMDYY2o4R&sigh=9UbyNLzuOaE&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSiwEAyAmmjSCDmdlY3A0gud44PEZ7PBjeqgWmmbMJcpRnFAcSiG3AaRlMOQtscFMU0zcFM1eLuyDXEV-uc6lTNG5BPVcdJ8o57319hjuKa5t8CehnouS3f0iIqEu1KkC_tMnzzDZU066FI2ITAxNjiVLy11giHlZjL7mceM-Hfz1nYUmrgW6YDL1TEG2yGAE&template_id=494&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 23:22:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1413
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CO1h9rPZ0ZfO5LZ6N6toPu_uVkAmF6Y_adNKZrPOkEpu7y5yDFxABIKj9wBJgyYaAgNyjxBCgAaHAmPEoyAEJqQJJKF1x_LeCPuACAKgDAcgDy4SAgASqBLACT9BPDwa0NegfVYo2suyA...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xba87bb7b562ad1880000000000000000%22,%222%22:%220x11a46dcd6e39b3810000000000000000%22,%223%22:%220x56cfee...

0
0

230ms
93ms

Fetch
text/css

142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xba87bb7b562ad1880000000000000000%22,%222%22:%220x11a46dcd6e39b3810000000000000000%22,%223%22:%220x56cfee8034934c9a0000000000000000%22,%224%22:%220x95dd17b70068c4d40000000000000000%22,%225%22:%220x1a7e84713981ac2a0000000000000000%22},%22debug_key%22:%2213666952024828547209%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22500357391625169441%22}&andc=true

Protocol

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 23:22:22 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xba87bb7b562ad1880000000000000000","2":"0x11a46dcd6e39b3810000000000000000","3":"0x56cfee8034934c9a0000000000000000","4":"0x95dd17b70068c4d40000000000000000","5":"0x1a7e84713981ac2a0000000000000000"},"debug_key":"13666952024828547209","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"500357391625169441"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 23:22:22 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 23:22:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xba87bb7b562ad1880000000000000000","2":"0x11a46dcd6e39b3810000000000000000","3":"0x56cfee8034934c9a0000000000000000","4":"0x95dd17b70068c4d40000000000000000","5":"0x1a7e84713981ac2a0000000000000000"},"debug_key":"13666952024828547209","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"500357391625169441"}&andc=true
access-control-allow-origin: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 1AD0 50 KB
19 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: usv518.com
URL: https://usv518.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 08:29:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 226364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 08:29:37 GMT

POST
H2 200 4ee776b46eedc8570df50cef2a346d6c88382415a525475af49f6914fddc0ebe Show response
capig.dotdashmdp.com/events/ 0
348 B 233ms
59ms XHR
text/plain 2600:1f18:75e7:5600:d90b:c352:5424:27fd
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://capig.dotdashmdp.com/events/4ee776b46eedc8570df50cef2a346d6c88382415a525475af49f6914fddc0ebe
Requested by: Host: usv518.com
URL: https://usv518.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:75e7:5600:d90b:c352:5424:27fd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usv518.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://usv518.com
date: Sat, 09 Dec 2023 23:22:22 GMT
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 192ms
65ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1576393572602771&ev=PageView&dl=https%3A%2F%2Fusv518.com%2F&rl=&if=false&ts=1702164142057&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702164142054.946611072&eid=ob3_plugin-set_90a0b95ac18abf5fd2d53a6059fb6b4829def6427a6436853832641646b0951a&ler=empty&it=1702164141330&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 09 Dec 2023 23:22:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 253ms
97ms Preflight
text/html 142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 23:22:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 253ms
97ms Preflight
text/html 142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xba87bb7b562ad1880000000000000000%22,%222%22:%220x11a46dcd6e39b3810000000000000000%22,%223%22:%220x56cfee8034934c9a0000000000000000%22,%224%22:%220x95dd17b70068c4d40000000000000000%22,%225%22:%220x1a7e84713981ac2a0000000000000000%22},%22debug_key%22:%2213666952024828547209%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22500357391625169441%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 23:22:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 40EB 42 B
174 B 96ms
95ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDHxR4peF4U12PixRJqQg3z_6njGLGY21UrbgZIuSwWe_eMSPiyRB50MvNHx9aIOe7Ut411gy05rfW5YhyCzGJTWr1mU0J7WhKMaN_W5xw2fDy3HnK-W1zZTDP_MzxvispZl1M-mj3yw&sai=AMfl-YSEi-iZZYIa8iuQ2y1YxOt2FeJQj_lTNrkBBazgkEotSsHG_a3Xh9W8nshObYEQWihmOLXuGp6ODLroS7WA2MrgLWLOjSlMtP8hXlH1KH754wFaDDgbAakUxzE6F64NsBDQyfeS0owWa7OIwIZXKqfcNkc79QaFRR_nJf8fy9r2HRj65Thn3ECnTgw&sig=Cg0ArKJSzBZ_tMK64QOiEAE&cid=CAQSYADICaaN6kk1VcRDvdJeYwsqxOAjnD6ymmPzPDlrrHYJwQib9umVULAtGCWz-_-ILwwArvBT4fLEoyAimy0EcICPTP2a2OYaqOwLFS0yvWXctMC1F07IpF7YIiG0Hw1KhBgB&id=lidar2&mcvt=1000&p=160,315,410,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2841913613&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702164140922&rpt=966&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 23:22:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1413 42 B
108 B 98ms
97ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsslDzmh-3UFjnOXZGSB0HscW43qLKEYA0Wwq2iF-esECxsDv3RdQ8dFUeKeuDVvpUzpxZpciYeWZCYyVNgWYC9TZuKnJMeKmKe0cXsa7ahMfK6Iece2N3hMDA6UDJwtrMc9LeQiDfeP-Q&sai=AMfl-YSMF8imWxQdbmGiJg9qG_1Q-aMKovPnV3actdI35XE8Z9cd9ODTTbHGqhEuf-p0LLWdXcI4mp9tbLPT31GSvfivwbrHxsC9ChAn9xzw7GQp9iOEtmIoOwxXAfiVRAKjhHNkURwI5B-OoI8JNi8aFr313BeR1rzcqHb3iO8YHu8niRNEbyE24nihn8x9ejTwXLg3Lgui16BoU-RhKV0wPHzB0s9mE4XQBb1JRIDFUhgYbG32EwZP3ZJ1Jg&sig=Cg0ArKJSzLCdkI80J1aMEAE&cid=CAQSiwEAyAmmjSCDmdlY3A0gud44PEZ7PBjeqgWmmbMJcpRnFAcSiG3AaRlMOQtscFMU0zcFM1eLuyDXEV-uc6lTNG5BPVcdJ8o57319hjuKa5t8CehnouS3f0iIqEu1KkC_tMnzzDZU066FI2ITAxNjiVLy11giHlZjL7mceM-Hfz1nYUmrgW6YDL1TEG2yGAE&id=lidar2&mcvt=1000&p=734,998,1784,1298&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=0.44&if=1&vu=1&app=0&itpl=22&adk=1711029095&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702164141285&rpt=660&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 23:22:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

crum
dsum-sec.casalemedia.com/
Redirect Chain

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=1005818&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=1005818&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1
https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662091143077437

43 B
339 B

98ms
85ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662091143077437
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 23:22:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pey1Bh%2FUZwNf0eWawL8jz2GkAHKB4pPdN96%2F31OtLhE6NIZMkVDkdFif706cl6wnWB%2FrtuHKeDeSn2tvD0qVWdjGsf%2FEW2vqO0pFnkKG2ejMn9Fjwk%2F9ZyT7TZhpVhYvuNpVD2cHMQzloA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8330fd6a1f467486-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 23:22:23 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 844
content-type: text/html
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662091143077437
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8330fd6938438df0-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/
Redirect Chain

https://match.adsrvr.org/track/usersync?us_privacy=&gdpr=0&gdpr_consent=undefined&ust=image
https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=9bbfdd52-6469-429a-8a1f-09a08c7c7783
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=9bbfdd52-6469-429a-8a1f-09a08c7c7783

0
337 B

205ms
60ms

Image
text/plain

34.230.132.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=9bbfdd52-6469-429a-8a1f-09a08c7c7783
Protocol: H2
Server: 34.230.132.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-132-179.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-served-by: beacon-n035-ash-prod.krxd.net
date: Sat, 09 Dec 2023 23:22:23 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1702164143
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=9bbfdd52-6469-429a-8a1f-09a08c7c7783
date: Sat, 09 Dec 2023 23:22:23 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a008-ash-prod.krxd.net

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=158139
https://image8.pubmatic.com/AdServer/ImgSync?p=158139&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzY0NzY1OEQtMzFGQy00MjUyLUI3OEQtODk1NTNBMDBEODZF&gdpr=-1&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

0
216 B

58ms
58ms

Image
text/plain

8.28.7.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Protocol: H2
Server: 8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usv518.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:05:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date: Sat, 09 Dec 2023 13:56:17 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=13435

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

67 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.capig.dotdashmdp.com/events/4ee776b46eedc8570df50cef2a346d6c88382415a525475af49f6914fddc0ebe	1970-01-20 18:59:00	Name: cee Value: O7HuXo4bSO2AMaID%2B3FU%2Fj1nWs%2BtxAjwPJCmFhcaxQs%3D.%7B%22cee_id%22%3A%22cee.1702164142269.79609%22%7D
.liadm.com/j	1970-01-21 02:25:24	Name: lidid Value: e8cffe2d-b152-4880-b3de-6e2ecf02c6d0
usv518.com/	1970-01-21 02:25:24	Name: d4a3b Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjYxNzhcIjoxNzAyMTY0MTM3fSxcImNhbXBhaWduc1wiOntcIjI2MjVcIjoxNzAyMTY0MTM3fSxcInRpbWVcIjoxNzAyMTY0MTM3fSJ9.AhQk2nLomDWGZo7gc6HnWs4LgchlUuLAM9Pap822jnI
.usv518.com/	1969-12-31 23:59:59	Name: lb_ld Value: search
.usv518.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .usv518.com
.usv518.com/	1970-01-21 02:25:24	Name: _lc2_fpi Value: c1f793757d80--01hh8e72wv0adxjfw4pt0c8900
.usv518.com/	1970-01-21 02:25:24	Name: _lc2_fpi_meta Value: %7B%22w%22%3A1702164138908%7D
.usv518.com/	1970-01-21 01:35:00	Name: _sharedid Value: 70fe4fd0-bdc2-44f1-a116-694d95f749e8
.usv518.com/	1970-01-21 01:35:00	Name: _sharedid_cst Value: zix7LPQsHA%3D%3D
usv518.com/	1970-01-20 16:49:27	Name: _lr_retry_request Value: true
usv518.com/	1970-01-20 17:32:36	Name: _lr_env_src_ats Value: false
.adsrvr.org/	1970-01-21 01:36:26	Name: TDID Value: 9bbfdd52-6469-429a-8a1f-09a08c7c7783
.liadm.com/	1970-01-21 02:25:24	Name: lidid Value: e8cffe2d-b152-4880-b3de-6e2ecf02c6d0
.usv518.com/	1970-01-20 16:50:14	Name: __li_idex_cache2_InByZWJpZC80NjExMz9kdWlkPWMxZjc5Mzc1N2Q4MC0tMDFoaDhlNzJ3djBhZHhqZnc0cHQwYzg5MDAmcmVzb2x2ZT1ub25JZCZyZXNvbHZlPXVpZDImcmVzb2x2ZT1pbmRleCZyZXNvbHZlPWJpZHN3aXRjaCZyZXNvbHZlPW1lZGlhbmV0JnJlc29sdmU9bWFnbml0ZSZyZXNvbHZlPXB1Ym1hdGljJnJlc29sdmU9b3Blbngi Value: %7B%22nonId%22%3A%22cUAKpj5fxL0rB8m2HM3n2FBY499wijxPKr8UjQ%22%7D
.usv518.com/	1970-01-20 16:50:14	Name: __li_idex_cache2_InByZWJpZC80NjExMz9kdWlkPWMxZjc5Mzc1N2Q4MC0tMDFoaDhlNzJ3djBhZHhqZnc0cHQwYzg5MDAmcmVzb2x2ZT1ub25JZCZyZXNvbHZlPXVpZDImcmVzb2x2ZT1pbmRleCZyZXNvbHZlPWJpZHN3aXRjaCZyZXNvbHZlPW1lZGlhbmV0JnJlc29sdmU9bWFnbml0ZSZyZXNvbHZlPXB1Ym1hdGljJnJlc29sdmU9b3Blbngi_meta Value: %7B%22w%22%3A1702164139186%2C%22e%22%3A1702250539000%7D
usv518.com/	1970-01-20 17:34:02	Name: _subid Value: f5hkj21o45d1
.usv518.com/	1970-01-21 02:25:24	Name: _ga Value: GA1.2.152247690.1702164140
.usv518.com/	1970-01-20 16:50:50	Name: _gid Value: GA1.2.1084616680.1702164140
.usv518.com/	1970-01-20 16:49:24	Name: _gat_UA-49158591-39 Value: 1
.usv518.com/	1970-01-20 16:49:24	Name: _dc_gtm_UA-49158591-39 Value: 1
.usv518.com/	1970-01-21 02:10:24	Name: cto_bundle Value: ZsnmTF9INyUyRlZmelNZWXlLalN5cEQ3eXhWdUtQczcxN2JyNTc1WHAlMkZlM1VlR0J4ayUyRndNdWZ0aG5USjZqVHJjS2ZPSzJ2RnJZc3pWOWl6U2VnJTJGNFpWUHN0aVVxYkFJVXZSNHhLWXF3Q0E1ek1vRXJWdEgwQTA0ayUyRmlINmtmOUJKbXZjYjg
.usv518.com/	1970-01-21 02:10:24	Name: cto_bidid Value: -hmLMl9KWGEzJTJCc2FhWmJuc1Fjc0dpNG1pTUtUT0EzWlk3VFlwMGNxUGJBV1NZV3ZSUXJvdlNaODZFSjZuRHJISlRUNGVuUjhzbExCbGpma092SHdTQ1ElMkJFTFElM0QlM0Q
.rubiconproject.com/	1970-01-21 01:35:00	Name: khaos Value: LPYOKW6Y-28-A8BP
.rubiconproject.com/	1970-01-21 01:35:00	Name: audit Value: 1\|tcR/wBEzWcJ4viR9eQarqKS5Bv7H1ouoxdnNVF8ci15UQAK1SlKbTAs+gohtBgoWNqXrlfpCpE0wS/UYG0G7TAcErk2RO9bIIo8tEQuGXfEijy0RC4Zd8aZr5ZVxLWDe
.rlcdn.com/	1970-01-21 01:35:00	Name: rlas3 Value: XMGuKRIK9yA87IO6uryCoTo3WyX9vDwN9fBw4blzLFc=
.scorecardresearch.com/	1970-01-21 02:25:24	Name: UID Value: 141b7d7620a8bc5ab7d52581702164141
.rlcdn.com/	1970-01-20 18:15:48	Name: pxrc Value: CK3t06sGEgUI6AcQABIFCOhHEAA=
.pippio.com/	1970-01-21 01:35:00	Name: did Value: 2vFlw7aV-FylTn_u
.pippio.com/	1970-01-21 01:35:00	Name: didts Value: 1702164141
.pippio.com/	1970-01-20 18:15:48	Name: nnls Value:
.pippio.com/	1970-01-20 18:15:48	Name: pxrc Value: CK3t06sGEgYIgr0rEAA=
.linkedin.com/	1970-01-20 18:59:00	Name: li_sugr Value: 910b66ed-5d68-4911-aadc-1b7c8e456f97
.linkedin.com/	1970-01-21 01:35:00	Name: bcookie Value: "v=2&54102712-de17-4a38-8514-8898989ab0a4"
.linkedin.com/	1970-01-20 16:50:50	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3109:u=1:x=1:i=1702164141:t=1702250541:v=2:sig=AQGJQe5AgAjlsb72jiIpNVF-eePLLved"
.usv518.com/	1970-01-21 02:11:00	Name: __gads Value: ID=e05a664391d6b665:T=1702164140:RT=1702164140:S=ALNI_MZPk2_glqATKkmMugypmmtJdZX1eA
.usv518.com/	1970-01-21 02:11:00	Name: __gpi Value: UID=00000a03511c2699:T=1702164140:RT=1702164140:S=ALNI_MZB6zGfV7iJIXVNC_71kIdTmabv1w
.id5-sync.com/	1970-01-20 18:59:00	Name: id5 Value: 28732845-1210-7634-bf43-a7de0d907ce0#1702164141818#2
.usv518.com/	1970-01-20 18:59:00	Name: _fbp Value: fb.1.1702164142054.946611072
.doubleclick.net/	1970-01-21 02:25:24	Name: IDE Value: AHWqTUlOmdJ5ke_MqKER1M68-drq7hgEJNDETWM-Nl5QlEQdUhkrjhBDfV_41Ip8CAY
.gumgum.com/	1970-01-21 01:35:00	Name: vst Value: u_c621e22d-80ad-49cc-989c-89d12d05b535
.bidr.io/	1970-01-21 02:17:54	Name: bito Value: AAGruE7K6e0AABSRtWhjbw
.bidr.io/	1970-01-21 02:17:54	Name: bitoIsSecure Value: ok
.googleadservices.com/	1970-01-20 18:59:00	Name: ar_debug Value: 1
.tapad.com/	1970-01-20 18:15:48	Name: TapAd_TS Value: 1702164143010
.tapad.com/	1970-01-20 18:15:48	Name: TapAd_DID Value: e4cb3078-6ea4-4eea-a041-6a97974febda
.tapad.com/	1970-01-20 18:15:48	Name: TapAd_3WAY_SYNCS Value:
.casalemedia.com/	1970-01-21 01:35:00	Name: CMID Value: ZXT2r7t8-GJ965h3pf0jpAAA
.casalemedia.com/	1970-01-20 18:59:00	Name: CMPS Value: 2930
.casalemedia.com/	1970-01-20 18:59:00	Name: CMPRO Value: 2930
.pubmatic.com/	1970-01-20 16:50:50	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 18:59:00	Name: SyncRTB3 Value: 1703289600%3A220
.pubmatic.com/	1970-01-21 01:35:00	Name: KADUSERCOOKIE Value: C647658D-31FC-4252-B78D-89553A00D86E
.krxd.net/	1970-01-20 21:08:36	Name: _kuid_ Value: P9yIb3Nm
.tribalfusion.com/	1970-01-20 18:59:00	Name: ANON_ID Value: aCnsmAO5nP87PRo7TGr72V65vjJc6Lvnkts5ffqVyZbmW6qXCETGpYZd9pAWnSpVtTHRbaVKnNqJwY
.pubmatic.com/	1970-01-20 16:50:50	Name: pi Value: 158139:3
.pubmatic.com/	1970-01-20 18:59:00	Name: chkChromeAb67Sec Value: 2
.criteo.com/	1970-01-21 02:11:00	Name: uid Value: db8d4428-d7c9-47cb-8a3a-7ea3ed6c5ce7
.360yield.com/	1970-01-20 18:59:00	Name: tuuid Value: f8a45600-dd97-4b48-bed9-0101691e7550
.360yield.com/	1970-01-20 18:59:00	Name: tuuid_lu Value: 1702164144
.360yield.com/	1970-01-20 18:59:00	Name: um Value: !79,8SXLY-dcfAR54ZEBeR7glVTy6v9qXz2nZOP4v96f0LVyXTdqiYRwqKx0uRkmbUgLlQ9scXAnhDNRulhV,1709940144
.360yield.com/	1970-01-20 18:59:00	Name: umeh Value: !79,0,1764372144,-1
.adsrvr.org/	1970-01-21 01:36:26	Name: TDCPM Value: CAESEwoEa3J1eBILCMa7-tC9k7E8EAUYASABKAIyCwimz4Hrjca8PBAFOAFaBzhoOXUxMWhgAg..
.lijit.com/	1970-01-21 01:35:00	Name: ljt_reader Value: Hy26dRZHARaGy6iCRrOLQ3Q7
.lijit.com/	1970-01-21 01:35:00	Name: _ljtrtb_85 Value: AAGruE7K6e0AABSRtWhjbw
.lijit.com/	1970-01-21 01:35:00	Name: ljtrtb Value: eJyrVrIwVbJScnR0Lyp1Nfc2SzVwdHQKDioJz8hKKleqBQCH2glJ
.lijit.com/	1970-01-21 01:35:00	Name: _ljtrtb_27 Value: 9bbfdd52-6469-429a-8a1f-09a08c7c7783
.id5-sync.com/	1970-01-20 18:59:00	Name: 3pi Value: 264#1702164144688#-851870757#9bbfdd52-6469-429a-8a1f-09a08c7c7783\|441#1702164142340#-1640819530#u_c621e22d-80ad-49cc-989c-89d12d05b535\|1241#1702164145211#1004006180\|155#1702164142808#896733193#AAGruE7K6e0AABSRtWhjbw\|203#1702164143982#-1207404834#db8d4428-d7c9-47cb-8a3a-7ea3ed6c5ce7\|108#1702164143174#-650300930\|124#1702164144481#724958388\|1245#1702164145431#1004006180

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://usv518.com/ Message: Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=13435' from origin 'https://usv518.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=13435 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1e3e8214ff9b9c9fb32c3d62e7f79558.safeframe.googlesyndication.com
a.tribalfusion.com
aax.amazon-adsystem.com
api.rlcdn.com
beacon.krxd.net
bidder.criteo.com
c.amazon-adsystem.com
capig.dotdashmdp.com
cdn.id5-sync.com
ce.lijit.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connect.facebook.net
d30qdagvt44524.cloudfront.net
direct.adsrvr.org
dis.eu.criteo.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.3gl.net
geo.privacymanager.io
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
idsync.rlcdn.com
idx.liadm.com
image2.pubmatic.com
image8.pubmatic.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
pagead2.googlesyndication.com
pippio.com
pixel.adsafeprotected.com
pixel.tapad.com
px.ads.linkedin.com
rp.liadm.com
rp4.liadm.com
rtb.gumgum.com
s.tribalfusion.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tru.am
usermatch.krxd.net
usv518.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.health.com
api.rlcdn.com
104.18.36.155
104.21.40.81
104.36.115.111
107.178.254.65
108.138.107.138
13.224.214.10
13.224.214.100
13.224.214.41
142.250.64.66
142.250.65.226
15.197.193.217
151.101.130.137
162.19.138.119
162.19.138.82
178.250.7.11
18.173.138.29
18.238.4.110
18.238.4.127
199.250.161.129
2001:4860:4802:38::178
23.4.232.54
2600:1f18:730:b130:f3cf:b4f3:7358:30cb
2600:1f18:75e7:5600:d90b:c352:5424:27fd
2600:9000:24f0:c000:19:bcbe:a700:21
2602:803:c002:200::41
2606:4700:10::ac43:266a
2606:4700:20::681a:374
2606:4700::6812:19ad
2607:f8b0:4004:c06::9b
2607:f8b0:4006:807::200e
2607:f8b0:4006:809::2002
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80f::2008
2607:f8b0:4006:80f::200e
2607:f8b0:4006:816::2004
2607:f8b0:4006:817::2001
2607:f8b0:4006:817::2003
2607:f8b0:4006:81e::2003
2607:f8b0:4006:821::2001
2607:f8b0:4006:823::200a
2607:f8b0:4006:824::2002
2620:100:a001::18
2620:100:a001::c
2620:1ec:21::14
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
34.111.113.62
34.199.164.108
34.225.218.210
34.230.132.179
35.168.105.22
35.168.129.45
35.211.156.215
35.244.154.8
44.197.19.224
54.156.40.244
54.82.17.205
63.251.114.136
68.67.179.166
74.119.119.139
8.28.7.82
8.28.7.83
93.184.216.86
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ca439ae95b1e3223806c8eae156e96a7425e845d6286f80c55ee919c551dd54
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
1548aabd8c69698cd8f0247200a23f032283ebe6598bbc1cf166738ca8fcf332
159bd804f3a207ce59088ef63f186ba5b3d906d5245b7bfa882a6a6c3f6a9314
1694b0332dc2a4166d195a82c5f95151b08871a1061cfefed8752137870dd858
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1df8d70b77010794aa9a8d3493c888941ab8339926c121c6d77d2f5ee78263af
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
2906980ba88d671b3be949900db8029e2ed3b2abc19ba451f5d48981a85b65ac
2f265aedd803ecf79ebdae2e5cc17e321dd5aab05c83061e98fecdc47ede3006
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
386fae2bb184273045545bcac78178b5be1c81de27279a4c77a810f575f6b31a
39042902d359aef11106ffb4110155585ae7a487d32d4949d9256ca9162aed6a
39dc5478283aaac4a2ad2270203659a0e43eb6070dfcb89df5ddbb9ab3feb5f7
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
43de94e5d09bd212a64d5bfa94c150b6c5d34c83c2b2ded84448452c97d4713f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44226fb374957695322423ac2401982cdc94b837295a4461fbc0176902d0a8fe
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a4feb5399d6f379f9290d45f4c6fb21a8e0546d3ff6da83d755c2d365f1369c
4d8fb2683bed8c78682a33c81668df4389f68d0ba078451a25c49510660f318f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
572bf71f796a41bbe8a57f57414c2dff7e0b71a021f01beb98aa9956741180e2
58dc4c5f7346bbfeeeb76aa70580a24002641fd8912ec2b391ea81272365a0ce
5a92e349c2463ec6d97447a8b10a87c9f717ec1b804db1a65de6fbb7c4a99d16
5fee74b1af0e1a3691da012bf658411db5e629546eb5e0ecfe187d171f094dfe
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63309939cb4a2a54802141c4809c7ebb51ef0459b3fcc57a4933fbcb17f9d408
67872a169ee77a9cccfa91914f20177406b6ed43126f9b386c8cd56a2cf94d08
69f9c44c720213068ec94aacfbc390ac848a14c4ed97d0dbb1960effaef0fbf4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fa7fa410ba94ca25ef597c33465f5725a6ce1639fcd4795c6e8c546d7a114a0
727b3ff0c716fa8e38788e3dab83691b06edf37ca523b826f9ef67700021516b
7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb
7f6a91a0565ef148b5076493542fa1d12c866bf7ed29237b18e4a87f44708647
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
826ef3565345b10e06dadc59c6b777a8cda15e6b78541972a08adc3eaa7b5bd0
82736fa40d3095feb1f0a4c1c58c68395f3f6cf30f8f72aef9cab94abb908fe5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847dce60a52a4bb58320489d3df9dcf0daa69615deebb0f77c9c846bb005d7ed
8671dff47a1474a2e10e0cc9485364ad23196de4d0c5c84818966906cad916e3
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
8bc8bb2ef9a799f3719e64256b03f6e9e8ed60a1ba1d1337e03a1a23cd33ac03
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
90558b7023dd8c461e9f68c62e57c0058cf64bd2b53a3146fb6e2a2bbb6dd9d0
917a3363e01b9d2ffcf9156ab3c078651d3b6d3dda7c683770bb7eaa422777d2
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
93d192a031c69be44e45f709700850be648793329a5aa09f3265c6b924035489
94780a88e87037b60248c09569a3f2d8cbb640df559a42347d662c8907b2b75a
9abba6801df0f94a091442236899db1020fd9fdc69767921821b606528078ca6
9b892059064a3641c6f49b51238f32533a8ca9e4bbe202962ed1977b6e04afa1
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2ecafde4bb13020fe3582ba845ab334f0448f6feaa622d17b9a15da32675a9a
a4425a95bbde1e10413ddadfdf0335fadb2991686a75e2afb1e5a935180bb529
a767164119117f308e2bf331ee6cd7eea4ba2849c2072a74eaba9ebae417df77
a7994942011cc67e16611c1415e53a5592de154e768bf8fc498dc2eb595c7be7
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
adb9929af16d4f0eee3d9765464d580492566f0818d213d6748af38ee0355820
ae11e6cd19ef32c311a04ebfa1b2633bf3465f8b8a4a4babc8874fa8eec08abf
b10c73618a36459290c577b4a46b6b1deef1b5d7c4963d7f9094e183db272fdc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b81b6a492c7f545b61b52634e93d9696300cbd2adde88277fe1f66064b1a3b9b
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9
b9e8f36d038e411c4af79a5af611add7b4ef85531d112b81f08d93a0fbf05bdf
bab12959d9a1f918e24d77d6913a2ba4b19a7fbb1dfef010a10fd7fa51f88533
be9bea6770d651de48544f9826037d79adac947e28f36d515e3895f8d2b75d23
c1df868b3de427d9c9fd0d9d51bae83f6590ba6ced15c81d1f3191f7cdc548ec
c299eb1c547a7c785f99a2e7d9b46a0cd0ca862c049d597f3a414cc76811961b
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
cc7866cb30d4d96494e616c19331c85dc123f71c8447b95ae7c44dc8ff96d79d
d2320cfcc7c95904b573d756dcda8e599f0fb7d2fc23c042c842fdf1b5d16e0e
d25d9281410b5f184a0db719586b6174c625553cb574ed52e26c6e64a120db61
d7d104bafc8b22c4ddac871d6a72aac20a7da5bb422dd894252c81410707d45c
da3af5afaea2e74fe28d1eb402363bddd2254e5a5beb9961625774290fcc5f40
dd0464c1b94d39e8958ba7a4c594cec1c1625ec4c5c154aa9ffc51de38e04da6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed14ad16d7ca467d578ac692a3bc317e39b2bede07d7c266bcd4dc064ca74895
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f2977f5138dde407df7c45bd570b2e31808208b2cb948ac9ee864c91a2d8701a
f524fbdd1f01bfa302c3c6a76c754436fb99bcaaea581c64d6ae5be390c3fddd

usv518.com Open in urlscan Pro 104.21.40.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

127 Requests

89 %HTTPS

41 %IPv6

42 Domains

68 Subdomains

51 IPs

4 Countries

1852 kBTransfer

5085 kBSize

67 Cookies

103 Outgoing links

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

usv518.com Open in urlscan Pro
104.21.40.81 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

89 %
HTTPS

41 %
IPv6

42
Domains

68
Subdomains

51
IPs

4
Countries

1852 kB
Transfer

5085 kB
Size

67
Cookies

127 HTTP transactions
3 data transactions