urlscan.io logo urlscan.io
SecurityTrails logo

picrew.me Open in urlscan Pro
108.139.47.28  Public Scan

Go To Rescan Add Verdict Report
URL: https://picrew.me/
Submission: On November 28 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 91 IPs in 8 countries across 106 domains to perform 426 HTTP transactions. The main IP is 108.139.47.28, located in United States and belongs to AMAZON-02, US. The main domain is picrew.me. The Cisco Umbrella rank of the primary domain is 161460.
TLS certificate: Issued by Amazon on May 16th 2022. Valid for: a year.
This is the only time picrew.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 108.139.47.28 16509 (AMAZON-02)
11 2607:f8b0:400... 15169 (GOOGLE)
1 130.211.14.194 15169 (GOOGLE)
21 2607:f8b0:400... 15169 (GOOGLE)
25 108.139.47.107 16509 (AMAZON-02)
17 2606:2800:220... 15133 (EDGECAST)
2 2607:f8b0:400... 15169 (GOOGLE)
14 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
12 2607:f8b0:400... 15169 (GOOGLE)
1 34.120.195.249 396982 (GOOGLE-CL...)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
4 104.244.42.200 13414 (TWITTER)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2a03:2880:f10... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
1 7 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 3 143.204.144.76 16509 (AMAZON-02)
1 2600:9000:210... 16509 (AMAZON-02)
4 133.186.12.12 10010 (TOKAI TOK...)
2 108.139.47.24 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
4 2600:1400:900... 20940 (AKAMAI-ASN1)
2 108.138.124.226 16509 (AMAZON-02)
2 2600:1901:0:e... 15169 (GOOGLE)
1 2606:2800:21f... 15133 (EDGECAST)
1 23 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 52.68.181.73 16509 (AMAZON-02)
1 2606:2800:220... 15133 (EDGECAST)
2 21 52.46.128.147 16509 (AMAZON-02)
23 34.102.128.115 396982 (GOOGLE-CL...)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 3 2620:116:800b... 27281 (QUANTCAST)
1 1 2600:9000:21d... 16509 (AMAZON-02)
13 62 142.251.32.98 15169 (GOOGLE)
2 2 35.190.90.30 15169 (GOOGLE)
3 5 8.28.7.81 62713 (AS-PUBMATIC)
5 8 8.43.72.97 26667 (RUBICONPR...)
4 7 172.64.154.237 13335 (CLOUDFLAR...)
2 2 52.73.27.182 14618 (AMAZON-AES)
8 2607:f8b0:400... 15169 (GOOGLE)
2 2 35.186.253.211 15169 (GOOGLE)
1 1 23.205.72.21 16625 (AKAMAI-AS)
2 2 2600:9000:220... 16509 (AMAZON-02)
1 51.222.39.185 16276 (OVH)
4 4 35.236.220.17 396982 (GOOGLE-CL...)
5 5 50.31.142.191 23352 (SERVERCEN...)
3 4 104.76.100.229 16625 (AKAMAI-AS)
2 35.244.159.8 15169 (GOOGLE)
1 1 199.187.193.179 47043 (SMARTADSE...)
12 12 2606:ae80:145... 26762 (CNVR-US-EAST)
4 9 54.84.41.227 14618 (AMAZON-AES)
3 69.192.109.53 16625 (AKAMAI-AS)
1 52.54.87.42 14618 (AMAZON-AES)
4 72.247.65.83 16625 (AKAMAI-AS)
3 6 198.148.27.139 19189 (PULSEPOINT)
3 23 44.208.243.83 14618 (AMAZON-AES)
5 6 68.67.161.182 29990 (ASN-APPNEX)
1 2600:9000:21e... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 2602:803:c002... 26667 (RUBICONPR...)
1 104.36.115.111 62713 (AS-PUBMATIC)
1 103.132.192.30 138552 (RTBHOUSE-...)
1 2620:100:a001... 19750 (AS-CRITEO)
1 222.230.178.130 2519 (VECTANT A...)
1 4 2600:1f18:4e9... 14618 (AMAZON-AES)
10 10 3.33.220.150 16509 (AMAZON-02)
1 34.98.64.218 396982 (GOOGLE-CL...)
4 34.224.202.219 14618 (AMAZON-AES)
2 2 69.173.151.100 26667 (RUBICONPR...)
2 3 35.207.24.140 15169 (GOOGLE)
2 2 192.35.249.138 11742 (SPOTX-IAD)
2 2 68.67.160.137 29990 (ASN-APPNEX)
3 4 185.167.164.37 198622 (ADFORM)
4 4 151.101.130.49 54113 (FASTLY)
12 8.28.7.83 62713 (AS-PUBMATIC)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
3 3 74.121.140.14 30419 (MEDIAMATH...)
4 162.248.18.34 62713 (AS-PUBMATIC)
3 4 2620:112:f002... 6336 (TURN-US-ASN)
2 34.96.105.8 396982 (GOOGLE-CL...)
2 2 74.119.119.150 19750 (AS-CRITEO)
1 1 44.198.145.93 14618 (AMAZON-AES)
2 2 3.89.15.250 14618 (AMAZON-AES)
4 4 3.218.90.66 14618 (AMAZON-AES)
1 1 138.197.63.78 14061 (DIGITALOC...)
1 63.251.28.233 13789 (INTERNAP-...)
3 3 207.198.113.86 13768 (COGECO-PEER1)
3 3 3.219.40.213 14618 (AMAZON-AES)
2 2 107.178.246.49 15169 (GOOGLE)
1 1 52.86.67.184 14618 (AMAZON-AES)
4 4 199.127.204.171 26120 (RHYTHMONE)
6 7 34.204.163.217 14618 (AMAZON-AES)
1 1 35.186.193.173 15169 (GOOGLE)
3 3 35.211.178.172 15169 (GOOGLE)
1 1 52.86.222.203 14618 (AMAZON-AES)
2 2 199.38.167.130 54312 (ROCKETFUEL)
1 1 44.196.169.238 14618 (AMAZON-AES)
2 2 20.127.253.7 8075 (MICROSOFT...)
2 2 162.19.138.117 16276 (OVH)
2 2 3.135.132.32 16509 (AMAZON-02)
4 4 8.43.72.98 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 2 52.3.184.194 14618 (AMAZON-AES)
3 3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 54.159.236.39 14618 (AMAZON-AES)
1 1 2600:1f18:612... 14618 (AMAZON-AES)
1 1 124.146.215.47 2514 (INFOSPHER...)
1 18.179.183.255 16509 (AMAZON-02)
1 2 2600:1901:0:80:: 15169 (GOOGLE)
2 2620:100:a001::4 19750 (AS-CRITEO)
2 142.251.35.162 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 7 192.40.39.223 27381 (CASALE-MEDIA)
2 2 34.192.29.175 14618 (AMAZON-AES)
3 3 174.137.133.49 27257 (WEBAIR-IN...)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
2 74.119.119.139 19750 (AS-CRITEO)
1 2406:da14:f1:... 16509 (AMAZON-02)
1 104.18.36.94 13335 (CLOUDFLAR...)
1 1 129.159.70.95 31898 (ORACLE-BM...)
1 1 199.187.193.192 47043 (SMARTADSE...)
4 4 146.59.148.16 16276 (OVH)
2 2 50.16.197.56 14618 (AMAZON-AES)
1 2 35.201.96.126 15169 (GOOGLE)
1 2 50.57.31.206 19994 (RACKSPACE)
1 13.225.214.84 16509 (AMAZON-02)
1 44.208.184.190 14618 (AMAZON-AES)
2 2 15.235.43.120 16276 (OVH)
1 35.214.223.115 15169 (GOOGLE)
1 172.64.151.162 13335 (CLOUDFLAR...)
426 91
2    108.139.47.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-28.jfk50.r.cloudfront.net
picrew.me
11    2607:f8b0:4006:81e::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.ca
1    130.211.14.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.14.211.130.bc.googleusercontent.com
cdn-fluct.sh.adingo.jp
21    2607:f8b0:4006:821::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
25    108.139.47.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-107.jfk50.r.cloudfront.net
cdn.picrew.me
17    2606:2800:220:de:468:2285:c1:4a3 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2607:f8b0:4006:821::2008 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
14    2607:f8b0:4006:824::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
12    2607:f8b0:4006:817::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.ca
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o1125947.ingest.sentry.io
2    2a03:2880:f02c:112:face:b00c:0:3 (Boca Raton, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2607:f8b0:4006:80d::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
4    2607:f8b0:4006:816::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
4    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
3    2607:f8b0:4006:824::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
7    2607:f8b0:4006:816::2004 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:817::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
www.google.ca
3    143.204.144.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-144-76.ewr52.r.cloudfront.net
c.amazon-adsystem.com
1    2600:9000:210b:b800:11:1ed0:3900:21 (United States)

ASN16509 (AMAZON-02, US)
d3div1mtym39ic.cloudfront.net
4    133.186.12.12 (Yokodai, Japan)

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p012.net133186012.broadline.ne.jp
cpt.geniee.jp
2    108.139.47.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-24.jfk50.r.cloudfront.net
l.logly.co.jp
5    2607:f8b0:4006:81c::2001 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
4    2600:1400:9000::172c:edb9 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
dmp.im-apps.net
2    108.138.124.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-124-226.jfk50.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
aax.amazon-adsystem.com
2    2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
audiencedata.im-apps.net
1    2606:2800:21f:5b71:3e29:d001:be46:4bcc (United States)

ASN15133 (EDGECAST, US)
abs.twimg.com
23    2607:f8b0:4006:816::2001 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2607:f8b0:4006:81c::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2607:f8b0:4006:806::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    52.68.181.73 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-181-73.ap-northeast-1.compute.amazonaws.com
sync.logly.co.jp
1    2606:2800:220:1410:489:141e:20bb:12f6 (United States)

ASN15133 (EDGECAST, US)
pbs.twimg.com
21    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
23    34.102.128.115 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 115.128.102.34.bc.googleusercontent.com
g.bidbrain.app
4    2607:f8b0:4006:823::2006 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
static.doubleclick.net
2    2001:4860:4802:36::35 (United States)

ASN15169 (GOOGLE, US)
post-endpoint-gckeev2zma-an.a.run.app
3    2620:116:800b:21:1456:d0e1:7db4:a56b (United States)

ASN27281 (QUANTCAST, US)
cms.quantserve.com
1    2600:9000:21da:bc00:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
62    142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
cm.g.doubleclick.net
www.googletagservices.com
2    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
5    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
8    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
7    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
htlb.casalemedia.com
ssum.casalemedia.com
2    52.73.27.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-27-182.compute-1.amazonaws.com
cc.adingo.jp
8    2607:f8b0:4006:81c::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    23.205.72.21 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-72-21.deploy.static.akamaitechnologies.com
cs.media.net
2    2600:9000:2209:4a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    51.222.39.185 (Canada)

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net
onetag-sys.com
4    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
5    50.31.142.191 (Elmhurst, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
4    104.76.100.229 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-100-229.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
1    199.187.193.179 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-us.smartadserver.com
12    2606:ae80:1451:22::760 (United States)

ASN26762 (CNVR-US-EAST, US)
amazon-tam-match.dotomi.com
pulsepoint-match.dotomi.com
yieldmo-match.dotomi.com
emx-match.dotomi.com
dclk-match.dotomi.com
pubmatic-match.dotomi.com
9    54.84.41.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-41-227.compute-1.amazonaws.com
match.sharethrough.com
3    69.192.109.53 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-109-53.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    52.54.87.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-87-42.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
4    72.247.65.83 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-65-83.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
23    44.208.243.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-243-83.compute-1.amazonaws.com
e1.emxdgt.com
cs.emxdgt.com
6    68.67.161.182 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    2600:9000:21ec:a600:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
wrappers.geoedge.be
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
7    2602:803:c002:300::98 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
1    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
1    222.230.178.130 (Asahikawa, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
aladdin.genieesspv.jp
4    2600:1f18:4e9:5a01:da63:dddc:8a85:cc5e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
10    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
4    34.224.202.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-202-219.compute-1.amazonaws.com
ads.yieldmo.com
2    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
3    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
2    192.35.249.138 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
2    68.67.160.137 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
4    185.167.164.37 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
12    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
3    74.121.140.14 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
4    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
2    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    44.198.145.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-145-93.compute-1.amazonaws.com
openrtb-us-east-1.axonix.com
2    3.89.15.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-89-15-250.compute-1.amazonaws.com
sync.ipredictive.com
4    3.218.90.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com
pixel.advertising.com
ups.analytics.yahoo.com
1    138.197.63.78 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.resetdigital.co
1    63.251.28.233 (United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
3    207.198.113.86 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    3.219.40.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-40-213.compute-1.amazonaws.com
sync.crwdcntrl.net
2    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
1    52.86.67.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-67-184.compute-1.amazonaws.com
aorta.clickagy.com
4    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
7    34.204.163.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-163-217.compute-1.amazonaws.com
match.prod.bidr.io
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
3    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    52.86.222.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-222-203.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
a.rfihub.com
1    44.196.169.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-169-238.compute-1.amazonaws.com
fksnk.com
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
2    3.135.132.32 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-132-32.us-east-2.compute.amazonaws.com
sync-dmp.mobtrakk.com
4    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    52.3.184.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-184-194.compute-1.amazonaws.com
match.360yield.com
3    2606:4700:20::681a:832 (United States)

ASN13335 (CLOUDFLARENET, US)
a.clickcertain.com
2    54.159.236.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-236-39.compute-1.amazonaws.com
i.liadm.com
1    2600:1f18:612b:4200:4221:38a7:d65:6c93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
google.partners.tremorhub.com
1    124.146.215.47 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    18.179.183.255 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-183-255.ap-northeast-1.compute.amazonaws.com
sync.im-apps.net
2    2600:1901:0:80:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
aw.dw.impact-ad.jp
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
2    142.251.35.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2607:f8b0:4006:824::2006 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
7    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    34.192.29.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-29-175.compute-1.amazonaws.com
pm.w55c.net
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    2406:da14:f1:2005:2cf6:86a:f79a:e4ce (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
sync6.im-apps.net
1    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    129.159.70.95 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    199.187.193.192 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
4    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel.onaudience.com
2    50.16.197.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com
loada.exelator.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
1    13.225.214.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-84.ewr50.r.cloudfront.net
aa.agkn.com
1    44.208.184.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-184-190.compute-1.amazonaws.com
rtb.adentifi.com
2    15.235.43.120 (Canada)

ASN16276 (OVH, FR)
PTR: ns5012071.ip-15-235-43.net
gu.dyntrk.com
1    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
1    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
Apex Domain
Subdomains		 Transfer
84 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 248
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
stats.g.doubleclick.net — Cisco Umbrella Rank: 142
static.doubleclick.net — Cisco Umbrella Rank: 350
cm.g.doubleclick.net — Cisco Umbrella Rank: 271
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 356
395 KB
49 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 182
447 KB
27 picrew.me
picrew.me — Cisco Umbrella Rank: 161460
cdn.picrew.me — Cisco Umbrella Rank: 201520
969 KB
26 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 410
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 704
s.amazon-adsystem.com — Cisco Umbrella Rank: 396
aax.amazon-adsystem.com — Cisco Umbrella Rank: 1065
20 KB
25 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 411
eus.rubiconproject.com — Cisco Umbrella Rank: 735
fastlane.rubiconproject.com — Cisco Umbrella Rank: 607
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1491
token.rubiconproject.com — Cisco Umbrella Rank: 732
41 KB
25 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 871
ads.pubmatic.com — Cisco Umbrella Rank: 635
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 622
simage2.pubmatic.com — Cisco Umbrella Rank: 819
image4.pubmatic.com — Cisco Umbrella Rank: 1287
image2.pubmatic.com — Cisco Umbrella Rank: 1258
simage4.pubmatic.com — Cisco Umbrella Rank: 1455
37 KB
23 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 967
cs.emxdgt.com — Cisco Umbrella Rank: 1375
5 KB
23 bidbrain.app
g.bidbrain.app — Cisco Umbrella Rank: 86708
156 B
21 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 946
syndication.twitter.com — Cisco Umbrella Rank: 1158
791 KB
14 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 562
htlb.casalemedia.com — Cisco Umbrella Rank: 689
ssum.casalemedia.com — Cisco Umbrella Rank: 1863
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 705
12 KB
14 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
8 KB
12 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 8460
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 10982
yieldmo-match.dotomi.com — Cisco Umbrella Rank: 7260
emx-match.dotomi.com — Cisco Umbrella Rank: 12082
dclk-match.dotomi.com — Cisco Umbrella Rank: 4274
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4207
4 KB
12 gstatic.com
www.gstatic.com
fonts.gstatic.com
164 KB
11 google.com
adservice.google.com — Cisco Umbrella Rank: 121
www.google.com — Cisco Umbrella Rank: 16
1 KB
10 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 454
5 KB
9 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 575
3 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 276
secure.adnxs.com — Cisco Umbrella Rank: 577
8 KB
8 im-apps.net
dmp.im-apps.net — Cisco Umbrella Rank: 22799
audiencedata.im-apps.net — Cisco Umbrella Rank: 33476
sync.im-apps.net — Cisco Umbrella Rank: 7859
sync6.im-apps.net — Cisco Umbrella Rank: 74316
8 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 690
2 KB
7 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 576
ups.analytics.yahoo.com — Cisco Umbrella Rank: 373
4 KB
7 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 814
dis.criteo.com — Cisco Umbrella Rank: 786
gum.criteo.com — Cisco Umbrella Rank: 434
mug.criteo.com — Cisco Umbrella Rank: 1897
3 KB
6 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 813
5 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 219
284 KB
5 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 8302
ads.yieldmo.com — Cisco Umbrella Rank: 837
3 KB
5 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 739
3 KB
5 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1980
u.openx.net — Cisco Umbrella Rank: 978
us-u.openx.net — Cisco Umbrella Rank: 585
2 KB
5 google.ca
adservice.google.ca — Cisco Umbrella Rank: 8833
www.google.ca — Cisco Umbrella Rank: 5106
2 KB
4 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3958
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1083
r.turn.com — Cisco Umbrella Rank: 4504
2 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 865
2 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 876 Failed
976 B
4 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 679
tags.bluekai.com
2 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1152
2 KB
4 logly.co.jp
l.logly.co.jp — Cisco Umbrella Rank: 51561
sync.logly.co.jp — Cisco Umbrella Rank: 57494
28 KB
4 geniee.jp
cpt.geniee.jp — Cisco Umbrella Rank: 76409
212 KB
3 clickcertain.com
a.clickcertain.com — Cisco Umbrella Rank: 7303
2 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 381
2 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 652
2 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1079
2 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 926
2 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 602
2 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 495
570 B
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1338
934 B
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 956
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 84
20 KB
3 adingo.jp
cdn-fluct.sh.adingo.jp — Cisco Umbrella Rank: 136435
cc.adingo.jp — Cisco Umbrella Rank: 3863
5 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1407
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1568
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 6386
619 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 18479
2 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 888
cdn.indexww.com — Cisco Umbrella Rank: 2113
2 KB
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 5698
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1118
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 590
58 KB
2 impact-ad.jp
aw.dw.impact-ad.jp — Cisco Umbrella Rank: 83302
410 B
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 900
2 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3136
784 B
2 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 6452
797 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 554
3 KB
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1814
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1146
a.rfihub.com — Cisco Umbrella Rank: 4553
2 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 620
779 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1314
1009 B
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2702
291 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 1181
719 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 709
1 KB
2 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 7191
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 615
832 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 862
1 KB
2 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1265
745 B
2 agkn.com
d.agkn.com — Cisco Umbrella Rank: 940
aa.agkn.com — Cisco Umbrella Rank: 649
1 KB
2 run.app
post-endpoint-gckeev2zma-an.a.run.app — Cisco Umbrella Rank: 237267
261 B
2 twimg.com
abs.twimg.com — Cisco Umbrella Rank: 1907
pbs.twimg.com — Cisco Umbrella Rank: 697
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
89 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 300
82 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 106
123 KB
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1057
40 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1820
35 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1657
781 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 7543
529 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 332
38 KB
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1060
1 KB
1 tremorhub.com
google.partners.tremorhub.com — Cisco Umbrella Rank: 19125
639 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 563
575 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 7707
614 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1021
586 B
1 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 4544
406 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1440
581 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2553
425 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 850
639 B
1 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 5358
384 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1786
313 B
1 axonix.com
openrtb-us-east-1.axonix.com — Cisco Umbrella Rank: 11390
493 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4860
391 B
1 genieesspv.jp
aladdin.genieesspv.jp — Cisco Umbrella Rank: 82494
7 KB
1 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 12540
172 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 467
2 KB
1 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 18752
3 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 983
149 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 2198
665 B
1 cloudfront.net
d3div1mtym39ic.cloudfront.net
39 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
185 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 961
695 B
1 sentry.io
o1125947.ingest.sentry.io — Cisco Umbrella Rank: 223288
273 B
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
0 ladsp.com Failed
pb.ladsp.com Failed
0 uncn.jp Failed
ds.uncn.jp Failed
426 106
Domain Requested by
58 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
picrew.me
u.openx.net
sync-amz.ads.yieldmo.com
4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
eus.rubiconproject.com
25 cdn.picrew.me picrew.me
cdn.picrew.me
23 g.bidbrain.app googleads.g.doubleclick.net
picrew.me
4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
23 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
picrew.me
4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
tpc.googlesyndication.com
21 e1.emxdgt.com 1 redirects s.amazon-adsystem.com
e1.emxdgt.com
21 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
u.openx.net
bh.contextweb.com
sync-amz.ads.yieldmo.com
match.sharethrough.com
eus.rubiconproject.com
ads.pubmatic.com
e1.emxdgt.com
ssum-sec.casalemedia.com
21 pagead2.googlesyndication.com picrew.me
pagead2.googlesyndication.com
cdn.picrew.me
googleads.g.doubleclick.net
4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
www.googletagservices.com
tpc.googlesyndication.com
17 platform.twitter.com picrew.me
platform.twitter.com
syndication.twitter.com
14 fonts.googleapis.com cdn.picrew.me
googleads.g.doubleclick.net
4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
picrew.me
10 match.adsrvr.org 10 redirects
10 securepubads.g.doubleclick.net picrew.me
securepubads.g.doubleclick.net
9 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
8 simage2.pubmatic.com ads.pubmatic.com
8 fonts.gstatic.com fonts.googleapis.com
8 pixel.rubiconproject.com 5 redirects eus.rubiconproject.com
7 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
7 match.prod.bidr.io 6 redirects e1.emxdgt.com
7 fastlane.rubiconproject.com cpt.geniee.jp
7 www.google.com 1 redirects picrew.me
googleads.g.doubleclick.net
4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
6 ib.adnxs.com 5 redirects googleads.g.doubleclick.net
6 bh.contextweb.com 3 redirects s.amazon-adsystem.com
bh.contextweb.com
6 www.googletagservices.com googleads.g.doubleclick.net
picrew.me
4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
5 b1sync.zemanta.com 5 redirects
5 ssum-sec.casalemedia.com 3 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
5 image6.pubmatic.com 3 redirects ads.pubmatic.com
5 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 pixel.onaudience.com 4 redirects
4 token.rubiconproject.com 4 redirects
4 image2.pubmatic.com ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 ads.yieldmo.com sync-amz.ads.yieldmo.com
4 pr-bh.ybp.yahoo.com 1 redirects u.openx.net
ads.pubmatic.com
ssum-sec.casalemedia.com
4 sync-tm.everesttech.net u.openx.net
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
cpt.geniee.jp
4 um.simpli.fi 4 redirects
4 static.doubleclick.net googleads.g.doubleclick.net
4 www.gstatic.com googleads.g.doubleclick.net
picrew.me
4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
4 dmp.im-apps.net l.logly.co.jp
dmp.im-apps.net
cpt.geniee.jp
4 cpt.geniee.jp cdn.picrew.me
cpt.geniee.jp
4 syndication.twitter.com platform.twitter.com
picrew.me
syndication.twitter.com
4 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 adservice.google.ca pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 a.clickcertain.com 3 redirects
3 x.bidswitch.net 3 redirects
3 sync.1rx.io 3 redirects
3 sync.crwdcntrl.net 3 redirects
3 pixel-sync.sitescout.com 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 ad.turn.com 3 redirects
3 sync.mathtag.com 3 redirects
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 rtb.mfadsrvr.com 2 redirects e1.emxdgt.com
3 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
cpt.geniee.jp
3 cms.quantserve.com 2 redirects googleads.g.doubleclick.net
3 c.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 gu.dyntrk.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 1 redirects ads.pubmatic.com
2 tags.bluekai.com 1 redirects ads.pubmatic.com
2 loada.exelator.com 2 redirects
2 mug.criteo.com picrew.me
2 gum.criteo.com 1 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 rtb2-useast.e-volution.ai 2 redirects
2 pm.w55c.net 2 redirects
2 googleads4.g.doubleclick.net picrew.me
2 static.criteo.net cpt.geniee.jp
static.criteo.net
2 aw.dw.impact-ad.jp 1 redirects sync.logly.co.jp
2 i.liadm.com 2 redirects
2 match.360yield.com 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 sync-dmp.mobtrakk.com 2 redirects
2 cs.emxdgt.com 2 redirects
2 id5-sync.com 2 redirects
2 sync.inmobi.com 2 redirects
2 pixel.tapad.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 emx-match.dotomi.com 2 redirects
2 dis.criteo.com 2 redirects
2 tr.blismedia.com e1.emxdgt.com
4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
2 image4.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 secure.adnxs.com 2 redirects
2 sync.search.spotxchange.com 2 redirects
2 pixel-us-east.rubiconproject.com 2 redirects
2 yieldmo-match.dotomi.com 2 redirects
2 pulsepoint-match.dotomi.com 2 redirects
2 us-u.openx.net u.openx.net
2 amazon-tam-match.dotomi.com 2 redirects
2 stags.bluekai.com 2 redirects
2 s.ad.smaato.net 2 redirects
2 rtb.openx.net 2 redirects
2 cc.adingo.jp 2 redirects
2 odr.mookie1.com 2 redirects
2 post-endpoint-gckeev2zma-an.a.run.app cpt.geniee.jp
2 sync.logly.co.jp l.logly.co.jp
sync.logly.co.jp
2 audiencedata.im-apps.net dmp.im-apps.net
2 l.logly.co.jp picrew.me
l.logly.co.jp
2 connect.facebook.net cdn.picrew.me
connect.facebook.net
2 cdnjs.cloudflare.com cdn.picrew.me
cdnjs.cloudflare.com
2 www.googletagmanager.com picrew.me
www.googletagmanager.com
2 picrew.me cdn.picrew.me
1 cdn.indexww.com ssum-sec.casalemedia.com
1 csync.loopme.me ssum-sec.casalemedia.com
1 rtb.adentifi.com ads.pubmatic.com
1 aa.agkn.com ads.pubmatic.com
1 rtb-csync.smartadserver.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 js-sec.indexww.com cpt.geniee.jp
1 sync6.im-apps.net cpt.geniee.jp
1 aax.amazon-adsystem.com picrew.me
1 a.rfihub.com 1 redirects
1 dsp.adkernel.com 1 redirects
1 s0.2mdn.net 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
1 sync.im-apps.net sync.logly.co.jp
1 tg.socdm.com 1 redirects
1 google.partners.tremorhub.com 1 redirects
1 r.turn.com picrew.me
1 px.ads.linkedin.com eus.rubiconproject.com
1 fksnk.com 1 redirects
1 p.rfihub.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 cm.ctnsnet.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 aorta.clickagy.com 1 redirects
1 ads.stickyadstv.com e1.emxdgt.com
1 sync.resetdigital.co 1 redirects
1 pixel.advertising.com 1 redirects
1 openrtb-us-east-1.axonix.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 ssum.casalemedia.com 1 redirects
1 aladdin.genieesspv.jp cpt.geniee.jp
1 bidder.criteo.com cpt.geniee.jp
1 prebid-asia.creativecdn.com cpt.geniee.jp
1 htlb.casalemedia.com cpt.geniee.jp
1 hbopenbid.pubmatic.com cpt.geniee.jp
1 cdn.jsdelivr.net cpt.geniee.jp
1 wrappers.geoedge.be cpt.geniee.jp
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 ssbsync-us.smartadserver.com 1 redirects
1 u.openx.net s.amazon-adsystem.com
1 onetag-sys.com s.amazon-adsystem.com
1 cs.media.net 1 redirects
1 d.agkn.com 1 redirects
1 pbs.twimg.com syndication.twitter.com
1 abs.twimg.com platform.twitter.com
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 d3div1mtym39ic.cloudfront.net picrew.me
1 www.google.ca picrew.me
1 stats.g.doubleclick.net www.google-analytics.com
1 www.facebook.com picrew.me
1 partner.googleadservices.com pagead2.googlesyndication.com
1 o1125947.ingest.sentry.io cdn.picrew.me
1 cdn-fluct.sh.adingo.jp picrew.me
0 cs.chocolateplatform.com Failed 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
0 pb.ladsp.com Failed cpt.geniee.jp
0 ds.uncn.jp Failed cpt.geniee.jp
426 160

This site contains links to these domains. Also see Links.

Domain
dsp.logly.co.jp
www.logly.co.jp
support.picrew.me
tetrachroma.co.jp
twitter.com
Subject Issuer Validity Valid
picrew.me
Amazon		 2022-05-16 -
2023-06-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
cdn-fluct.sh.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-12 -
2023-10-15		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.ingest.sentry.io
R3		 2022-10-19 -
2023-01-17		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-06 -
2022-12-05		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.geniee.jp
GeoTrust RSA CA 2018		 2022-03-04 -
2023-04-04		 a year crt.sh
*.logly.co.jp
Amazon		 2022-07-03 -
2023-08-01		 a year crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-10 -
2023-06-11		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
audiencedata.im-apps.net
GTS CA 1D4		 2022-10-17 -
2023-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
g.bidbrain.app
GTS CA 1D4		 2022-10-07 -
2023-01-05		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.a.run.app
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2022-05-18 -
2023-06-19		 a year crt.sh
gw.geoedge.be
Amazon		 2022-09-12 -
2023-10-10		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.genieesspv.jp
GeoTrust RSA CA 2018		 2022-04-18 -
2023-04-12		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-10-16 -
2023-01-14		 3 months crt.sh
rtb.mfadsrvr.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-27 -
2022-12-27		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
adentifi.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh
loopme.com
R3		 2022-11-25 -
2023-02-23		 3 months crt.sh

This page contains 48 frames:

Primary Page: https://picrew.me/
Frame ID: EA83C28E33CEE25571B3FDDECE5F1D5F
Requests: 128 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 0B47EBBE8CCB9291F50E6859B6A26238
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fpicrew.me
Frame ID: FB602DE71DD236AE4E0E67BE77E42011
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&adk=1812271804&adf=3025194257&lmt=1669616659&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fpicrew.me%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616659075&bpp=11&bdt=187&idt=276&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3839047260290&frm=20&pv=2&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=298
Frame ID: 1A4F7D6B727646EC3B6DDE087AE84423
Requests: 1 HTTP requests in this frame

Frame: https://syndication.twitter.com/srv/timeline-profile/screen-name/picrew_tc?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=ja&maxHeight=400px&origin=https%3A%2F%2Fpicrew.me%2F&sessionId=9209b315dd027bacfa0705a5e5562084d3b7f79f&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
Frame ID: 231E2080DD4085627720D159F9ED07DC
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Frame ID: 0A42E7F88BDEFA916B90725DE61658EC
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Frame ID: 2327594BE3228E564E5EA7D63B72C9D4
Requests: 18 HTTP requests in this frame

Frame: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0763F483F4D7FF168DA046081317F8AB
Requests: 1 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: FA1CD9B4F5E74A62AF9DB97210220F0C
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&dcc=t
Frame ID: 9E2C75EA91B2319766F2B87B0A600D54
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BA4900B43A9CD04F6BE53733FAEA699F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8732A95F062AAEA8721349FCBA61E594
Requests: 9 HTTP requests in this frame

Frame: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 57D08B7E6B619A4D123136BC47477560
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 734E4B257BB3C01DC862CD379C897D1C
Requests: 6 HTTP requests in this frame

Frame: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BA8F60C022E39EA2F57944AE52AC6F5F
Requests: 20 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E9%96%89%E3%81%98%E3%82%8B
Frame ID: 5C230AAD3171B961260D8FB41EE3B3A5
Requests: 9 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 7D43C3B1F786251128D2502E9F139873
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3010092134319996953&gdpr=0&gdpr_consent=
Frame ID: A1482C81C37064EFE5A65B2BE4970271
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHRaVpLKEs-gNCLw_JAAAAAAA&expiration=1669703062&is_secure=true
Frame ID: C7B3F61EB108440DE17F57342ADDC0C4
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 8C368715049DA0C4A66A6E4EE4F5B3C3
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 9ABA538BA7BC1DD46387D8FD915CC4B5
Requests: 11 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 8C04786BD9609FDC6226B98860304E17
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 12D128D7512AE021CDF0FF48E9BBCC30
Requests: 11 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: E82EF52031955B753E222777566FDD21
Requests: 4 HTTP requests in this frame

Frame: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Frame ID: 11F3E299CB9A28CAE50B22B12474D0C0
Requests: 25 HTTP requests in this frame

Frame: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3F39FDAFCDBD29B5D3114FA4A1F75B9F
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 3FC03A8B2F726F85536AB94B0F0386ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B46C33B09C07856ADEBBE9BA3561C21F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 74C976F2703C0F8B09F78834003461DC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DCF299D592992C627DCE3CD915B5B28C
Requests: 9 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FD778D32-FCC7-48BE-97AF-F45BB995A558&gdpr=0&gdpr_consent=
Frame ID: 1BB0F080166A74D20F52E8525B893624
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4RUFgALctGZaQAO&gdpr=0&gdpr_consent=&_test=Y4RUFgALctGZaQAO
Frame ID: CA7C93DEAA0D63FDDB20C476B36268BC
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDFD778D32-FCC7-48BE-97AF-F45BB995A558
Frame ID: B0A0122F644FD433D3F47A4451186C0B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2F0DDC4277D460BBA3CB4B6813C763CE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: D3464BD858FAF1FD11A3853C17BC5FE0
Requests: 1 HTTP requests in this frame

Frame: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 737E1573035BEFE0C9F274FC4C6196AD
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK36vQEQiPmEAhigoIXZATAB&v=APEucNU6V8EOt6i6k-aloXTwSXN1rU_ND99Ar06eEiSujq3jvzfRv3io0uyDnraKsK9qveMjh63zSyLimXNJts4qQtclmtnZZA
Frame ID: 48C2DFE9FC461D9744C86DFCE46A5F11
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0F5423C50504B03D7CC8B422C36C2CA5
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F8F9C79D2213FBBDDA0BD2F7AEA15B82
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Frame ID: 30674D959436B5CBE42678C5336DE49E
Requests: 12 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D373DCD9F15666757C0AEEF648E6FB99
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CB76548120951F9D1A7AD42E693B7CB5
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpicrew.me%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 834F08674E642000E13B4FFD4FF3A19C
Requests: 10 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=FD778D32-FCC7-48BE-97AF-F45BB995A558&redir=true&gdpr=0&gdpr_consent=
Frame ID: 1F887EEF5DDBDBFABBE95952BF709992
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8ac76384-5417-4b00-bb0b-b43fe5361767&gdpr=0&gdpr_consent=
Frame ID: EFB6E207207B331F48AE8310BC021580
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFJPk7HCKgAACEEnrKbcQ
Frame ID: 6580394DC71C1ECAC6D2750FD796BE04
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 860A5F1CC053DAD780DECCFDB65ED477
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1494929651579611740&gdpr=0&gdpr_consent=
Frame ID: 3A75B51E169FC056558D8985592BDE11
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Picrew|つくってあそべる画像メーカー

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

426
Requests

71 %
HTTPS

32 %
IPv6

106
Domains

160
Subdomains

91
IPs

8
Countries

3900 kB
Transfer

9945 kB
Size

177
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Request Chain 125
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&dcc=t
Request Chain 133
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_74LJwAEQlgEYlgEyCCaL1LRoi4G2 HTTP 301
  • https://tpc.googlesyndication.com/simgad/11615288075056002177
Request Chain 143
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEBTNu37xoDECABy73GrRmns&google_cver=1&google_push=ASkJ3FYdQesctKMU1uMxFW5aHvU42woOi7sRsDEOcCV8D8_t0h2qNDeDxOc8z0m0WGt9IpVE-1CP7htjyd4QJ4H9lflhKpWC4HOO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYdQesctKMU1uMxFW5aHvU42woOi7sRsDEOcCV8D8_t0h2qNDeDxOc8z0m0WGt9IpVE-1CP7htjyd4QJ4H9lflhKpWC4HOO&google_hm=Q0FFU0VCVE51Mzd4b0RFQ0FCeTczR3JSbW5z
Request Chain 144
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEH_Dtx7Uf4lb1WX0Hk3LxTE&google_push=ASkJ3FYtocTd_ZKX1OkTt3XhraDdoB8LgTYfY3XOY8v2Lz1B-jqElYXb7DN8YHjJU-J3SFK7P3U_Liqxlla9BsqI_ZS31MemjkHb&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3FYtocTd_ZKX1OkTt3XhraDdoB8LgTYfY3XOY8v2Lz1B-jqElYXb7DN8YHjJU-J3SFK7P3U_Liqxlla9BsqI_ZS31MemjkHb&google_hm=MTA2MjAxMjEyNDAzNDE1OTk1NTc
Request Chain 145
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJTQpikqmUjq3lkkiVqgCmo&google_cver=1&google_push=ASkJ3Fa5Qb0plC6eeuW8PG8ghusB_4sGOseJXcWfvahE30nB_vMIm8YISDxAclJvhVAwlLiOPrRMRFwWsAiE5Spnj3PrpjfMHYmO HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJTQpikqmUjq3lkkiVqgCmo&google_cver=1&google_push=ASkJ3Fa5Qb0plC6eeuW8PG8ghusB_4sGOseJXcWfvahE30nB_vMIm8YISDxAclJvhVAwlLiOPrRMRFwWsAiE5Spnj3PrpjfMHYmO&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_XeNMvzHSL6Xr_RbuZWlWA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3Fa5Qb0plC6eeuW8PG8ghusB_4sGOseJXcWfvahE30nB_vMIm8YISDxAclJvhVAwlLiOPrRMRFwWsAiE5Spnj3PrpjfMHYmO
Request Chain 146
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHoiSHzatQqB0Myj1GlWybo&google_cver=1&google_push=ASkJ3FZIw0zF_pVuaL8ZdZMgbXYdSCrPTQ85BLPCWAgdSp5Zhwmlsksgm5BShCiE4FvsnmHYeT9rpH9I15koUg_2ZEESSfFxQaGI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwRU5IRU0tMVAtMU9SWQ==&google_push=ASkJ3FZIw0zF_pVuaL8ZdZMgbXYdSCrPTQ85BLPCWAgdSp5Zhwmlsksgm5BShCiE4FvsnmHYeT9rpH9I15koUg_2ZEESSfFxQaGI
Request Chain 147
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFr4bII7dKJq5CUhBn3mpXE&google_cver=1&google_push=ASkJ3FbKr2zXMdIxrH2s3MneLimcic6-fg2lFTB_NmstmF5Qymiho9YF2BuD4h7CylC7HSsubJjg4BmBqf27l55ZSHn0WFxpWBxk HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFr4bII7dKJq5CUhBn3mpXE&google_push=ASkJ3FbKr2zXMdIxrH2s3MneLimcic6-fg2lFTB_NmstmF5Qymiho9YF2BuD4h7CylC7HSsubJjg4BmBqf27l55ZSHn0WFxpWBxk&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFr4bII7dKJq5CUhBn3mpXE&google_hm=Y4RUFRmFUR9wEVZ4O6_xMQAAACgAAAIB&google_nid=index&google_push=ASkJ3FbKr2zXMdIxrH2s3MneLimcic6-fg2lFTB_NmstmF5Qymiho9YF2BuD4h7CylC7HSsubJjg4BmBqf27l55ZSHn0WFxpWBxk
Request Chain 148
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEE3hfzt7aDCG_W89lqti_ro&google_cver=1&google_push=ASkJ3FZ5PU7eVJRp8trzA-R0IVnqY96kRjjfQfE1wXYBNdYhvMeKi0rpWoLu0WaDONvEazi4izGaJQ0qQeU4LnwGc9dqXZPkLEvN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FZ5PU7eVJRp8trzA-R0IVnqY96kRjjfQfE1wXYBNdYhvMeKi0rpWoLu0WaDONvEazi4izGaJQ0qQeU4LnwGc9dqXZPkLEvN&google_hm=840e072dccd6496f0c25a67f23c58cc2
Request Chain 154
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAzJk0C_Chl2k_zWQEb7iW0&google_cver=1&google_push=ASkJ3FYOOrOaiOa8ICM6tEMqWFUuoveoMQhCBWClWQMs9TFfNFC9Pw-Nb8a-aZKaSOQaC96tJTcNCBtiDb6wiS5dQhiz8Mj8JdFhsQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FYOOrOaiOa8ICM6tEMqWFUuoveoMQhCBWClWQMs9TFfNFC9Pw-Nb8a-aZKaSOQaC96tJTcNCBtiDb6wiS5dQhiz8Mj8JdFhsQ&google_hm=hR5IsJ78acX6tefO03MWLA
Request Chain 155
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJfY5TuL5eiKs2MKlaSGSHE&google_push=ASkJ3FYpf7k9UdmiDJ18G96mPs-t64ZtEyLtktQU_iekkt_eMiidAaVEKg4c9dG_zQ5qVne1TffGx8Lh0P5W-V-8SWfjDwkOXz6B&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3FYpf7k9UdmiDJ18G96mPs-t64ZtEyLtktQU_iekkt_eMiidAaVEKg4c9dG_zQ5qVne1TffGx8Lh0P5W-V-8SWfjDwkOXz6B&google_hm=MTA2MjAxMjEyNDAzNDE1OTk1NTc
Request Chain 156
  • https://rtb.openx.net/sync/dds?google_gid=CAESEK_cIPc2sEjFPms4WRfCuDI&google_cver=1&google_push=ASkJ3FbfKv5-TUqzJqX0FbVf6FPGgkQ29UBn43acfBxVFCs5JV_oaZzlJLwv2M3MzMti9qCO1c_K9cL0fzDAz5FJF-GFb3sH3Qh1FQ HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEK_cIPc2sEjFPms4WRfCuDI&google_cver=1&google_push=ASkJ3FbfKv5-TUqzJqX0FbVf6FPGgkQ29UBn43acfBxVFCs5JV_oaZzlJLwv2M3MzMti9qCO1c_K9cL0fzDAz5FJF-GFb3sH3Qh1FQ&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FbfKv5-TUqzJqX0FbVf6FPGgkQ29UBn43acfBxVFCs5JV_oaZzlJLwv2M3MzMti9qCO1c_K9cL0fzDAz5FJF-GFb3sH3Qh1FQ&google_hm=gBdaKOn6wRg3TW-WcwfLLA==
Request Chain 157
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDuuuoBYJP9pDzCXba8kXAQ&google_cver=1&google_push=ASkJ3FYkcaoEprAWwSQRQ4oIu7tASEvkRaFVwaMa5b8zsrc_1IKd0GUF0xK1pZoS5pi5_5eprZFvfHApN1evbcSyUpr6poVA2BZGXg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_XeNMvzHSL6Xr_RbuZWlWA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYkcaoEprAWwSQRQ4oIu7tASEvkRaFVwaMa5b8zsrc_1IKd0GUF0xK1pZoS5pi5_5eprZFvfHApN1evbcSyUpr6poVA2BZGXg
Request Chain 158
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBHmfYFDjncpomYFy-TwHtk&google_cver=1&google_push=ASkJ3Far7ZnAZOIkIOShsdgUWL83BT8lMJbquMoBm4KxJZXFdfK7EAPCd-Ip9y0mWluEfStM1u-KSpCRe9meR2tTt29HunbbBF0f HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwRU5ISjgtMVotRjhERw==&google_push=ASkJ3Far7ZnAZOIkIOShsdgUWL83BT8lMJbquMoBm4KxJZXFdfK7EAPCd-Ip9y0mWluEfStM1u-KSpCRe9meR2tTt29HunbbBF0f
Request Chain 159
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIa4Z0i0wiTPf9izXk-2QRw&google_cver=1&google_push=ASkJ3Fak_31blI5o-ZQ8Y-ZSEMAoAuagP5o1eJWcB16F3WQav94lOqEH7Nd1AulnSQkEcRYV40kry8qc6Tvxh85tC7TcVR9YvA9YhQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIa4Z0i0wiTPf9izXk-2QRw&google_hm=Y4RUFRmFUR9wEVZ4O6_xMQAAACgAAAIB&google_nid=index&google_push=ASkJ3Fak_31blI5o-ZQ8Y-ZSEMAoAuagP5o1eJWcB16F3WQav94lOqEH7Nd1AulnSQkEcRYV40kry8qc6Tvxh85tC7TcVR9YvA9YhQ
Request Chain 160
  • https://cc.adingo.jp/adx/push/?google_gid=CAESENKdLztvc5vWXK1CiPC6VIY&google_cver=1&google_push=ASkJ3Fb8jUJ-vLR8fPmXuBlkoyPIB3Eqqmri4X_blizfzbDu7CT5OguD8DOS-sz5fq9iWYFt3OnG4DqTFJLypss61uj2KVmGOSZF3g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fb8jUJ-vLR8fPmXuBlkoyPIB3Eqqmri4X_blizfzbDu7CT5OguD8DOS-sz5fq9iWYFt3OnG4DqTFJLypss61uj2KVmGOSZF3g&google_hm=840e072dccd6496f0c25a67f23c58cc2
Request Chain 163
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3126182621455459000V10
Request Chain 164
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=61514701
Request Chain 166
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=775C27CFF77F4A8CBAAE1CEA8EBEC1C7&ex=simpli.fi&status=ok
Request Chain 167
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=JTWqsAvpptZ0BXaQnN-4&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPKKKRLXC42BOZYHA5C2GBBFQYKRNZHC2NA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPKKKRLXC42BOZYHA5C2GBBFQYKRNZHC2NA HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=JTWqsAvpptZ0BXaQnN-4
Request Chain 184
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3010092134319996953&gdpr=0&gdpr_consent=
Request Chain 185
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=636b41cda1e314ac&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHRaVpLKEs-gNCLw_JAAAAAAA&expiration=1669703062&is_secure=true
Request Chain 190
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 191
  • https://e1.emxdgt.com/um?if=true&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://e1.emxdgt.com/umcheck?&if=true&apnxid=$UID&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fe1.emxdgt.com%2Fumcheck%3F%26if%3Dtrue%26apnxid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253Dbrealtime.com%2526id%253D%2524EMXUID%26b64_redirect%3DaHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ%3D HTTP 302
  • https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Request Chain 239
  • https://match.adsrvr.org/track/cmf/openx?oxid=5f41d014-407c-7836-d139-2321a01ef196&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=5f41d014-407c-7836-d139-2321a01ef196&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&ttd_puid=5f41d014-407c-7836-d139-2321a01ef196&gdpr=0&gdpr_consent=
Request Chain 241
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJeHiBmMMKyU8h8yc6gZKeI&google_cver=1
Request Chain 258
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=T2lRaUl0THVINWZFaDUwRWUzczJLdw&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEAi8DkfbJIV_s8lAjdkOrfs&google_cver=1
Request Chain 259
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=27a480ee31bb14ac&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAHRaVpLKEs_AN-sEvZAAAAAAA&expiration=1669703062&nuid=&is_secure=true
Request Chain 262
  • https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1 HTTP 302
  • https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=28ab6a80b90414ac&is_secure=true&networkId=42851&version=1 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=eps&id=AAAItElDl1CPBAMH35byAAAAAAA&expiration=1669703062&is_secure=true
Request Chain 263
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LB0ENHT1-1D-21Q7
Request Chain 264
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=gf725afaba13cf780387 HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=ab678074-1dc7-4a0a-a3e6-c5c774c3c445
Request Chain 266
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=cdd9390b-4683-4e26-889e-3e9b05b53b7a&gdpr=&gdpr_pd=&gdpr_consent=
Request Chain 268
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=4c673556-6ee5-11ed-adb6-154f9acf0503 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=4c6734e6-6ee5-11ed-adb6-154f9acf0503
Request Chain 269
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=1494929651579611740
Request Chain 270
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&gdpr=0&gdpr_consent=
Request Chain 271
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__ HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Y4RUFRmFUR9wEVZ4O6-xMQAA%26040
Request Chain 274
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LB0ENHT1-1D-21Q7 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LB0ENHT1-1D-21Q7&ex=d-rubiconproject.com&status=ok
Request Chain 275
  • https://c1.adform.net/serving/cookie/match?party=14&cid=FD778D32-FCC7-48BE-97AF-F45BB995A558&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FD778D32-FCC7-48BE-97AF-F45BB995A558&gdpr=0&gdpr_consent=
Request Chain 276
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y4RUFgALctGZaQAO HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4RUFgALctGZaQAO&gdpr=0&gdpr_consent=&_test=Y4RUFgALctGZaQAO
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_XeNMvzHSL6Xr_RbuZWlWA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 279
  • https://idsync.rlcdn.com/420486.gif?partner_uid=FD778D32-FCC7-48BE-97AF-F45BB995A558 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEZENzc4RDMyLUZDQzctNDhCRS05N0FGLUY0NUJCOTk1QTU1OBAAGg0IlqiRnAYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=58426f4cece981569add33178b6a720c6e26d6e2ccbb793905a8fac52050aedd791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA1ODQyNmY0Y2VjZTk4MTU2OWFkZDMzMTc4YjZhNzIwYzZlMjZkNmUyY2NiYjc5MzkwNWE4ZmFjNTIwNTBhZWRkNzkxNDI2YjU0MTdkY2UyMRAAGgwIl6iRnAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA1ODQyNmY0Y2VjZTk4MTU2OWFkZDMzMTc4YjZhNzIwYzZlMjZkNmUyY2NiYjc5MzkwNWE4ZmFjNTIwNTBhZWRkNzkxNDI2YjU0MTdkY2UyMRAAGgwIl6iRnAYSBAgCEABCAEoA&google_gid=CAESEAUVX7VBqo8mtfX6D1S8i1w&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=d331b89a-c2fd-4870-9dfb-9524fff15420
Request Chain 280
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8ac76384-5417-4b00-bb0b-b43fe5361767
Request Chain 281
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkQ3NzhEMzItRkNDNy00OEJFLTk3QUYtRjQ1QkI5OTVBNTU4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 282
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOQReKoA60ub-gwgKJ4ExzM&google_cver=1
Request Chain 283
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:775C27CFF77F4A8CBAAE1CEA8EBEC1C7
Request Chain 284
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7288232524119178369&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 285
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&gdpr=0&gdpr_consent=
Request Chain 287
  • https://b1sync.zemanta.com/usersync/emx/?puid=54341669616662311383a4&cb=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd57%26uid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=JTWqsAvpptZ0BXaQnN-4&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZJRFZSW26DEM52C4Y3PNUXXA5LUH5SD2ZBVG4TGK6DDNBQW4Z3FHVSW26BGOVUWIPKKKRLXC42BOZYHA5C2GBBFQYKRNZHC2NA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZJRFZSW26DEM52C4Y3PNUXXA5LUH5SD2ZBVG4TGK6DDNBQW4Z3FHVSW26BGOVUWIPKKKRLXC42BOZYHA5C2GBBFQYKRNZHC2NA HTTP 302
  • https://e1.emxdgt.com/put?d=d57&uid=JTWqsAvpptZ0BXaQnN-4
Request Chain 289
  • https://dis.criteo.com/dis/usersync.aspx?r=149&p=324&cp=emx&cu=1&url=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd53%26uid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://e1.emxdgt.com/put?d=d53&uid=012d081b-df57-4f5d-b84d-54cb9c0b14b2
Request Chain 290
  • https://c1.adform.net/serving/cookie/match?party=1276 HTTP 302
  • https://e1.emxdgt.com/put?d=d52&uid=3503104223967631483
Request Chain 291
  • https://openrtb-us-east-1.axonix.com/syn?supply=2ec7cd46-702d-43f1-84c5-c9a9cd8473e4&uid=54341669616662311383a4&redirect=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd49%26uid%3DxxEMODO_IDxx HTTP 302
  • https://e1.emxdgt.com/put?d=d49&uid=de5131f3-2d2d-47e5-960f-f32f1e6d0062
Request Chain 292
  • https://emx-match.dotomi.com/match/bounce/current?networkId=46227&version=1&nuid=54341669616662311383a4 HTTP 302
  • https://emx-match.dotomi.com/match/bounce/current?DotomiTest=398dd322036714ac&is_secure=true&networkId=46227&version=1&nuid=54341669616662311383a4 HTTP 302
  • https://e1.emxdgt.com/put?d=d48&uid=AAAIozuwf8zCegNVEeaqAAAAAAA&expiration=1669703062&nuid=54341669616662311383a4&is_secure=true
Request Chain 293
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=emx&cspid=19&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd46%26uid%3D%24%7BADELPHIC_CUID%7D HTTP 302
  • https://e1.emxdgt.com/put?d=d46&uid=2ce7d870-4d33-4acc-b20e-d1b06e59c97f
Request Chain 294
  • https://pixel.advertising.com/ups/58365/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58365/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://e1.emxdgt.com/put?d=d44&uid=y-Dic7lABE2uHRVn_xIeYqWQwN2O54yJx7~A
Request Chain 295
  • https://sync.resetdigital.co/csync?pid=17 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1311&userId=000000D5B2EA4449
Request Chain 296
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=114 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=114 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=571d7020-25c7-450e-97af-4c8a0e931ccb-63845416-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D571d7020-25c7-450e-97af-4c8a0e931ccb-63845416-4341%26partner_url%3Dhttps%253A%252F%252Fe1.emxdgt.com%252Fput%253Fd%253Dd38%2526uid%253D571d7020-25c7-450e-97af-4c8a0e931ccb-63845416-4341%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=571d7020-25c7-450e-97af-4c8a0e931ccb-63845416-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D571d7020-25c7-450e-97af-4c8a0e931ccb-63845416-4341%26partner_url%3Dhttps%253A%252F%252Fe1.emxdgt.com%252Fput%253Fd%253Dd38%2526uid%253D571d7020-25c7-450e-97af-4c8a0e931ccb-63845416-4341%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=571d7020-25c7-450e-97af-4c8a0e931ccb-63845416-4341&partner_url=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd38%26uid%3D571d7020-25c7-450e-97af-4c8a0e931ccb-63845416-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=571d7020-25c7-450e-97af-4c8a0e931ccb-63845416-4341&partner_url=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd38%26uid%3D571d7020-25c7-450e-97af-4c8a0e931ccb-63845416-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://e1.emxdgt.com/put?d=d38&uid=571d7020-25c7-450e-97af-4c8a0e931ccb-63845416-4341&gdpr=0&gdpr_consent=
Request Chain 298
  • https://aorta.clickagy.com/pixel.gif?ch=177&cm=54341669616662311383a4&redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd34%26uid%3D{visitor_id} HTTP 302
  • https://e1.emxdgt.com/put?d=d34&uid=c:6062500da4054d04638d9f59ed36707a
Request Chain 299
  • https://sync-tm.everesttech.net/upi/pid/1522?redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd32%26uid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://e1.emxdgt.com/put?d=d32&uid=Y4RUFgALctGZaQAO
Request Chain 300
  • https://sync.1rx.io/usersync2/emx HTTP 302
  • https://sync.1rx.io/usersync2/emx?zcc=1&cb=1669616662800 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1152536872 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/ab678074-1dc7-4a0a-a3e6-c5c774c3c445 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-337638bd-80cd-4213-a0bb-1aa94b9f6f60-005?redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd31%26uid%3DRX-337638bd-80cd-4213-a0bb-1aa94b9f6f60-005 HTTP 302
  • https://e1.emxdgt.com/put?d=d31&uid=RX-337638bd-80cd-4213-a0bb-1aa94b9f6f60-005
Request Chain 301
  • https://match.prod.bidr.io/cookie-sync/emx HTTP 303
  • https://match.prod.bidr.io/cookie-sync/emx?_bee_ppp=1
Request Chain 302
  • https://cm.ctnsnet.com/int/cm?exc=22&redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd25%26uid%3D%5Buser_id%5D HTTP 302
  • https://e1.emxdgt.com/put?d=d25&uid=8cefbe20630c4d34858c099d46d2f8f1
Request Chain 303
  • https://x.bidswitch.net/sync?ssp=emxdigital HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=emxdigital HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=emxdigital HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=ccJ1fmMqQe9KNZ1bcvbDJ5U4mbo&user_group=1&ssp=emxdigital HTTP 302
  • https://e1.emxdgt.com/put?d=d21&uid=fb468edb-6e8d-40d9-aa4c-a7722b03afde&gdpr=&gdpr_consent=
Request Chain 304
  • https://cms.quantserve.com/pixel/p-9zQtGV7AscK_-.gif?idmatch=0 HTTP 302
  • https://e1.emxdgt.com/put?gdpr=0&d=d20&uid=EQMtGBIEJBkKVHFNEQQ4HxMDLBUKA3BNFFYya8a0
Request Chain 305
  • https://p.rfihub.com/cm?pub=35927&in=1 HTTP 302
  • https://e1.emxdgt.com/put?d=d16&uid=2809753608212478151
Request Chain 306
  • https://ad.turn.com/r/cs?pid=51 HTTP 302
  • https://e1.emxdgt.com/put?d=d15&uid=7288232524119178369
Request Chain 307
  • https://bh.contextweb.com/bh/rtset?pid=561594&ev=1&rurl=https://e1.emxdgt.com/put?d=d8&uid=%%VGUID%% HTTP 302
  • https://e1.emxdgt.com/put?d=d8&ev=1&uid=LhKr8i5YusGM&pid=561594
Request Chain 308
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=uk8nbff&ttd_tpi=1 HTTP 302
  • https://e1.emxdgt.com/put/?uid=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&d=d5&brtid=testcookievalue&s=0&gdpr=0&gdpr_consent=
Request Chain 309
  • https://ib.adnxs.com/getuid?https://e1.emxdgt.com/put/?uid=$UID&d=d1 HTTP 302
  • https://e1.emxdgt.com/put/?uid=1494929651579611740&d=d1
Request Chain 311
  • https://um.simpli.fi/gp_match?google_gid=CAESENX89O0iYkamSNOynjpU_N8&google_cver=1&google_push=ASkJ3Fa30RLRJQPfE7VvvpHktU38LyIUt7sQqhzCAULLBjVB945sE99nYTeJdjQpiL49eFXx-c9rEgVbY6UiJ4F90B8Yy2s3A-ZY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=775C27CFF77F4A8CBAAE1CEA8EBEC1C7&google_push=ASkJ3Fa30RLRJQPfE7VvvpHktU38LyIUt7sQqhzCAULLBjVB945sE99nYTeJdjQpiL49eFXx-c9rEgVbY6UiJ4F90B8Yy2s3A-ZY
Request Chain 313
  • https://fksnk.com/cs/google?google_gid=CAESEN9dW_GDaL8g23a7AxSr8hA&google_cver=1&google_push=ASkJ3FYUm7I-QHGoHmEMsTRd3HdpPs8fp7Z49qlmojpngU35vaYHa9RF7JPPktXrWC__yzhE5T2qai6WmSqHKUmMJKBMmbQIq-Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RjJDNUJFRDkzMEU2RTAxOA==
Request Chain 315
  • https://sync.inmobi.com/gob?google_gid=CAESEMRkNC_7Y5indojlecwWdNw&google_cver=1&google_push=ASkJ3FauF2g8dDLUkoU_TIrx1u6s9OnYL5JxWaDc-5utpYFpLTyFZ2KPrZCd5XTT3Z0KVI_1u8itfm5UwYSqYxujl164RRmYV1Kg HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FauF2g8dDLUkoU_TIrx1u6s9OnYL5JxWaDc-5utpYFpLTyFZ2KPrZCd5XTT3Z0KVI_1u8itfm5UwYSqYxujl164RRmYV1Kg HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOxoo6hQ9qhtZcb3o6q_zFx9f7aSxASN3Eww3MnA&google_push=ASkJ3FauF2g8dDLUkoU_TIrx1u6s9OnYL5JxWaDc-5utpYFpLTyFZ2KPrZCd5XTT3Z0KVI_1u8itfm5UwYSqYxujl164RRmYV1Kg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=n6XWTgKUTtsj_FCxmNTS&google_push=ASkJ3FauF2g8dDLUkoU_TIrx1u6s9OnYL5JxWaDc-5utpYFpLTyFZ2KPrZCd5XTT3Z0KVI_1u8itfm5UwYSqYxujl164RRmYV1Kg&google_nid=inmobi_new_eb
Request Chain 316
  • https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEExQxWFO6k0TQURefmA9aXE&google_cver=1&google_push=ASkJ3FY4Acbs2dbVgSwsUVVrVDri9D-yZNBfN79K11l3N58odJRX6H0189tfzhp21i-gMWU45t-9xZ1rOfvLU8RWjc9_xqUEbMXTaA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTQzNDE2Njk2MTY2NjIzMTEzODNhNA==
Request Chain 317
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEDAws_t8CwUDwbAiGiS-ZPI&google_cver=1&google_push=ASkJ3FblpWrTBbYtucS6Iuq5IfYVTBSv4R49dVWO2veJB2X14CQ8ZGd3mPbpwJPfAXhqRfuLnq5kSKNxe0HB_W3ZSnhV6R0G-Pe35A HTTP 302
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEDAws_t8CwUDwbAiGiS-ZPI&google_cver=1&google_push=ASkJ3FblpWrTBbYtucS6Iuq5IfYVTBSv4R49dVWO2veJB2X14CQ8ZGd3mPbpwJPfAXhqRfuLnq5kSKNxe0HB_W3ZSnhV6R0G-Pe35A&chk=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NDU0ZjdhMjQzMjIyZjU2OA&google_push=ASkJ3FblpWrTBbYtucS6Iuq5IfYVTBSv4R49dVWO2veJB2X14CQ8ZGd3mPbpwJPfAXhqRfuLnq5kSKNxe0HB_W3ZSnhV6R0G-Pe35A
Request Chain 324
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 326
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LB0ENHT1-1D-21Q7&ex=d-rubiconproject.com&status=ok
Request Chain 327
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&gdpr=0&gdpr_consent=&expires=30
Request Chain 328
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LB0ENHT1-1D-21Q7
Request Chain 329
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjRjNzc2NGIyNTBmNTcxNTU0NTVjYjQ3NjE4MGQzYTA2NTEzMTM5Mw
Request Chain 330
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGAH2PWDelAqOjj_0hmk-FY&google_cver=1
Request Chain 331
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/wYcfFKZqyV7DGBlyiBYptMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4720700409871298948
Request Chain 332
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwRU5IVDEtMUQtMjFRNw==
Request Chain 333
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uiIAH18gSuSdVB3gVgSQyQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uiIAH18gSuSdVB3gVgSQyQ
Request Chain 334
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEP3L5V9T8xhosSzxo0iUcdc&google_cver=1&google_push=ASkJ3FYickV_OEq_4gRvLalcWVMRqhdpy7JcAJnHaXM0GFzxvyKNR-sk0tjCesuavuSe6Zf3xwmjIjrk76OeBSH264nziWHawAI HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=3ebf1b73f541478&is_secure=true&networkId=14000&version=1&google_gid=CAESEP3L5V9T8xhosSzxo0iUcdc&google_cver=1&google_push=ASkJ3FYickV_OEq_4gRvLalcWVMRqhdpy7JcAJnHaXM0GFzxvyKNR-sk0tjCesuavuSe6Zf3xwmjIjrk76OeBSH264nziWHawAI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHRaVpLKEtBAMhIaZhAAAAAAA&expiration=1669703063&google_cver=1&is_secure=true&google_gid=CAESEP3L5V9T8xhosSzxo0iUcdc&google_push=ASkJ3FYickV_OEq_4gRvLalcWVMRqhdpy7JcAJnHaXM0GFzxvyKNR-sk0tjCesuavuSe6Zf3xwmjIjrk76OeBSH264nziWHawAI
Request Chain 335
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHOny_hTPd1OfRBM5y2nXX8&google_cver=1&google_push=ASkJ3FYdfA-bfFfptKFMVcPWkLp4oXLpH4KaJiETBIAAm1WmKgCCaaUYuBK5BMJy6HaG7jFbQBWoJGwBWL8-cBCm2W5s3mImXY4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=isdjhFQXSwC7C7Q_5TYXZw&google_push=ASkJ3FYdfA-bfFfptKFMVcPWkLp4oXLpH4KaJiETBIAAm1WmKgCCaaUYuBK5BMJy6HaG7jFbQBWoJGwBWL8-cBCm2W5s3mImXY4
Request Chain 336
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEDtR3N2a3bbiwz7wld3Ob_Q&google_cver=1&google_push=ASkJ3FblS5Rn7Rf8-5st3mKPkxu5ENnNFlrpQ_4eWTU13JWvMEN3ZB018Vmd3OWKHD8NfjHCfMbKYAK0fzw0eV_EmqZDgoeSrKk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Vx1wICXHRQ6Xr0yKDpMcy2OEVBY
Request Chain 337
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBHmfYFDjncpomYFy-TwHtk&google_cver=1&google_push=ASkJ3FY4sIIHj5dZkANlgkqEKM_wkYvC-1ZdCLNVVBYZjqXnpdQngqZDdShuHYkmuEbUve7iBf6mgI1kntD1obVQbUy_udAEYA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwRU5IVDEtMUQtMjFRNw==&google_push=ASkJ3FY4sIIHj5dZkANlgkqEKM_wkYvC-1ZdCLNVVBYZjqXnpdQngqZDdShuHYkmuEbUve7iBf6mgI1kntD1obVQbUy_udAEYA
Request Chain 338
  • https://match.360yield.com/match/ebda?google_gid=CAESEGilY8_S3K09Et8jLxTn-Q0&google_cver=1&google_push=ASkJ3FaZkwidtuMg8E76NPpZhN27A3u8l6QCoO_MYR81chk-NaT2Gcti2Qn-VebLZ6LJadJRc5-IL3SKrUbTa3M7mkBHmUioox0 HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGilY8_S3K09Et8jLxTn-Q0&google_cver=1&google_push=ASkJ3FaZkwidtuMg8E76NPpZhN27A3u8l6QCoO_MYR81chk-NaT2Gcti2Qn-VebLZ6LJadJRc5-IL3SKrUbTa3M7mkBHmUioox0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fkCZiZFdQM-QqA2zXUG1xw&google_push=ASkJ3FaZkwidtuMg8E76NPpZhN27A3u8l6QCoO_MYR81chk-NaT2Gcti2Qn-VebLZ6LJadJRc5-IL3SKrUbTa3M7mkBHmUioox0
Request Chain 340
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENPVwGTqbfDXzn_VbwVp9Yc&google_cver=1&google_push=ASkJ3FaS0M8XweY1X3mJBtcbq6KiRp5AqmD-GM7uHmpSzwAPMyligKWMh4k_fDtUkI_GL3bKovlCKLNIbvKUbDrJgvCUBaWiOHtl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1yZU82UkQxRTJ1RzNxbFlCU1FZNnh5MXcxWkdsWklCOX5B&google_push=ASkJ3FaS0M8XweY1X3mJBtcbq6KiRp5AqmD-GM7uHmpSzwAPMyligKWMh4k_fDtUkI_GL3bKovlCKLNIbvKUbDrJgvCUBaWiOHtl
Request Chain 348
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAdLJiEqzsFH31wxlYj2w_c&google_cver=1&google_push=ASkJ3FY-yzBdojoIzoiZZEBd-p8s1jfbS-ls7ePNQgB2x9-dukYxMWmfjvv0XjTsw6_YZEu7dRwx9Y45EvdTgj7a_GkaCGf8gNg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzI4ODIzMjUyNDExOTE3ODM2OQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAsU7xqoQ_QiGWdijVrtyyU&google_cver=1
Request Chain 349
  • https://a.clickcertain.com/px/img/g/?google_gid=CAESEJ5KgeI9GxIQzloitkGzjwQ&google_cver=1&google_push=ASkJ3FYMBxv2TWkHse1yK7cdaC1WqKLdR8Ee7kFy44K_wjNLTwREkb1Sca5qsbJnFIiW0OLHgGAOo4pnNROoGO3p8FstTwxkCA HTTP 302
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=f0dc648b-5072-4e6a-bef7-d8d8a3e7f635&ccid=f0dc648b-5072-4e6a-bef7-d8d8a3e7f635&redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_gid%253dCAESEJ5KgeI9GxIQzloitkGzjwQ%2526google_cver%253d1%2526google_push%253dASkJ3FYMBxv2TWkHse1yK7cdaC1WqKLdR8Ee7kFy44K_wjNLTwREkb1Sca5qsbJnFIiW0OLHgGAOo4pnNROoGO3p8FstTwxkCA%2526anx_uId%253d%2524UID HTTP 303
  • https://i.liadm.com/s/56408?redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_gid%253dCAESEJ5KgeI9GxIQzloitkGzjwQ%2526google_cver%253d1%2526google_push%253dASkJ3FYMBxv2TWkHse1yK7cdaC1WqKLdR8Ee7kFy44K_wjNLTwREkb1Sca5qsbJnFIiW0OLHgGAOo4pnNROoGO3p8FstTwxkCA%2526anx_uId%253d%2524UID&bidder_id=200441&bidder_uuid=f0dc648b-5072-4e6a-bef7-d8d8a3e7f635&_li_chk=true&ccid=f0dc648b-5072-4e6a-bef7-d8d8a3e7f635&previous_uuid=a2d0653603c2485bbc3b8d84dafc7dbc HTTP 303
  • https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fg%2f%3fdone%3dtrue%26google_gid%3dCAESEJ5KgeI9GxIQzloitkGzjwQ%26google_cver%3d1%26google_push%3dASkJ3FYMBxv2TWkHse1yK7cdaC1WqKLdR8Ee7kFy44K_wjNLTwREkb1Sca5qsbJnFIiW0OLHgGAOo4pnNROoGO3p8FstTwxkCA%26anx_uId%3d%24UID&ccid=f0dc648b-5072-4e6a-bef7-d8d8a3e7f635 HTTP 302
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEJ5KgeI9GxIQzloitkGzjwQ&google_cver=1&google_push=ASkJ3FYMBxv2TWkHse1yK7cdaC1WqKLdR8Ee7kFy44K_wjNLTwREkb1Sca5qsbJnFIiW0OLHgGAOo4pnNROoGO3p8FstTwxkCA&anx_uId=$UID HTTP 302
  • https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEJ5KgeI9GxIQzloitkGzjwQ&google_cver=1&google_push=ASkJ3FYMBxv2TWkHse1yK7cdaC1WqKLdR8Ee7kFy44K_wjNLTwREkb1Sca5qsbJnFIiW0OLHgGAOo4pnNROoGO3p8FstTwxkCA&anx_uId=1494929651579611740 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=ASkJ3FYMBxv2TWkHse1yK7cdaC1WqKLdR8Ee7kFy44K_wjNLTwREkb1Sca5qsbJnFIiW0OLHgGAOo4pnNROoGO3p8FstTwxkCA&google_hm=ZjBkYzY0OGItNTA3Mi00ZTZhLWJlZjctZDhkOGEzZTdmNjM1
Request Chain 350
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEG-bN-Ii5AQ5McFnUqQe_HA&google_cver=1&google_push=ASkJ3FYLpum_InWWv5AdASy-GdzwXXv5mixrLxMwqhz4xe6gUG1kpCRjnuFtKot-TAf-xADOGu3aDcrMoOEkYWzdOnkxe2iVtF8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FYLpum_InWWv5AdASy-GdzwXXv5mixrLxMwqhz4xe6gUG1kpCRjnuFtKot-TAf-xADOGu3aDcrMoOEkYWzdOnkxe2iVtF8&google_hm=SlRXcXNBdnBwdFowQlhhUW5OLTQ=
Request Chain 351
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGXoBbpvjyRYlAowvsJ0LYg&google_cver=1&google_push=ASkJ3FadNn6U2iug-TAfSToh2Zzz6Q9QJ85mJj5iYPe7iblwM8pjw7Q-oJqkYVjpgyBW3uf24UTQ_UpYyoxegXFIv8_rSdE5aCM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=61514701&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ASkJ3FadNn6U2iug-TAfSToh2Zzz6Q9QJ85mJj5iYPe7iblwM8pjw7Q-oJqkYVjpgyBW3uf24UTQ_UpYyoxegXFIv8_rSdE5aCM
Request Chain 352
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEA1W7_HhmzXixCAKXXc0VcA&google_cver=1&google_push=ASkJ3FYQA8szRofW8LvDClFR5cbZCTzxan_XY9aJDSeiwJsHGaJXvR49StHdoFKFhcTggnBFYd8YyeVTpyeSHcM4P1U62RciigY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=MDEyZWNjNDJlNTE0NDUyODk0N2RjOTNhZDA2MjQ0OWY%3D&UIDF=CAESEA1W7_HhmzXixCAKXXc0VcA&google_cver=1&google_push=ASkJ3FYQA8szRofW8LvDClFR5cbZCTzxan_XY9aJDSeiwJsHGaJXvR49StHdoFKFhcTggnBFYd8YyeVTpyeSHcM4P1U62RciigY
Request Chain 353
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEDK0uSY77NYj1N2wfx6Wfh8&google_cver=1&google_push=ASkJ3FZfRZdm2AZjTYUSF7vK4_oUJMqAtJnsL42ss9VVXigwRcavYe--u_uS-_3DwDZ7WtRuf6NEVdWIqw8EKOCOBikaG5LhemA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FZfRZdm2AZjTYUSF7vK4_oUJMqAtJnsL42ss9VVXigwRcavYe--u_uS-_3DwDZ7WtRuf6NEVdWIqw8EKOCOBikaG5LhemA&google_hm=WTRSVUY4Q284WUFBQUM3Q245NEFBQUFB
Request Chain 354
  • https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEKaSzF_dx6hQNeYfGfQhN3I&google_cver=1&google_push=ASkJ3Fb7a67D64PJGAJtBU4aSYz2QnHfG-9IHcGI8QA6JoGQ_J6Ht2iZJIiK1XUQwOgUyXGGVBv3OD3tQ1cVcFh056mViyuyqlGJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTQzNDE2Njk2MTY2NjIzMTEzODNhNA==
Request Chain 358
  • https://aw.dw.impact-ad.jp/c/map/?oid=26eb996a1a9c6758&cid=Wt7ty2ckHcOzDJ12flgymibipRo&sp=dsd HTTP 303
  • https://aw.dw.impact-ad.jp/c/mapr/?oid=26eb996a1a9c6758&cid=Wt7ty2ckHcOzDJ12flgymibipRo&sp=dsd
Request Chain 389
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAphbbQwgEtGzJ5EDcQU2nw&google_cver=1
Request Chain 390
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4RUFRmFUR9wEVZ4O6-xMQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAphbbQwgEtGzJ5EDcQU2nw&google_cver=1
Request Chain 391
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGpqMz9WTsiy50F0sFZkeSE&google_cver=1
Request Chain 392
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ5NDkyOTY1MTU3OTYxMTc0MA%3D%3D
Request Chain 395
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBQn9zElvOoOMTMdbwbZ33w&google_cver=1&google_push=ASkJ3FYF-yOydNOvtZ3u2jJ_lvcGWoD5z98CNmnhV_8wkdqkURO488nJmtUhndKBHp9F_95aMoIiMCWvGqBEsM9aCZ6wDPlbeZoaGF7l_MLF_2dbdGBGzQ206FmiS87rPwHoeJ2Meq2k3g HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBQn9zElvOoOMTMdbwbZ33w&google_cver=1&google_push=ASkJ3FYF-yOydNOvtZ3u2jJ_lvcGWoD5z98CNmnhV_8wkdqkURO488nJmtUhndKBHp9F_95aMoIiMCWvGqBEsM9aCZ6wDPlbeZoaGF7l_MLF_2dbdGBGzQ206FmiS87rPwHoeJ2Meq2k3g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cUZ5MVgyZncxT1p4ejI1&google_gid=CAESEBQn9zElvOoOMTMdbwbZ33w&google_cver=1&google_push=ASkJ3FYF-yOydNOvtZ3u2jJ_lvcGWoD5z98CNmnhV_8wkdqkURO488nJmtUhndKBHp9F_95aMoIiMCWvGqBEsM9aCZ6wDPlbeZoaGF7l_MLF_2dbdGBGzQ206FmiS87rPwHoeJ2Meq2k3g
Request Chain 396
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHqlGQbzCywU4fXVHsPji60&google_cver=1&google_push=ASkJ3FY_hP4hKXCyhVOqRR4LKhiL7AUMbHRZqx3D7bH0iIkzPXfHwiMv2_iLaJt08nYtS-zhOPf7J8svrWAne_w0-tCcmfHR5YfAqmrjZpEK3-wfD8jpGpyUAbiqNAR1nu0sskJeU8P7ew HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzUwMzEwNDIyMzk2NzYzMTQ4Mw&google_push=ASkJ3FY_hP4hKXCyhVOqRR4LKhiL7AUMbHRZqx3D7bH0iIkzPXfHwiMv2_iLaJt08nYtS-zhOPf7J8svrWAne_w0-tCcmfHR5YfAqmrjZpEK3-wfD8jpGpyUAbiqNAR1nu0sskJeU8P7ew
Request Chain 397
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEJPWadgTB7YGbDEgJBK48uI&google_cver=1&google_push=ASkJ3FYLJVK3lJNmurxT8n-vfryOVaLoG2dajfDyHwo1BRlZQw60vSOyIf1G8ipCpigXto9afOlQeXNkRGelg2M4A96Z2Qnuci6bU4MGnT_sRxr955B3pzZ1NNk4hPBPw2GdMpZzok7X6i-8 HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEJPWadgTB7YGbDEgJBK48uI%26google_cver%3D1%26google_push%3DASkJ3FYLJVK3lJNmurxT8n-vfryOVaLoG2dajfDyHwo1BRlZQw60vSOyIf1G8ipCpigXto9afOlQeXNkRGelg2M4A96Z2Qnuci6bU4MGnT_sRxr955B3pzZ1NNk4hPBPw2GdMpZzok7X6i-8 HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A1123812072003717008&exchange=193&google_gid=CAESEJPWadgTB7YGbDEgJBK48uI&google_cver=1&google_push=ASkJ3FYLJVK3lJNmurxT8n-vfryOVaLoG2dajfDyHwo1BRlZQw60vSOyIf1G8ipCpigXto9afOlQeXNkRGelg2M4A96Z2Qnuci6bU4MGnT_sRxr955B3pzZ1NNk4hPBPw2GdMpZzok7X6i-8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTExMjM4MTIwNzIwMDM3MTcwMDg&google_push=ASkJ3FYLJVK3lJNmurxT8n-vfryOVaLoG2dajfDyHwo1BRlZQw60vSOyIf1G8ipCpigXto9afOlQeXNkRGelg2M4A96Z2Qnuci6bU4MGnT_sRxr955B3pzZ1NNk4hPBPw2GdMpZzok7X6i-8
Request Chain 398
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEHqY6Nr8CPJUv4tMu4x9FZM&google_cver=1&google_push=ASkJ3Fbdc722lPT2MseJmq9iqHCgQMW5FZrSoY-PfXgitr0zmkGehZT97rx_dXbkvsSUPX9FYqrvopOUbZUmsU5OtxByyW6DqiqaGiOoCNyyZn4_y_X9wVUcip4OWfxw7sTGNHIQzcmxjG69 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ASkJ3Fbdc722lPT2MseJmq9iqHCgQMW5FZrSoY-PfXgitr0zmkGehZT97rx_dXbkvsSUPX9FYqrvopOUbZUmsU5OtxByyW6DqiqaGiOoCNyyZn4_y_X9wVUcip4OWfxw7sTGNHIQzcmxjG69&google_hm=MjgwOTc1MzYwODIxMjQ3ODE1MQ==
Request Chain 407
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpicrew.me%2F&domain=picrew.me&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=HpyC23xrbUp6S25iSjFzaEc1TUtlOEgrdDZrb1BsODVWRzhsR1cvNlMrdWpzTXNmeE80cmtUcTJ3aEwvSzJlS1YxdnZJMlZuV0c3OXNYT3NIQklFZXlKNVlWN2FoT0NtbEI2bkRCZE8raXI4eDJLUUhNcVhhbHVYMjFJOUZWMk01TnVmeUJtckxBZ0xrQ2xUMmI2M3MrSDM3NEhvalp0RThBQnFGY1Z3MjdaZnRDQlp0RTZISVZhWU0wRkVybmhKOUJwa2VJKzgwejQzN3IyL1lsUERXZlRiZXN3ZTl3VU9iRlFmTTJOK2FmTVFuMEYvVG1BejdER3BTazlScW04Snl1bWNQdEhJWW5UQWUzeDRPcVc3TEkxU3NMZz09fA&cppv=2
Request Chain 416
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8ac76384-5417-4b00-bb0b-b43fe5361767&gdpr=0&gdpr_consent=
Request Chain 417
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGSlBrN0hDS2dBQUNFRW5yS2JjUQ&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAFJPk7HCKgAACEEnrKbcQ&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFJPk7HCKgAACEEnrKbcQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3010092134319996953 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFJPk7HCKgAACEEnrKbcQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D3010092134319996953%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=3010092134319996953&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAFJPk7HCKgAACEEnrKbcQ&pid=558502&do=add HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFJPk7HCKgAACEEnrKbcQ
Request Chain 418
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 419
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1494929651579611740&gdpr=0&gdpr_consent=
Request Chain 420
  • https://pixel.onaudience.com/?partner=214&mapped=FD778D32-FCC7-48BE-97AF-F45BB995A558&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f4a7518c94141357/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=e52d69b6d9bcedd71e9896114229858d&gdpr=0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=1b6b8bd25ca9fc40a76a95968b8819af&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=3526664fef99492b HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
  • https://tags.bluekai.com/site/5386?id=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&gdpr=0&gdpr_consent=
Request Chain 421
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=FD778D32-FCC7-48BE-97AF-F45BB995A558&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=FD778D32-FCC7-48BE-97AF-F45BB995A558&gdpr=&fbounce=1
Request Chain 422
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=FD778D32-FCC7-48BE-97AF-F45BB995A558&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=FD778D32-FCC7-48BE-97AF-F45BB995A558&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 425
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FD778D32-FCC7-48BE-97AF-F45BB995A558&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-852nWddE2uVWr6pzPK3bUndG7zN_lN8-~A&gdpr=0&gdpr_consent=
Request Chain 426
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=FD778D32-FCC7-48BE-97AF-F45BB995A558&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2b35b0e204771880&is_secure=true&networkId=17100&version=1&nuid=FD778D32-FCC7-48BE-97AF-F45BB995A558&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAItElDl1CPYQMc1oRZAAAAAAA&expiration=1669703066&nuid=FD778D32-FCC7-48BE-97AF-F45BB995A558&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 427
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2ce7d870-4d33-4acc-b20e-d1b06e59c97f&gdpr=0&gdpr_consent=
Request Chain 430
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4RUFRmFUR9wEVZ4O6_xMQAAACgAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELXck3vi0im99kwCL3-XA4M&google_cver=1
Request Chain 432
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&expiration=1672208666&gdpr=0&gdpr_consent=
Request Chain 434
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=04030001_6384541a997e9&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_6384541a997e9
Request Chain 435
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4RUFgALctGZaQAO
Request Chain 436
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=775C27CFF77F4A8CBAAE1CEA8EBEC1C7

426 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
picrew.me/ 		39 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-28.jfk50.r.cloudfront.net
Software
/
Resource Hash
52da2914bbc60c5d97ae6a965f7ba0a79fe4f97e9b15a6f1ba7780548677ea1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
none
cache-control
no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 28 Nov 2022 06:24:18 GMT
expect-ct
max-age=0
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 3d84bfab616d594edc9340870455ee6a.cloudfront.net (CloudFront)
x-amz-cf-id
n1bg7KQThoflZNlyffjSuW5MK4bqn0A136YdCa2NGitbJnQ4hlyZSQ==
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-robots-tag
noarchive
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1c2ec6bd9a3a2afaaac2b9a02a0d85160bc8ae969622d49fcad8c43e18eb6f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27207
x-xss-protection
0
server
sffe
etag
"1405 / 722 of 1000 / last-modified: 1669244741"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 28 Nov 2022 06:24:19 GMT
kv.js
cdn-fluct.sh.adingo.jp/ts/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fluct.sh.adingo.jp/ts/kv.js
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.14.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.14.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
fe17e70b190a001b79a66fa7b55d2dbac42a25b2fd575f72cf3e1470a9c40161

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:19 GMT
via
1.1 google
last-modified
Tue, 10 Nov 2020 02:42:50 GMT
server
nginx
x-goog-meta-goog-reserved-file-mtime
1604975443
etag
"556934705e12b655011cd42324d63d74"
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4159
expires
Mon, 28 Nov 2022 07:24:19 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1441a131782cfacd63574f41db9d6cdb76955a16dd7af3fd1a0a83e41442793d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49246
x-xss-protection
0
server
cafe
etag
17942833288321575070
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 28 Nov 2022 06:24:18 GMT
4bad72aeb766617b6e3a.js
cdn.picrew.me/assets/player/20221027071658/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.picrew.me/assets/player/20221027071658/4bad72aeb766617b6e3a.js
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959c4ee0c35d7ce873a353bf95c735f22ce263f0f15e0387126bb16ae66edde8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
gRS4yT6LubdK3sLd2vrPdyOjeYMm96EC
content-encoding
gzip
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
date
Sun, 27 Nov 2022 11:51:54 GMT
last-modified
Thu, 27 Oct 2022 07:19:01 GMT
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
66745
etag
W/"d98fc874d87ab0b6f9b21e9133369ed7"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-frame-options
SAMEORIGIN
x-amz-cf-id
DsAMp0YfG4c839hCKoePIxt03WAEKN_t0rkXFy85ZhmkTS3EN5RaKQ==
009d29bf042d749f715c.js
cdn.picrew.me/assets/player/20221027071658/ 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.picrew.me/assets/player/20221027071658/009d29bf042d749f715c.js
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2263cf7b6bc064dfa349b9d52f3665b24ee41cc0e5e43236ddff1922e72c5fb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
4rX..ImhnUdELzPtMiY1KydkE8iS3Ugp
content-encoding
gzip
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
date
Sun, 27 Nov 2022 13:48:31 GMT
last-modified
Thu, 27 Oct 2022 07:19:01 GMT
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
59748
etag
W/"13390a6eb41eccc42a7862a52c231deb"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-frame-options
SAMEORIGIN
x-amz-cf-id
qKj6IQw3NCYslS8m5-KjPvFtufPwR5E0TBotogVkPm7Ku9CLk6GIiA==
0360fe6ba1fe0ec41cdf.css
cdn.picrew.me/assets/player/20221027071658/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.picrew.me/assets/player/20221027071658/0360fe6ba1fe0ec41cdf.css
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12acf0cde9105ca35b079104e27341413fb68164085916505c077cf58748abc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
JIP6tTnBVFckqzrUxkjQ46YdxDMgtH07
content-encoding
gzip
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
date
Sun, 27 Nov 2022 11:51:54 GMT
last-modified
Thu, 27 Oct 2022 07:19:01 GMT
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
66745
etag
W/"6577c07362affb431ee21f4ba944e0b8"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
x-frame-options
SAMEORIGIN
x-amz-cf-id
8dO2YcPHoHUwurOzcG7BmBzsMwsiZAg-3GrZTHjGm5A2-7yAZvQnCw==
ac5f92ae1827346ab643.js
cdn.picrew.me/assets/player/20221027071658/ 		239 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.picrew.me/assets/player/20221027071658/ac5f92ae1827346ab643.js
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
904e851ee4c66aa4fea38387312b031b4c2e66a6e58dc1ca1180927364c37c1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
OfCDsdyW7K4pPwvmszTpkl88Lx19qGRk
content-encoding
gzip
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
date
Sun, 27 Nov 2022 11:59:56 GMT
last-modified
Thu, 27 Oct 2022 07:19:01 GMT
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
66265
etag
W/"1599c814c4403b06994292737839c144"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-frame-options
SAMEORIGIN
x-amz-cf-id
NB_5GP4wkqYVeqqndZcpzdLFLDFT4jfE9aTvt5_x5M3hiQycfGSIcg==
dd8805d13f3fd87f5ddd.css
cdn.picrew.me/assets/player/20221027071658/ 		100 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.picrew.me/assets/player/20221027071658/dd8805d13f3fd87f5ddd.css
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd37b1510300e74c68eafa2df4f451b7e9265c77d46bc2fab899ea7560e59b4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
I6Yx3fbSBs4TsDhV1wkyCTM71OybxFPw
content-encoding
gzip
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
date
Sun, 27 Nov 2022 15:02:07 GMT
last-modified
Thu, 27 Oct 2022 07:19:01 GMT
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
55336
etag
W/"3771a3ec60cfeca4b7d817ffda061aa3"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
x-frame-options
SAMEORIGIN
x-amz-cf-id
k7u3Jy_7ex-s12PYPl1xjXVs9Vxt3My0dSB-qLt1_tXh-qX23M7DQQ==
f8184af7aa38073638a5.js
cdn.picrew.me/assets/player/20221027071658/ 		128 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.picrew.me/assets/player/20221027071658/f8184af7aa38073638a5.js
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
022ff10b352755649a649f6b82d25bf4ecf253e0b00bcb638505c73f035c1cc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
E.trNkk0ZpE04ZKzsZL0o5XK4L4aLWHq
content-encoding
gzip
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
date
Sun, 27 Nov 2022 12:54:45 GMT
last-modified
Thu, 27 Oct 2022 07:19:01 GMT
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
63015
etag
W/"7fd5d4d0f3ca1fc0ac0be74f1d439dbb"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-frame-options
SAMEORIGIN
x-amz-cf-id
MjeXbQuJw5RFB0hnjm7ZbI0LpGeZIip04Q3WNMRKPDikJBbRd8hHcw==
75fffb2db17d9b6c52a6.js
cdn.picrew.me/assets/player/20221027071658/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.picrew.me/assets/player/20221027071658/75fffb2db17d9b6c52a6.js
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2bcdb4a1fec0b05454cdaf4f51f97c230ba28d1640ea662d38af93a6118e5a37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
tKO0TKyGic7fqBbcxuJ2gEV.G9nFv7wB
content-encoding
gzip
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
date
Sun, 27 Nov 2022 14:30:12 GMT
last-modified
Thu, 27 Oct 2022 07:19:01 GMT
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
57801
etag
W/"201f58f4f4d64c0d249bf3895a3d4ad3"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-frame-options
SAMEORIGIN
x-amz-cf-id
NG17CV_0__C2ZciRTKC5uysw7Ez8NaQ8uWPGxXLqQVXhmkQIcRd8RQ==
bff7e9a.png
cdn.picrew.me/assets/player/20221027071658/img/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.picrew.me/assets/player/20221027071658/img/bff7e9a.png
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
825dd16d8f642ff84080e41219f2642bdd77fc30df9b8bb50dbe240c42b8b393
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
fJsyT8414b409E3N67vtEPxK2Ic9l4bp
date
Sun, 27 Nov 2022 09:11:26 GMT
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
76443
x-cache
Hit from cloudfront
content-length
80471
last-modified
Thu, 27 Oct 2022 07:19:01 GMT
server
AmazonS3
etag
"bff7e9aed01415fd0dd65d6177edcead"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
8HaX_Sz3_6DSqdYnfJZclY6N1nlgZ1iUHjnmR71XU5EsLhpf-FtQaA==
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1B) /
Resource Hash
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 06:24:18 GMT
Content-Encoding
gzip
Age
163
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
29221
x-amzn-internal-status
304
Last-Modified
Wed, 02 Nov 2022 19:43:37 GMT
Server
ECS (nyb/1D1B)
Etag
"6633f9603c759c40d9b200995454f17c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
b38d2f2.png
cdn.picrew.me/assets/player/20221027071658/img/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.picrew.me/assets/player/20221027071658/img/b38d2f2.png
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae7854ae440a4389fd7d9789c55bd80c7365dc0de4ac53f1702df4d07426f4cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
wnGVThAAhMBB6gkI0laU8G0Qj8DMx6RG
date
Sun, 27 Nov 2022 18:08:21 GMT
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
68846
x-cache
Hit from cloudfront
content-length
26528
last-modified
Thu, 27 Oct 2022 07:19:01 GMT
server
AmazonS3
etag
"b38d2f2d5e063165095de52d4d559548"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
q5v-ENXQKJRqvYY7X-yuXgHGjfMbrDrSfkFiM-lvLzlaCHhgIBJNKA==
gtm.js
www.googletagmanager.com/ 		128 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NW5MMVL
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
76c2e8ba8fb1c88ed15fffb25d875346f105f3492e47ab79484db310a976e1be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49691
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Nov 2022 06:24:18 GMT
truncated
/ 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bc401528e210d05de92040de97620a3d079d8c5f93907ce6e5beed90a178b8e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		229 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fc7839b6879b5e3b3605484e1ab69e4f0c3583dde2831953f6cc7face1a4be4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		233 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41568ba8144f47b70f0e4189b2d731a9f5a81da15257ca330da0a6f6db9b30a5

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		294 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7dd21c9cea9dadb7e0531c837945e64ecbf1b4fdc2ec4f5c0b736715064f7ebc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0862cba97e32d121c4b97badf91da074a845f9dfa4d2527e4cdf462ded1a4e7a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		231 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b65a8bf8d25642b29e9a3e518b0f5e489b6243dbe9a2cfc002cde358763af68

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		345 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1bf34e77ed7eba013e27e995b8a9264ad7156c94c9e57d2883ecd2708e254277

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ 		2 KB
1019 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Exo+2
Requested by
Host: cdn.picrew.me
URL: https://cdn.picrew.me/assets/player/20221027071658/dd8805d13f3fd87f5ddd.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ede9bcceac6363b184cf51bfa50069bec06162d26a855be9485efb39c80b67cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.picrew.me/assets/player/20221027071658/dd8805d13f3fd87f5ddd.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Nov 2022 06:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 04:57:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Nov 2022 06:24:19 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: cdn.picrew.me
URL: https://cdn.picrew.me/assets/player/20221027071658/dd8805d13f3fd87f5ddd.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.picrew.me/assets/player/20221027071658/dd8805d13f3fd87f5ddd.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
464095
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pO4I79NV86Ed7%2BroDbnDlO2OQI%2B%2BS8C8SE8R0jC1N7%2FM539xymYZI63CXoSzIbzpNyLOewgYF43TG2panZmcELkXQ8n5CF1u0xHy9jC9sIdzLA7JNPaFUG3KKccawWacJe8T49tZ22tnzgQQ1wS0KjQ0"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77110516df997138-YUL
expires
Sat, 18 Nov 2023 06:24:19 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 19:00:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41029
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 27 Nov 2023 19:00:30 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		218 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=picrew.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c19c16f5690bcf2894ae5998d1f9f13d71d3766d5b71ddc6967fd1c10b226d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103
x-xss-protection
0
expires
Mon, 28 Nov 2022 06:24:19 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684977850530a5c67a9f3d731cb8776282422ac1365d10a78b597433f63e16c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119592
x-xss-protection
0
server
cafe
etag
16021537167920745785
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Nov 2022 06:24:19 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25a95b3c878dc75218dc64253c799f54d5146215130a08652bd0437efddaa698

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
2b11c1f.png
cdn.picrew.me/assets/player/20221027071658/img/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.picrew.me/assets/player/20221027071658/img/2b11c1f.png
Requested by
Host: cdn.picrew.me
URL: https://cdn.picrew.me/assets/player/20221027071658/dd8805d13f3fd87f5ddd.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
342245848b6ba171bf23a54eed05aac9d589fc25ec56ae717fdc517178c88492
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.picrew.me/assets/player/20221027071658/dd8805d13f3fd87f5ddd.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
BJ3boh1BsfNjnp1P0vEn.pRQQ4Qxn0KQ
date
Sun, 27 Nov 2022 09:23:27 GMT
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
75674
x-cache
Hit from cloudfront
content-length
22010
last-modified
Thu, 27 Oct 2022 07:19:01 GMT
server
AmazonS3
etag
"2b11c1f6d5961cf549b35aa2d55fadbd"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
knPwcmvaZsMMPayW94o2c62BxzVOnDt-PxEw0p37wISd4VLdn_5n7g==
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://picrew.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:19 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
995668
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LNEYwgLadXUzFLpVTygk%2FsikclikzzOq06wgOXHjR50vHLUmme4ZuO8a7Y%2FKcbDN06%2FciT93W2OD22ilLs5AAV8YivH4oZeJ6AZyLbdU34eQTDkQaLJEpDm1EqaVbf8m2dWQ2yvZ9xOYBHughhyal0X"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
771105176d5c713e-YUL
expires
Sat, 18 Nov 2023 06:24:19 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 0B47 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://picrew.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
333
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 06:18:46 GMT
etag
10353107486223812946
expires
Mon, 12 Dec 2022 06:18:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
o1125947.ingest.sentry.io/api/6197996/envelope/ 		2 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o1125947.ingest.sentry.io/api/6197996/envelope/?sentry_key=f61862350cf14ba1a307cf41cbb414b9&sentry_version=7
Requested by
Host: cdn.picrew.me
URL: https://cdn.picrew.me/assets/player/20221027071658/ac5f92ae1827346ab643.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://picrew.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 28 Nov 2022 06:24:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://picrew.me
access-control-expose-headers
x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
sitetop-1-ZOTH-9.json
picrew.me/vol/ads/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://picrew.me/vol/ads/sitetop-1-ZOTH-9.json
Requested by
Host: cdn.picrew.me
URL: https://cdn.picrew.me/assets/player/20221027071658/f8184af7aa38073638a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-28.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45d7882253e736486ae9a7421b2ad5e8b0c13ffa9df154c56b702415538c0f67

Request headers

Referer
https://picrew.me/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
lrFAyDxP5gF.yK1lDTPEL.wxyHIOg8vA
content-encoding
br
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
date
Mon, 28 Nov 2022 06:24:20 GMT
last-modified
Fri, 25 Nov 2022 07:28:02 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
etag
W/"90083c464216e0ef41b2ee14a2116a05"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
max-age=25292000
x-amz-cf-id
ceiKovCfyJv_Jb_0y_VzkSG74zZrdu6_188a40UQkA_YbYi-ULEAPA==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: cdn.picrew.me
URL: https://cdn.picrew.me/assets/player/20221027071658/009d29bf042d749f715c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02c:112:face:b00c:0:3 Boca Raton, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
74fb14f49fd0a450c7d34eec5f6f77ed928c36119ed7657b4ad500e07d7c1a99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://picrew.me/
Origin
https://picrew.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 28 Nov 2022 06:24:19 GMT
content-md5
XN7pO5QgDp3He4tsyBWv+A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
TTv0c5f0Jo5amDAiv1MTLJ9i78FHH8aVG//zRQGAh8YYnfqDvU5jT/ia23lLLdU6B3mrZTGHIugHll58LPcQ1g==
x-fb-trip-id
1709462857
x-fb-content-md5
473083b1d6ada43278ff5e856e3175f0
cross-origin-opener-policy
same-origin-allow-popups
etag
"e74b0b0b8a08b35073da478c4626f515"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 28 Nov 2022 06:43:36 GMT
widget_iframe.644279d1635fd969e87af94a98bd232b.html
platform.twitter.com/widgets/ Frame FB60 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fpicrew.me
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D29) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://picrew.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2189009
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Mon, 28 Nov 2022 06:24:19 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Wed, 02 Nov 2022 19:36:59 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D29)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
399481_vf7Ppa9I.jpg
cdn.picrew.me/shareImg/thumb/202211/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.picrew.me/shareImg/thumb/202211/399481_vf7Ppa9I.jpg
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce406ad1efa630289e9751d2554937e970f2444b20fed33e0e360d7607ebd1aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:20 GMT
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
content-length
15801
x-amz-expiration
expiry-date="Thu, 01 Dec 2022 00:00:00 GMT", rule-id="delete:shareImg/thumb"
last-modified
Mon, 28 Nov 2022 06:24:19 GMT
server
AmazonS3
etag
"d5f415630218e3a8bfcc9ea470c13d88"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/jpeg
cache-control
max-age=25292000
accept-ranges
bytes
x-amz-cf-id
viicCwnT60IeRVx163qFhdl3qXCczpKM0EVZlRX-iZ8vMQGr4hD6Ug==
1729225_Q7PxLaI9.jpg
cdn.picrew.me/shareImg/thumb/202211/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.picrew.me/shareImg/thumb/202211/1729225_Q7PxLaI9.jpg
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25facfa075b47fe10e2e302f17aa098e1866a42243d641fc48cba4350eb87edc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:20 GMT
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
content-length
15990
x-amz-expiration
expiry-date="Thu, 01 Dec 2022 00:00:00 GMT", rule-id="delete:shareImg/thumb"
last-modified
Mon, 28 Nov 2022 06:24:19 GMT
server
AmazonS3
etag
"40e3bd03144909c26425ce5efa7b4df8"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/jpeg
cache-control
max-age=25292000
accept-ranges
bytes
x-amz-cf-id
IH2xavg2qsu7SEc_rS_VBTOFQ_AtDDMbsQ17jqTmO-5ZiVHbsPN9vw==
644129_HoMisxgo.jpg
cdn.picrew.me/shareImg/thumb/202211/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.picrew.me/shareImg/thumb/202211/644129_HoMisxgo.jpg
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9039b07104db02ecbf3f1bf4917b3892ba0ddf45fd0bc5d585ad218959c964a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:20 GMT
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
content-length
14730
x-amz-expiration
expiry-date="Thu, 01 Dec 2022 00:00:00 GMT", rule-id="delete:shareImg/thumb"
last-modified
Mon, 28 Nov 2022 06:24:18 GMT
server
AmazonS3
etag
"afefb1f36b2e6135bde09d0f112cf70c"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/jpeg
cache-control
max-age=25292000
accept-ranges
bytes
x-amz-cf-id
iMZUFpA96dkeeXMMqPTMdC2hKLGljklAQa-lHfMwSUmHw10bwJkR9g==
1806920_A9IPXCcj.jpg
cdn.picrew.me/shareImg/thumb/202211/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.picrew.me/shareImg/thumb/202211/1806920_A9IPXCcj.jpg
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b7d3778a5ef589744dd9fe58050a46e7da71d6575e8181acd5024ff5917fbac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:20 GMT
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
content-length
20551
x-amz-expiration
expiry-date="Thu, 01 Dec 2022 00:00:00 GMT", rule-id="delete:shareImg/thumb"
last-modified
Mon, 28 Nov 2022 06:24:18 GMT
server
AmazonS3
etag
"216c87bc32c1ba108826187ce521559d"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/jpeg
cache-control
max-age=25292000
accept-ranges
bytes
x-amz-cf-id
e1vDhgPN0FuObsv58pYKhA-GsTLeWjPKWvklk2lVOdZJ2bALyGjWYQ==
1806920_rDo6VeXS.jpg
cdn.picrew.me/shareImg/thumb/202211/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.picrew.me/shareImg/thumb/202211/1806920_rDo6VeXS.jpg
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0989ff49d71e930ac9da5023740bd44930e0990914de4e52f9acd58f3c46189
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:20 GMT
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
content-length
10715
x-amz-expiration
expiry-date="Thu, 01 Dec 2022 00:00:00 GMT", rule-id="delete:shareImg/thumb"
last-modified
Mon, 28 Nov 2022 06:24:18 GMT
server
AmazonS3
etag
"2374d813975a05900c36e767d39a488b"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/jpeg
cache-control
max-age=25292000
accept-ranges
bytes
x-amz-cf-id
3z2PlC8jvstt3ieopHX-PmZyVx9ZL2YBO7ERWQQ3rOzk4oBlVtryQw==
257476_LBU1NsFC.jpg
cdn.picrew.me/shareImg/thumb/202211/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.picrew.me/shareImg/thumb/202211/257476_LBU1NsFC.jpg
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37fcb104137eda65c3f36ef779d1edc70e704a1d6d47d0fdf990c39af09afd05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:20 GMT
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
content-length
15716
x-amz-expiration
expiry-date="Thu, 01 Dec 2022 00:00:00 GMT", rule-id="delete:shareImg/thumb"
last-modified
Mon, 28 Nov 2022 06:24:18 GMT
server
AmazonS3
etag
"210e550f3371842c1004c29a1cb15993"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/jpeg
cache-control
max-age=25292000
accept-ranges
bytes
x-amz-cf-id
a8rBqb8wKtDDIAi2mu-H58ySXfCHmDmSqUXdUxZiHmkGdRPdF632wg==
icon_Kkx6cQvCKTD0BGpp.png
cdn.picrew.me/app/image_maker/1806920/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.picrew.me/app/image_maker/1806920/icon_Kkx6cQvCKTD0BGpp.png
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aedf412d8d8c495c069d3785e2b4c190d56fdf4224c4f10ecff80532eb2bb546
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 04:31:59 GMT
x-amz-version-id
hnTruxQlXi0v1dZ5ERn1kYWcYCiiz3TG
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
1561941
x-cache
Hit from cloudfront
content-length
44337
last-modified
Thu, 10 Nov 2022 04:28:08 GMT
server
AmazonS3
etag
"ef8dffcb84e5a00128731246c1e9f615"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/png
cache-control
max-age=25292000
accept-ranges
bytes
x-amz-cf-id
PMC22gVvH_d8BibPSY9GSoiWgwxNr4Dzp69OxI_L4NZLq4k71SzKDg==
icon_4HjvS1I5juXJxN48.png
cdn.picrew.me/app/image_maker/346059/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.picrew.me/app/image_maker/346059/icon_4HjvS1I5juXJxN48.png
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7a6786fd5c94d6f928d942288d64ac720ffc25a124c7f04e3fae3a5cd88d3f69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:35:58 GMT
x-amz-version-id
Hg5s65yxOY1L4ANCHZKhWs3dCSHMIuCb
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
3336502
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
70592
last-modified
Mon, 31 Aug 2020 12:54:02 GMT
server
AmazonS3
etag
"1ce99bf49a22983c9dd01962b962e19e"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/png
cache-control
max-age=25292000
accept-ranges
bytes
x-amz-cf-id
PlxMP55ZdL51NJMn15Y0b-e7Ck9j6smIxEoru7WUeWoCWJnwR23MBQ==
icon_OXXq7fR3q8p3Sezh.png
cdn.picrew.me/app/image_maker/1706331/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.picrew.me/app/image_maker/1706331/icon_OXXq7fR3q8p3Sezh.png
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1bf2fb4dcd49c9ae064ed7ccde8d77c33142237ab7cf40e6fd3585196b7b0f17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 18:58:23 GMT
x-amz-version-id
hLCgJUkrRDMXP2Qd5UMHFhuUuhVOjN1y
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
905156
x-cache
Hit from cloudfront
content-length
62375
last-modified
Thu, 17 Nov 2022 18:57:44 GMT
server
AmazonS3
etag
"c5835d6287718ba74344d78715853b74"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/png
cache-control
max-age=25292000
accept-ranges
bytes
x-amz-cf-id
mMkqTkQGF5CPyjLIWP-g7Yk8Je-uvcT3jzD_bLTDNduXejMh4GXmNg==
icon_zAvwuAdG2lKelFbN.png
cdn.picrew.me/app/image_maker/1813774/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.picrew.me/app/image_maker/1813774/icon_zAvwuAdG2lKelFbN.png
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7c02dc3d7989020864d206c8c00a8e96c7130f20073995666550d0a78690bc41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 11:00:34 GMT
x-amz-version-id
nfcMExxPyYOo0B0DJrsxCVGgQ_d1pDuu
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
1020226
x-cache
Hit from cloudfront
content-length
63628
last-modified
Wed, 16 Nov 2022 10:18:06 GMT
server
AmazonS3
etag
"e7e55ff45557469cd6cc6076461dca96"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/png
cache-control
max-age=25292000
accept-ranges
bytes
x-amz-cf-id
8GINFRDGeaRn15mxnT6SVYEx6ZZTBc0xJvLVBacUQPQT7QL1yb1FWA==
cookie.js
partner.googleadservices.com/gampad/ 		385 B
695 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=picrew.me&callback=_gfp_s_&client=ca-pub-9692134005385697&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29a14c03dbd5aec0ef4a89b85c33dd469bd79b076f6049fabf001557ad60c9c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
251
x-xss-protection
0
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=picrew.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=picrew.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpicrew.me%2F&tn=DIV&cls=sw-Loader&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpicrew.me%2F&tn=DIV&cls=sw-Loader&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1A4F 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&adk=1812271804&adf=3025194257&lmt=1669616659&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fpicrew.me%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616659075&bpp=11&bdt=187&idt=276&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3839047260290&frm=20&pv=2&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=298
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://picrew.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 06:24:19 GMT
expires
Mon, 28 Nov 2022 06:24:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
icon_o2kh052j6zFtSbHx.png
cdn.picrew.me/app/image_maker/516657/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.picrew.me/app/image_maker/516657/icon_o2kh052j6zFtSbHx.png
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d757b45dec68a52bfca892294c1168866eba53077ac03b6b5b605e2ffc1aa96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 05:21:36 GMT
x-amz-version-id
iZqdP2R0Jgdw7s34GBGG9YVyGYhpfYFg
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
3373364
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
52486
last-modified
Thu, 28 Apr 2022 11:19:01 GMT
server
AmazonS3
etag
"bdedbf77f21119f8149857a614fd4024"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/png
cache-control
max-age=25292000
accept-ranges
bytes
x-amz-cf-id
nuUkj9h1l4Oh4gXfaTiBFSwXlSkcKPNZf3LH6py27xMARnIh2jxuvA==
icon_hB4co3oIbgxpwETB.png
cdn.picrew.me/app/image_maker/644129/ 		128 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.picrew.me/app/image_maker/644129/icon_hB4co3oIbgxpwETB.png
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c07c4c49d5cead9e372d81352d54f4d8693bcc8b8759e824ed5ba19587176cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 05:21:43 GMT
x-amz-version-id
uiOzGRoHjnHiZJBRQIImAwAPBeaGI72e
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
3373357
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
130746
last-modified
Sat, 24 Sep 2022 16:58:33 GMT
server
AmazonS3
etag
"a3f63482319d857fa45e4f91e195fdab"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/png
cache-control
max-age=25292000
accept-ranges
bytes
x-amz-cf-id
yZ1O27S5u6ZdINwtjMHtbop6CLw-8mterS1h4C5s8EWOOy88Xif4rQ==
settings
syndication.twitter.com/ Frame FB60 		914 B
694 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=9209b315dd027bacfa0705a5e5562084d3b7f79f
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fpicrew.me
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
c029fedb8a2ffa0456075f77fe0b264c402d8b119dc26d3530dc013757820cd3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-response-time
7
date
Mon, 28 Nov 2022 06:24:19 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Mon, 28 Nov 2022 06:24:19 GMT
server
tsa_b
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
e834704f46e29e46
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
fc89623caaae3c213e80c229f91267f3e3a7bfe26e150f48e24d2f57a2e3cc30
content-length
375
sdk.js
connect.facebook.net/en_US/ 		306 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=49239e31ec196ea7a1fa89704ba2f608
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02c:112:face:b00c:0:3 Boca Raton, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cd4ce5e10e9992bfc208d38af7207c47aba35cb97da76cc1ccc54e01a60b5659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://picrew.me/
Origin
https://picrew.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 28 Nov 2022 06:24:19 GMT
content-md5
Jd01jgEnl6JKhK3NO4zQiQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88358
x-fb-rlafr
0
x-fb-debug
/Xms6buikgCFL4DLpHNgG4onC3D24Gk8pxd47sQ2BWThSvPzDKRVZwjDA2OhkJAlNpU82/S3cY8QwbHJGopsEA==
x-fb-content-md5
89fd08c14dacf38d7d717effa460efa9
cross-origin-opener-policy
same-origin-allow-popups
etag
"bd8f0027aab2d4f6c0511cdaeb8ef806"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 28 Nov 2023 05:43:27 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NW5MMVL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 28 Nov 2022 05:46:25 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2274
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 28 Nov 2022 07:46:25 GMT
js
www.googletagmanager.com/gtag/ 		212 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TXZ7V095SJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NW5MMVL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
de7d786cbad835543bba3d66c1338f29e2a481634c9b8de3a57f53ab7f190c1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75990
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 28 Nov 2022 06:24:19 GMT
horizon_timeline.5b32f06df3f1186af2ebf11024b09726.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_timeline.5b32f06df3f1186af2ebf11024b09726.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1DCD) /
Resource Hash
6da7d8315fee3652e18b177b54485b45bb90222d001b4c6488fb4e19e498d591

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 06:24:19 GMT
Content-Encoding
gzip
Age
2189009
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
2977
Last-Modified
Wed, 02 Nov 2022 19:36:52 GMT
Server
ECS (nyb/1DCD)
Etag
"be517337a860b30e72096680d8dde0eb+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embeds
syndication.twitter.com/i/jot/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22experiment_key%22%3A%22tfw_horizon_timeline_12034%22%2C%22bucket%22%3A%22treatment%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%7D%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669616659628%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_horizon_timeline_12034%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=9209b315dd027bacfa0705a5e5562084d3b7f79f
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-response-time
9
date
Mon, 28 Nov 2022 06:24:19 GMT
strict-transport-security
max-age=631138519
last-modified
Mon, 28 Nov 2022 06:24:19 GMT
server
tsa_b
vary
Origin
content-type
image/gif
x-transaction-id
c8558076d1101161
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
fc89623caaae3c213e80c229f91267f3e3a7bfe26e150f48e24d2f57a2e3cc30
content-length
43
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=584672500&t=pageview&_s=1&dl=https%3A%2F%2Fpicrew.me%2F&ul=en-us&de=UTF-8&dt=Picrew%EF%BD%9C%E3%81%A4%E3%81%8F%E3%81%A3%E3%81%A6%E3%81%82%E3%81%9D%E3%81%B9%E3%82%8B%E7%94%BB%E5%83%8F%E3%83%A1%E3%83%BC%E3%82%AB%E3%83%BC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAABAAAAAC~&jid=1337246228&gjid=53050248&cid=1744558789.1669616659&tid=UA-37779012-8&_gid=80732003.1669616660&_r=1&gtm=2wgb90NW5MMVL&cg1=&cd1=&z=1699082252
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://picrew.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://picrew.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1764330357144551&ev=fb_page_view&dl=https%3A%2F%2Fpicrew.me%2F&rl=&if=false&ts=1669616659723&sw=1600&sh=1200&at=
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 28 Nov 2022 06:24:19 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-TXZ7V095SJ&gtm=2oeb90&_p=584672500&cid=1744558789.1669616659&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669616659&sct=1&seg=0&dl=https%3A%2F%2Fpicrew.me%2F&dt=Picrew%EF%BD%9C%E3%81%A4%E3%81%8F%E3%81%A3%E3%81%A6%E3%81%82%E3%81%9D%E3%81%B9%E3%82%8B%E7%94%BB%E5%83%8F%E3%83%A1%E3%83%BC%E3%82%AB%E3%83%BC&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TXZ7V095SJ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://picrew.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
picrew_tc
syndication.twitter.com/srv/timeline-profile/screen-name/ Frame 231E 		69 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/srv/timeline-profile/screen-name/picrew_tc?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=ja&maxHeight=400px&origin=https%3A%2F%2Fpicrew.me%2F&sessionId=9209b315dd027bacfa0705a5e5562084d3b7f79f&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
811d09fb64db1fb12b8cfa299d4e9eab08f4af187c5f1c746cd41b2fc243624d
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Xss-Protection 0

Request headers

Referer
https://picrew.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
must-revalidate, max-age=60
content-encoding
gzip
content-length
7285
content-type
text/html; charset=utf-8
date
Mon, 28 Nov 2022 06:24:20 GMT
etag
"11526-8iEDA5npkVrfxttzPhACCO7jDD4"
perf
7626143928
server
tsa_b
strict-transport-security
max-age=631138519
x-connection-hash
fc89623caaae3c213e80c229f91267f3e3a7bfe26e150f48e24d2f57a2e3cc30
x-response-time
400
x-transaction-id
bfceb22d8a03bde3
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-37779012-8&cid=1744558789.1669616659&jid=1337246228&gjid=53050248&_gid=80732003.1669616660&_u=YAhAAAAAAAAAAC~&z=915337972
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://picrew.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 28 Nov 2022 06:24:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://picrew.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-37779012-8&cid=1744558789.1669616659&jid=1337246228&_u=YAhAAAAAAAAAAC~&z=2074901659
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-37779012-8&cid=1744558789.1669616659&jid=1337246228&_u=YAhAAAAAAAAAAC~&z=2074901659
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9692134005385697
Requested by
Host: cdn.picrew.me
URL: https://cdn.picrew.me/assets/player/20221027071658/f8184af7aa38073638a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95b9b917bc41676ae6ae91875daefae4e70419abe9769f2d3a8e3f97264ff6e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49135
x-xss-protection
0
server
cafe
etag
9672844447072962548
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 28 Nov 2022 06:24:20 GMT
apstag.js
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain
  • https://c.amazon-adsystem.com/aax2/apstag.js
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
178 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Server
2600:9000:210b:b800:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c77c73031f12ad805be49f065989e35ee84cdeaba71e1b64c650732c921409df

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:10:08 GMT
content-encoding
br
via
1.1 3f6eb9ff07d4d2f572d4e8e6fb935a36.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 20:51:50 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
853
x-amz-server-side-encryption
AES256
etag
W/"fa24fe2b94a2fc864b1ec67f32e8db32"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
bDeZiwLvAeuXOD-MiccbOXuabOtSSQb5oNzm5URkN1DdJbPmM0oZdw==

Redirect headers

date
Sun, 27 Nov 2022 06:40:03 GMT
via
1.1 68d323cfd4a0f1ae252f92c083654190.cloudfront.net (CloudFront), 1.1 2f5727cd85b40e905349d2b5268f3dbc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD89-P2, EWR52-C2
age
85457
x-cache
Hit from cloudfront
content-type
text/html
location
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length
167
x-amz-cf-id
k7p5sKGnQWUZPu7uFdhtLHgkdg1vWQjW5Qb6mapxLk4RBLmTsYw7fg==
wrapper.min.js
cpt.geniee.jp/hb/v1/201548/64/ 		210 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpt.geniee.jp/hb/v1/201548/64/wrapper.min.js
Requested by
Host: cdn.picrew.me
URL: https://cdn.picrew.me/assets/player/20221027071658/f8184af7aa38073638a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.12 Yokodai, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p012.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash
5663635d4e0411642cbec5eb25d19eada1a085714782ff5d0ff645534abc0d4a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:20 GMT
content-encoding
gzip
last-modified
Mon, 28 Nov 2022 03:59:04 GMT
server
nginx
etag
W/"63843208-34759"
content-type
application/javascript
cache-control
max-age=3600, private
cross-origin-resource-policy
cross-origin
expires
Mon, 28 Nov 2022 07:24:20 GMT
lift_widget.js
l.logly.co.jp/ 		85 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.logly.co.jp/lift_widget.js?adspot_id=4305880
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-24.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
0d45a9e7edc7228c3ea0492d461dec647822d1f2a61b876f2e3bbb9856dc388b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:20 GMT
Content-Encoding
gzip
Via
1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront)
Server
nginx
X-Amz-Cf-Pop
JFK50-P1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
X-Cache
Miss from cloudfront
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
X-Amz-Cf-Id
t71AmWJtELsFnSKp4GaIxSocwFpPewKsKnOP1J2ZHwSOxkRRM2xgQA==
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=picrew.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=picrew.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0A42 		72 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
748a7727459a97cff43764d96aa3c4e49a473ae631f5a8439ac9a7b7e387a39e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://picrew.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
22802
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 06:24:20 GMT
expires
Mon, 28 Nov 2022 06:24:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2327 		107 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7945ec59e6e6a649ad23eba0bf252b94d978a551b251c113dd73fba6c30600d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://picrew.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
35524
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 06:24:20 GMT
expires
Mon, 28 Nov 2022 06:24:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		151 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4100222670287867&correlator=2197869543542738&eid=44752585&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=9116787%3A22014346682%2C1513801&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&adks=711785640&sfv=1-0-40&ists=1&fas=8&sc=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&abxe=1&dt=1669616660125&lmt=1669616660&dlt=1669616658888&idt=406&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpicrew.me%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ebee850181e94e65e8a7b9203f6472f1d2f0f8cc017c45945c32367e03717c10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45315
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://picrew.me
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0763 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://picrew.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 06:24:20 GMT
expires
Tue, 28 Nov 2023 06:24:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03d35c1ff8a01dabf5d312f47b641d0dc6ad96b102f0b095e6af937881901757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 03:59:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
354264
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13838
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 24 Nov 2023 03:59:56 GMT
icon_PD6waJD5joCtz88Z.png
cdn.picrew.me/app/image_maker/1727240/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.picrew.me/app/image_maker/1727240/icon_PD6waJD5joCtz88Z.png
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60d60be277748c7f91b62c154e20f8238a39f604a53717921a90322898fd6282
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 07:57:57 GMT
x-amz-version-id
kebhoswevv.5jkrdmaiL7Z5cCZVG1f03
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
3363984
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
52750
last-modified
Sun, 14 Aug 2022 06:44:31 GMT
server
AmazonS3
etag
"a9db6df7bb842a31484ea1f7d7313b2b"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/png
cache-control
max-age=25292000
accept-ranges
bytes
x-amz-cf-id
HnCcHlYq0E5_mcsY0OILNzEWck0EURdc47H2M3tgKvCNll8HNzvocA==
icon_NIeDa759cDUd7zPd.png
cdn.picrew.me/app/image_maker/1735225/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.picrew.me/app/image_maker/1735225/icon_NIeDa759cDUd7zPd.png
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22c7d33c20a7b16d8b64cca741d1ff6844e2cb1c497e9500960287de7202f89b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 05:49:38 GMT
x-amz-version-id
pwRiNKTeXkAQMlYBGTtgWf1d0Jp9CqPQ
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
3371683
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
37920
last-modified
Sat, 27 Aug 2022 13:47:32 GMT
server
AmazonS3
etag
"370d760e59fd59296b80c21b3ac18817"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/png
cache-control
max-age=25292000
accept-ranges
bytes
x-amz-cf-id
MXXrT5aNERsG75Pa9ZQIct5EuOfJqFEK59ixFu3gtnmcqLTmcCN4wg==
runtime-a148fbcbc5efcd91d3a7.js
platform.twitter.com/_next/static/chunks/ Frame 231E 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/picrew_tc?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=ja&maxHeight=400px&origin=https%3A%2F%2Fpicrew.me%2F&sessionId=9209b315dd027bacfa0705a5e5562084d3b7f79f&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D2D) /
Resource Hash
1383708cb9b24bd70181898d1ea04305ac1f226da97ccae75857882f418c50d0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 06:24:20 GMT
Content-Encoding
gzip
Age
2111746
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
2097
Last-Modified
Thu, 03 Nov 2022 19:46:26 GMT
Server
ECS (nyb/1D2D)
Etag
"581beb14123ea389fe5c0fe24167fe0a+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
modules.c7def0268c66f6a548ed.js
platform.twitter.com/_next/static/chunks/ Frame 231E 		286 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/picrew_tc?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=ja&maxHeight=400px&origin=https%3A%2F%2Fpicrew.me%2F&sessionId=9209b315dd027bacfa0705a5e5562084d3b7f79f&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D08) /
Resource Hash
cdc46119f82b8cc0c4fa0ad51203da3154d0aee0e887aaf26a46988e5f359070

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 06:24:20 GMT
Content-Encoding
gzip
Age
2189010
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
95749
Last-Modified
Wed, 28 Sep 2022 17:24:15 GMT
Server
ECS (nyb/1D08)
Etag
"51acddf0dbfab928b183f36c1ee67619+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
main-e9db78f5e7b3d83edd5e.js
platform.twitter.com/_next/static/chunks/ Frame 231E 		90 B
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/main-e9db78f5e7b3d83edd5e.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/picrew_tc?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=ja&maxHeight=400px&origin=https%3A%2F%2Fpicrew.me%2F&sessionId=9209b315dd027bacfa0705a5e5562084d3b7f79f&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D24) /
Resource Hash
80534a6e1ec41d37acec8be383f8d1112dbbeea31dd51ead47463095c13bff3a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 06:24:20 GMT
Last-Modified
Wed, 28 Sep 2022 17:24:13 GMT
Server
ECS (nyb/1D24)
Age
2189010
Etag
"8e33207e7b788da9abde5b6d33da0b00"
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=315360000
x-tw-cdn
VZ
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Accept-Ranges
bytes
Content-Length
90
_app-446fb4a338b215deec8c.js
platform.twitter.com/_next/static/chunks/pages/ Frame 231E 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/pages/_app-446fb4a338b215deec8c.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/picrew_tc?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=ja&maxHeight=400px&origin=https%3A%2F%2Fpicrew.me%2F&sessionId=9209b315dd027bacfa0705a5e5562084d3b7f79f&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1C) /
Resource Hash
0b646f6a0117000d7a12cb08668222c21cd3ae0194b31cb4a12a60547171e380

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 06:24:20 GMT
Content-Encoding
gzip
Age
2189010
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
668
Last-Modified
Wed, 28 Sep 2022 17:24:13 GMT
Server
ECS (nyb/1D1C)
Etag
"be3e428d416daa9027cecf70b5f26bf9+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
%5BscreenName%5D-c8b4c96951cf24f547b4.js
platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/ Frame 231E 		13 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c8b4c96951cf24f547b4.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/picrew_tc?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=ja&maxHeight=400px&origin=https%3A%2F%2Fpicrew.me%2F&sessionId=9209b315dd027bacfa0705a5e5562084d3b7f79f&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1DCD) /
Resource Hash
b2bb7d781fe71f7f9496ed8a4f377a6a88b635233ea17c10457218c9992db8b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 06:24:20 GMT
Content-Encoding
gzip
Age
2189010
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
1285
Last-Modified
Wed, 28 Sep 2022 17:24:13 GMT
Server
ECS (nyb/1DCD)
Etag
"1efc61e416c7f4f293501e877fbec836+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
_buildManifest.js
platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/ Frame 231E 		1 KB
1010 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_buildManifest.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/picrew_tc?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=ja&maxHeight=400px&origin=https%3A%2F%2Fpicrew.me%2F&sessionId=9209b315dd027bacfa0705a5e5562084d3b7f79f&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D0B) /
Resource Hash
8056d05694350c1a3f041746d1551107d67d41af439157b1779ecdabbc8e7d35

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 06:24:20 GMT
Content-Encoding
gzip
Age
2111746
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
414
Last-Modified
Thu, 03 Nov 2022 19:46:26 GMT
Server
ECS (nyb/1D0B)
Etag
"12a5a08767706f15b6b316996cd057c1+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
_ssgManifest.js
platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/ Frame 231E 		76 B
641 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_ssgManifest.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/picrew_tc?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=ja&maxHeight=400px&origin=https%3A%2F%2Fpicrew.me%2F&sessionId=9209b315dd027bacfa0705a5e5562084d3b7f79f&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D0B) /
Resource Hash
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 06:24:20 GMT
Last-Modified
Thu, 03 Nov 2022 19:46:26 GMT
Server
ECS (nyb/1D0B)
Age
2111746
Etag
"abee47769bf307639ace4945f9cfd4ff"
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=315360000
x-tw-cdn
VZ
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Accept-Ranges
bytes
Content-Length
76
im-uid-hook.js
dmp.im-apps.net/scripts/ 		633 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by
Host: l.logly.co.jp
URL: https://l.logly.co.jp/lift_widget.js?adspot_id=4305880
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::172c:edb9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 06:24:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Content-Type
text/javascript
Cache-Control
public, max-age=3600, s-maxage=10800
Connection
keep-alive
Content-Length
445
lift.json
l.logly.co.jp/ 		14 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.logly.co.jp/lift.json?adspot_id=4305880&widget_id=65064&auc_id=&callback=_lgy_lift_callback_4305880&url=https%3A%2F%2Fpicrew.me%2F&ref=
Requested by
Host: l.logly.co.jp
URL: https://l.logly.co.jp/lift_widget.js?adspot_id=4305880
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-24.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
a1352516cb4c92aaa07bd6d5431e0d7b6f98e808eb00949d7bfda9230e2f45ec

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 06:24:20 GMT
Content-Encoding
gzip
Via
1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK50-P1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
P3P
CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Connection
keep-alive
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id
3zdNdguii02tMx-ysOZnAEpQGJjRsojrAukHDDmQ_vkiT5fI-Tg-bA==
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/webp
config
c.amazon-adsystem.com/cdn/prod/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fpicrew.me&pubid=c06cc614-f284-4373-8e7b-e334e4dcb9d3
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.144.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-144-76.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 01:48:38 GMT
via
1.1 2f5727cd85b40e905349d2b5268f3dbc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
age
16542
x-cache
Hit from cloudfront
access-control-allow-origin
https://picrew.me
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
3owHD9C4yUMWHLuc1Sm4BMqbZwulPkHLbO1AgiW-0XnnpYNPWid7Tw==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpicrew.me%2F&pid=suyDTexZcUQ4Y&cb=0&ws=1600x1200&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1622434501417-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F9176203%2C22014346682%2F1749267%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1598262175839-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F9176203%2C22014346682%2F1715044%22%7D%5D&schain=1.0%2C1!i-mobile.co.jp%2C70754%2C1%2C%2C%2C&pubid=c06cc614-f284-4373-8e7b-e334e4dcb9d3&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.124.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-124-226.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
a512f9f1ac4ec9a62b35bb9d6d133b38f7e2c759e708db0c63ded3a551612ad0
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:20 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6d9771d39a0475d92b50bdd9caae11c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P4
x-amz-rid
8W7KXB4Q061XSWEJW1X3
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://picrew.me
access-control-allow-credentials
true
timing-allow-origin
*
content-length
1069
x-amz-cf-id
_w4Z1-myM1TRtCtKCDathDeTw3e_Hb_Zp0n7lX3TDr0Px_AXj2grvA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.144.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-144-76.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 03:06:13 GMT
x-amz-version-id
vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq
content-encoding
gzip
via
1.1 061a00fb73c7b9b18dbae9db08e7a852.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
age
11888
x-cache
Hit from cloudfront
last-modified
Fri, 18 Nov 2022 03:05:15 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
ZHutVL5_3u-GYcKkbzxouy7cjwqF6Tp3OCU5y2jh7_HWx6AIoP5fxw==
2.691622e4391d1973cb65.js
platform.twitter.com/_next/static/chunks/ Frame 231E 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D11) /
Resource Hash
2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 06:24:20 GMT
Content-Encoding
gzip
Age
2189010
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
7674
Last-Modified
Wed, 28 Sep 2022 17:24:13 GMT
Server
ECS (nyb/1D11)
Etag
"942b5b928a24465d1906b4716131d896+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
24.44f9078e41d852c001b3.js
platform.twitter.com/_next/static/chunks/ Frame 231E 		57 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/24.44f9078e41d852c001b3.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D12) /
Resource Hash
2134dd3aba9cac93f50ad50436304a18be98a1b46de7f980251c589b13fea5d8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 06:24:20 GMT
Content-Encoding
gzip
Age
2111581
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
13528
Last-Modified
Thu, 03 Nov 2022 19:46:26 GMT
Server
ECS (nyb/1D12)
Etag
"1ec3a3ced960c296ac62a33e6b803b9c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
icon_lTuQGkadLoyRrYvv.png
cdn.picrew.me/app/image_maker/1809984/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.picrew.me/app/image_maker/1809984/icon_lTuQGkadLoyRrYvv.png
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
414fc7e1f87623075273e95db451a61508810973c4c7abcbecec3e17c1ea43cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 05:51:03 GMT
x-amz-version-id
K_gDWa7QEiSqILjXD.B.msK9IUnJYo_b
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
1998
x-cache
Hit from cloudfront
content-length
32434
last-modified
Sun, 27 Nov 2022 22:07:35 GMT
server
AmazonS3
etag
"1959a5579d9418d3b0dbfcda16223797"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/png
cache-control
max-age=25292000
accept-ranges
bytes
x-amz-cf-id
iPfc0t2KnwYXP7poiU39EyfPsDkVeyrep83szE38QRTF2-PaEhvu5w==
im-uid.js
dmp.im-apps.net/sdk/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::172c:edb9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0fe40c5652ce04b1e56ca22a7ab824498d35aaff5e4fa1d06771260a46339c6d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
GqMhJUeqm2nlsAjQPEaS4RkVkn9zD3Zz
Content-Encoding
gzip
Date
Mon, 28 Nov 2022 06:24:20 GMT
Last-Modified
Tue, 13 Sep 2022 05:29:25 GMT
ETag
"484902e01849ef7afab23dd06d623c25"
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
CP="NOI PSD OTR"
Cache-Control
max-age=10800
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2442
0.ad6e60829dfc07776f5e.js
platform.twitter.com/_next/static/chunks/ Frame 231E 		597 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/0.ad6e60829dfc07776f5e.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D0B) /
Resource Hash
d2cf364cab1d465f08450bc1033aef3a648324781b68449c5b1a8a86337e6e9d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 06:24:20 GMT
Content-Encoding
gzip
Age
2111746
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
187307
Last-Modified
Thu, 03 Nov 2022 19:46:28 GMT
Server
ECS (nyb/1D0B)
Etag
"f8a649284ac45133fc2c0b92defbd7b3+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
1.f4b5d6e5e8dcb4c6aa7f.js
platform.twitter.com/_next/static/chunks/ Frame 231E 		1 MB
293 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/1.f4b5d6e5e8dcb4c6aa7f.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D20) /
Resource Hash
c747d2cb399992e61edba257e087265cb0212433935e4506f0f2c5375d570367

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 06:24:20 GMT
Content-Encoding
gzip
Age
2111746
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
299281
Last-Modified
Thu, 03 Nov 2022 19:46:26 GMT
Server
ECS (nyb/1D20)
Etag
"5a0c374fae04eeb3b101385087754b18+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
4.87a72bcd1cc186518122.js
platform.twitter.com/_next/static/chunks/ Frame 231E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/4.87a72bcd1cc186518122.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D08) /
Resource Hash
9e9de6d094db7385e648d25686207bbd961fc21b563a0ebb176e59ed9526ae07

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 06:24:20 GMT
Content-Encoding
gzip
Age
2111746
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
1276
Last-Modified
Thu, 03 Nov 2022 19:46:26 GMT
Server
ECS (nyb/1D08)
Etag
"ff2a4a029f711ed6f7dcb3f1f834609a+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b40868a269d29692abde9947972e7122d4e8b1687ea497e2684b858a4388719

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
get
audiencedata.im-apps.net/imuid/ 		10 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01GJYEGW1AEN1XJ5E0D8ZBKX52
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
https://picrew.me
date
Mon, 28 Nov 2022 06:24:20 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10
content-type
application/json
ondemand.Dropdown.8bc7f6ae41bfb038b2b2.js
platform.twitter.com/_next/static/chunks/ Frame 231E 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/ondemand.Dropdown.8bc7f6ae41bfb038b2b2.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D17) /
Resource Hash
bb63f8f3077e1d4d470b89b2fc6e3acf7d9a99d622ecd639de5448d80e84f56d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 06:24:20 GMT
Content-Encoding
gzip
Age
2111746
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
2624
Last-Modified
Thu, 03 Nov 2022 19:46:26 GMT
Server
ECS (nyb/1D17)
Etag
"24b6ad17fef6a1d54596d62f11e5a2c6+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=picrew.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=picrew.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		73 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4100222670287867&correlator=2462077478313646&eid=44752585&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=9176203%3A22014346682%2C1749267&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=5&adks=107967635&sfv=1-0-40&prev_scp=amznbid%3Dv9jmyo%26amznp%3D19ch14w%26amzniid%3DJCLZjHVodSwdyzqA4Dkxm3AAAAGEvOhwZwEAAAJYAQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICC46wjA%26amznsz%3D336x280&eri=1&sc=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&abxe=1&dt=1669616661048&lmt=1669616661&dlt=1669616658888&idt=406&adxs=288&adys=1556&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpicrew.me%2F&frm=20&vis=1&psz=708x2243&msz=708x0&fws=0&ohw=0&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31e62e680aad316ef27bac23432f36e7481ac3d00a2d9860035c92cd6a5a57a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23296
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://picrew.me
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		73 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4100222670287867&correlator=2462077478313646&eid=44752585&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=9176203%3A22014346682%2C1715044&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=6&adks=1057466509&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26amznbid%3Dxhge0w%26amznp%3D19ch14w%26amzniid%3DJEW6aW6qFSjGN1lNOu5lIM4AAAGEvOhwZwEAAAJYAQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICDXIBfx%26amznsz%3D728x90&eri=1&sc=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&abxe=1&dt=1669616661054&lmt=1669616661&dlt=1669616658888&idt=406&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpicrew.me%2F&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
204dd54a4ade43e618173e89e25c638d3c39e03fa068ed2ef930dd5286e60f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22695
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://picrew.me
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js
platform.twitter.com/_next/static/chunks/ Frame 231E 		148 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D0D) /
Resource Hash
222fa391f26a0b6f4b5d8459ada308e078e6d2e69707766e247692a6f45676c8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 06:24:21 GMT
Content-Encoding
gzip
Age
2189011
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
41941
Last-Modified
Wed, 28 Sep 2022 17:24:15 GMT
Server
ECS (nyb/1D0D)
Etag
"72929dff5e574c1b877555fd36c7683a+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
like.4.json
abs.twimg.com/sticky/animations/ Frame 231E 		24 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://abs.twimg.com/sticky/animations/like.4.json
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/1.f4b5d6e5e8dcb4c6aa7f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/475A) /
Resource Hash
4a63dcb831e6c6745d79ccc6984ba1f2a8f1f598deef41a1fa149254565c6350
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=631138519
age
3331982
x-ton-expected-size
24292
x-cache
HIT
content-length
1897
x-response-time
10
surrogate-key
twitter-assets
last-modified
Thu, 20 Oct 2022 16:50:56 GMT
server
ECAcc (nyb/475A)
etag
"YKYmOkwIx9KztN7bQT7x8g=="
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-transaction-id
80afab27525733bc
perf
7626143928
x-connection-hash
00620de26479f72103b0d6f4ca0873a782dd4164b4c1379a9b6b21190ad4a58b
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Tue, 28 Nov 2023 06:24:21 GMT
jot
syndication.twitter.com/i/ Frame 231E 		43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669616661078%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fpicrew.me%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%223a64761%3A1667500028145%22%2C%22widget_data_source%22%3A%22screen-name%3Apicrew_tc%22%7D&session_id=9209b315dd027bacfa0705a5e5562084d3b7f79f
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/picrew_tc?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=ja&maxHeight=400px&origin=https%3A%2F%2Fpicrew.me%2F&sessionId=9209b315dd027bacfa0705a5e5562084d3b7f79f&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syndication.twitter.com/srv/timeline-profile/screen-name/picrew_tc?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=ja&maxHeight=400px&origin=https%3A%2F%2Fpicrew.me%2F&sessionId=9209b315dd027bacfa0705a5e5562084d3b7f79f&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-response-time
11
date
Mon, 28 Nov 2022 06:24:20 GMT
strict-transport-security
max-age=631138519
last-modified
Mon, 28 Nov 2022 06:24:21 GMT
server
tsa_b
vary
Origin
content-type
image/gif
x-transaction-id
e942f51dc62dec10
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
fc89623caaae3c213e80c229f91267f3e3a7bfe26e150f48e24d2f57a2e3cc30
content-length
43
css
fonts.googleapis.com/ Frame 0A42 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Nov 2022 06:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 05:17:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Nov 2022 06:24:21 GMT
css
fonts.googleapis.com/ Frame 0A42 		1 KB
427 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Secular+One&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
12898b046a32b07eee86be288ef4076c76f472a03ebc62cc4c94bf3bef845699
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Nov 2022 06:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 06:01:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Nov 2022 06:24:21 GMT
css2
fonts.googleapis.com/ Frame 0A42 		2 KB
552 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Nov 2022 06:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 05:02:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Nov 2022 06:24:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0A42 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 19:08:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
40533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 19:08:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0A42 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 19:08:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
40533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 19:08:48 GMT
l
www.google.com/ads/measurement/ Frame 0A42 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTxxCVM0mXjxfSkTCsElIxT_j8TqBWzeusx9wvzXXKlfkW4VPH1ihofDmZo5Lp291iQ4G_g8oGlYBsDmC08hZiIHyon7A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0A42 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Nov 2022 06:24:21 GMT
css
fonts.googleapis.com/ Frame 2327 		3 KB
601 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Nov 2022 06:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 05:11:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Nov 2022 06:24:21 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2327 		2 KB
846 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 20:02:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
37289
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 20:02:52 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 2327 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 02:11:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
15148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 02:11:53 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2327 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 19:08:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
40533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 19:08:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2327 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 19:08:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
40533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 19:08:48 GMT
l
www.google.com/ads/measurement/ Frame 2327 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS4AqLMkc4l8BJBOvoxV6Y3qESQ7kE-Xe8xjESi6G0qqzThxxTWuE7KyLFTTT3q5CUHrjV8PByEmmxWGZoFRNHQGfnMZA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2327 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Nov 2022 06:24:21 GMT
f7733d2b54a65c984752ab0a98c7def9.js
www.gstatic.com/mysidia/ Frame 2327 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 20:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209085
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 13:59:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 23 Feb 2023 20:19:36 GMT
sync.html
sync.logly.co.jp/sync/ Frame FA1C 		495 B
664 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.logly.co.jp/sync/sync.html
Requested by
Host: l.logly.co.jp
URL: https://l.logly.co.jp/lift_widget.js?adspot_id=4305880
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.181.73 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-181-73.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer
https://picrew.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=2592000
content-length
495
content-type
text/html
date
Mon, 28 Nov 2022 06:24:21 GMT
etag
"6383a11e-1ef"
last-modified
Sun, 27 Nov 2022 17:40:46 GMT
server
nginx
PVUlLPMP_normal.png
pbs.twimg.com/profile_images/1252867789020262400/ Frame 231E 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1252867789020262400/PVUlLPMP_normal.png
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/picrew_tc?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=ja&maxHeight=400px&origin=https%3A%2F%2Fpicrew.me%2F&sessionId=9209b315dd027bacfa0705a5e5562084d3b7f79f&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D28) /
Resource Hash
16cad2e6beabbaba2649cdac66affba5d690012a4d8437529ef5780734f06af1
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:21 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
466958
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
1427
x-response-time
12
surrogate-key
profile_images profile_images/bucket/3 profile_images/1252867789020262400
last-modified
Wed, 22 Apr 2020 07:50:12 GMT
server
ECS (nyb/1D28)
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
x-transaction-id
833b715c1d55ef30
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
e9c567efa8ddefbfb182f072db1fba62e3df586eb264faa0458de09a25d14e6b
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
iu3
s.amazon-adsystem.com/ Frame 9E2C
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&dcc=t
371 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
9b816d8a08e18df4a316daa7dbf1035132207e67f61129c84f0c1828c7e2c4ef
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://picrew.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
371
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 28 Nov 2022 06:24:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
JB3VK3RDW7SAEF755CX1

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 28 Nov 2022 06:24:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
T7PQKT0X97781CM8ZDV5
adview
googleads.g.doubleclick.net/pagead/ Frame 0A42 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CsZRaFFSEY5-GCPOrvPIPj4-22AHSkbaNbbnQrsqWD8CNtwEQASAAYP3oooHwA4IBF2NhLXB1Yi05NjkyMTM0MDA1Mzg1Njk3yAEJqAMBqgS2AU_QxwIqu-YC9bViMUXNj49mDxlEXMBHqH3FnL0UhLc_0JFef9XbNa1Btzn18WbZpS3DEB7C42vFMH7nRo4q4I78PWy_8gwGawuDTlAeX7vAwQvCFemLH1UkTbZXX5Tu_rRseBbpmwlFWN99ByoGfu3nqR9Od4IxZh-DYKGElsMWbI81WCtiOJ2GW-CPaMUhX1u9X0RM5Pg9BHcUtmm2BieRNPyoFvGAO3GQjda3ZjlvtJcZKg9cgAav-YiV8a3DvGegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05NjkyMTM0MDA1Mzg1Njk3GAA&sigh=oQn8MdqrbCQ&uach_m=[UACH]&cid=CAQSPADq26N9qjxRqQkz9JD2ekGVhYGvxTevRLPjf0BgkEo7rqUPpnmfY2pzMQgtBkUDxv9GRp0G0vyZmomwZBgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 28 Nov 2022 06:24:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rtimp
g.bidbrain.app/ Frame 0A42 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp?sid=4af7da36-6ee5-11ed-b604-a21edebfaa60&d=picrew.me&cr=ext_gen2_v10_start_fires&gid=CAESEIV_bm7fMCh_yG_bqEhleek&a=imp&p=Y4RUFAACAx8ITxXzAA2Hj2YEvir64lxwuFJoKg&im=lCpOiHtGS03V9xP_l86wNwB2zWad7LWgI5VK78-9g5P_k_pB-cfcCOzxm6uPONpZIqfOPtyF4Jda-7m7KTb26osewHeq203QDfKA3WSK_47aPhhkDYXDafHHSYEeU4MmHcqbs9fupjy_C0xSNxp9bl19XrQlOUz89GvJ3wdRyBcWsANph1lb1-UcRk9hvbiITy97OKBR72MUKxu3d3rlTO_FY6tpqwU53OUovZLGtx4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:21 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
adview
googleads.g.doubleclick.net/pagead/ Frame 2327 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CTLTFFFSEY-j8CJmSxtYP5LeBmA6304anbfqrvs3JEOjis8HrJRABINnG_iBg_eiigfADoAGovOOHAsgBCagDAcgDywSqBMgBT9DwruYgwZA_UHlvxPX1D7KOWDWW9ryg8CNQ8wNysTsB7oCg7eflCFc9EO61qXEyXpKB_cy0Oy_nHwSbcRD0vHK_ZwbugMtTFbWRiV8HOQ12J3KhGvXuI_m3Ke2ZaYWdNT6jSBugGSAmqqnxktoumqhwhS9_pLrBCRul7daOUjRETdZVKHtElbDV4pc_s6zGbSKMkaDGhtYJefDqeNuZ2rlwuCeq6tkePZ1h1hF2l1HHlgDKZJnD7cZkIhCA14O-pt6y_TqJTs7ABIbw25iDBJIFBAgEGAGSBQQIBRgEoAYugAfAw5z4AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCY2gXSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwyIFAXQFQGAFwGyFxwKGggAEhRwdWItOTY5MjEzNDAwNTM4NTY5NxgA&sigh=--rfsljNlio&uach_m=[UACH]&cid=CAQSPADq26N95wT4xU3Enq6gQu8OyGvBtSKLfYrs8cTv2q-pzGqGXsWttRj1PVNbQ79YknRRs_mMg7v0tFwsihgBIBM&template_id=494
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 28 Nov 2022 06:24:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
15631137905742036894_13529710312636639727.jpeg
static.doubleclick.net/dynamic/5/404368023/ Frame 2327 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/404368023/15631137905742036894_13529710312636639727.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd10177f249e6d25a7e2e0b8e745c5f2a23098a7a65dde101e8efd2c73b97973
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 00:47:11 GMT
x-content-type-options
nosniff
age
452230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8370
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 09:42:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 00:47:11 GMT
11078312754182637576_12501300056224037174.jpeg
static.doubleclick.net/dynamic/5/404368023/ Frame 2327 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/404368023/11078312754182637576_12501300056224037174.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fd3f6b9710792883d0b33ed3175baaf79bd4d80f83de702405c2c4dafe26051
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 00:46:17 GMT
x-content-type-options
nosniff
age
452284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8221
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 09:43:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 00:46:17 GMT
293825764563390435_10442818809150266833.jpeg
static.doubleclick.net/dynamic/5/404368023/ Frame 2327 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/404368023/293825764563390435_10442818809150266833.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f127151eeef2e2b7c778d5ea14d322dcca53806ef3ff1c8f537dd3d64374469
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 03:11:01 GMT
x-content-type-options
nosniff
age
443600
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5799
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 09:42:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 03:11:01 GMT
10390141500265630231_994857875155016969.jpeg
static.doubleclick.net/dynamic/5/404368023/ Frame 2327 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/404368023/10390141500265630231_994857875155016969.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2c26dc85b9cd747795d9003a6bbaaddbf78ec32a2b1453fea1776bcc0276f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 08:27:26 GMT
x-content-type-options
nosniff
age
338215
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6933
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 09:42:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Nov 2023 08:27:26 GMT
11615288075056002177
tpc.googlesyndication.com/simgad/ Frame 2327
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_74LJwAEQlgEYlgEyCCaL1LRoi4G2
  • https://tpc.googlesyndication.com/simgad/11615288075056002177
41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11615288075056002177
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H3
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a86740c1521c7aefeecf00a486084fed4e149620a72ed3471c0ca3b37775e35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 00:22:06 GMT
x-content-type-options
nosniff
age
453735
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42133
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 02:54:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 23 Nov 2023 00:22:06 GMT

Redirect headers

date
Mon, 28 Nov 2022 00:22:34 GMT
x-content-type-options
nosniff
server
cafe
age
21707
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/11615288075056002177
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 28 Dec 2022 00:22:34 GMT
prebid-v7.25.0.js
cpt.geniee.jp/hb/v1/lib/ 		406 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpt.geniee.jp/hb/v1/lib/prebid-v7.25.0.js
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/201548/64/wrapper.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.12 Yokodai, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p012.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash
5238613fe3671b0e41587986e1f92f93a51fbfc0c43e1f124adee3100d0b7716

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:21 GMT
content-encoding
gzip
last-modified
Thu, 24 Nov 2022 05:17:50 GMT
server
nginx
etag
W/"637efe7e-657e4"
content-type
application/javascript
cache-control
max-age=86400, private
cross-origin-resource-policy
cross-origin
expires
Tue, 29 Nov 2022 06:24:21 GMT
gnshbrequest-v2.13.0.js
cpt.geniee.jp/hb/v1/lib/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpt.geniee.jp/hb/v1/lib/gnshbrequest-v2.13.0.js
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/201548/64/wrapper.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.12 Yokodai, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p012.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash
2743a0d4bee0dd33f2136f1bbfb66beff6055a1ba2b8300725920d110950cedf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:21 GMT
content-encoding
gzip
last-modified
Mon, 28 Nov 2022 03:01:20 GMT
server
nginx
etag
W/"63842480-17ac8"
content-type
application/javascript
cache-control
max-age=86400, private
cross-origin-resource-policy
cross-origin
expires
Tue, 29 Nov 2022 06:24:21 GMT
/
post-endpoint-gckeev2zma-an.a.run.app/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://post-endpoint-gckeev2zma-an.a.run.app/
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/201548/64/wrapper.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://picrew.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

x-cloud-trace-context
562ac88a7be02ee9900467519e6276e8
date
Mon, 28 Nov 2022 06:24:21 GMT
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BA49 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
47772
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 17:08:09 GMT
etag
48472445140208031
expires
Mon, 28 Nov 2022 17:08:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8732 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
47772
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 17:08:09 GMT
etag
48472445140208031
expires
Mon, 28 Nov 2022 17:08:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 57D0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://picrew.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 06:24:20 GMT
expires
Tue, 28 Nov 2023 06:24:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2327 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad9b830182fd9e5a1dfbe589425c2eb28d9f45fd278b9fc37164ad6d2014d991

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
pr
s.amazon-adsystem.com/v3/ Frame 734E 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
ccbd1edd6f0621a5bce96dbecf176c54d09e109788defa11ba005c4e19cf4205
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3382
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 28 Nov 2022 06:24:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
8K6BPP0QADR7V1X8EC5A
dpixel
cms.quantserve.com/ Frame BA49 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPSAUA3nhryRUSnVKZHmjYA&google_cver=1&google_push=ASkJ3FYQhliHqmru1dKOJwJTR7JZPwzKXuJWjbjJQypb17KEOyytZfCtyGI4eLge6_QbzzDD6v5lQKK0R6M6R_xZr7bFU0HbI3Ey
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:21 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BA49
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEBTNu37xoDECABy73GrRmns&google_cver=1&google_push=ASkJ3FYdQesctKMU1uMxFW5aHvU42woOi7sRsDEOcCV8D8_t0h2qNDeDxOc8z0m0WGt9IpVE-1CP7htjyd4QJ4H9lflhKpWC4HOO
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYdQesctKMU1uMxFW5aHvU42woOi7sRsDEOcCV8D8_t0h2qNDeDxOc8z0m0WGt9IpVE-1CP7htjyd4QJ4H9lflhKpWC4HOO&google_hm=Q0FFU0VCVE51Mzd4b0RFQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYdQesctKMU1uMxFW5aHvU42woOi7sRsDEOcCV8D8_t0h2qNDeDxOc8z0m0WGt9IpVE-1CP7htjyd4QJ4H9lflhKpWC4HOO&google_hm=Q0FFU0VCVE51Mzd4b0RFQ0FCeTczR3JSbW5z
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:21 GMT
via
1.1 4c18e6ed879a674305cb5156731cf396.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
EWR53-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYdQesctKMU1uMxFW5aHvU42woOi7sRsDEOcCV8D8_t0h2qNDeDxOc8z0m0WGt9IpVE-1CP7htjyd4QJ4H9lflhKpWC4HOO&google_hm=Q0FFU0VCVE51Mzd4b0RFQ0FCeTczR3JSbW5z
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
MSjxg0JrPiL9Jy0cqXstWIQiFbF4w6KytZNvxlZn8szeU_bDy3sxBQ==
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BA49
Redirect Chain
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEH_Dtx7Uf4lb1WX0Hk3LxTE&google_push=ASkJ3FYtocTd_ZKX1OkTt3XhraDdoB8LgTYfY3XOY8v2Lz1B-jqElYXb7DN8YHjJU-J3SFK7P3U_Liqxlla9BsqI_ZS31Me...
  • https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3FYtocTd_ZKX1OkTt3XhraDdoB8LgTYfY3XOY8v2Lz1B-jqElYXb7DN8YHjJU-J3SFK7P3U_Liqxlla9BsqI_ZS31MemjkHb&google_hm=MTA2MjAxMjEyNDAzND...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3FYtocTd_ZKX1OkTt3XhraDdoB8LgTYfY3XOY8v2Lz1B-jqElYXb7DN8YHjJU-J3SFK7P3U_Liqxlla9BsqI_ZS31MemjkHb&google_hm=MTA2MjAxMjEyNDAzNDE1OTk1NTc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:21 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3FYtocTd_ZKX1OkTt3XhraDdoB8LgTYfY3XOY8v2Lz1B-jqElYXb7DN8YHjJU-J3SFK7P3U_Liqxlla9BsqI_ZS31MemjkHb&google_hm=MTA2MjAxMjEyNDAzNDE1OTk1NTc
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BA49
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_XeNMvzHSL6Xr_RbuZWlWA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_XeNMvzHSL6Xr_RbuZWlWA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3Fa5Qb0plC6eeuW8PG8ghusB_4sGOseJXcWfvahE30nB_vMIm8YISDxAclJvhVAwlLiOPrRMRFwWsAiE5Spnj3PrpjfMHYmO
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_XeNMvzHSL6Xr_RbuZWlWA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3Fa5Qb0plC6eeuW8PG8ghusB_4sGOseJXcWfvahE30nB_vMIm8YISDxAclJvhVAwlLiOPrRMRFwWsAiE5Spnj3PrpjfMHYmO
date
Mon, 28 Nov 2022 06:24:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame BA49
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHoiSHzatQqB0Myj1GlWybo&google_cver=1&google_push=ASkJ3FZIw0zF_pVuaL8ZdZMgbXYdSCrPTQ85BLPCWAgdSp5Zhwmlsksgm5BShCiE4FvsnmHYeT9...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwRU5IRU0tMVAtMU9SWQ==&google_push=ASkJ3FZIw0zF_pVuaL8ZdZMgbXYdSCrPTQ85BLPCWAgdSp5Zhwmlsksgm5BShCiE4FvsnmHYeT9rpH9I15koUg_2ZEESSfFxQaGI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwRU5IRU0tMVAtMU9SWQ==&google_push=ASkJ3FZIw0zF_pVuaL8ZdZMgbXYdSCrPTQ85BLPCWAgdSp5Zhwmlsksgm5BShCiE4FvsnmHYeT9rpH9I15koUg_2ZEESSfFxQaGI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwRU5IRU0tMVAtMU9SWQ==&google_push=ASkJ3FZIw0zF_pVuaL8ZdZMgbXYdSCrPTQ85BLPCWAgdSp5Zhwmlsksgm5BShCiE4FvsnmHYeT9rpH9I15koUg_2ZEESSfFxQaGI
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
Expires
0
pixel
cm.g.doubleclick.net/ Frame BA49
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFr4bII7dKJq5CUhBn3mpXE&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFr4bII7dKJq5CUhBn3mpXE&google_push=AS...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFr4bII7dKJq5CUhBn3mpXE&google_hm=Y4RUFRmFUR9wEVZ4O6_xMQAAACgAAAIB&google_nid=index&google_push=ASkJ3FbKr2zXMdIxrH2s3MneLimcic6-fg2lF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFr4bII7dKJq5CUhBn3mpXE&google_hm=Y4RUFRmFUR9wEVZ4O6_xMQAAACgAAAIB&google_nid=index&google_push=ASkJ3FbKr2zXMdIxrH2s3MneLimcic6-fg2lFTB_NmstmF5Qymiho9YF2BuD4h7CylC7HSsubJjg4BmBqf27l55ZSHn0WFxpWBxk
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZxt%2BCY7SO9WrXtWk2DV62PFkV8mIkUDTTGcpB0Kyab8bn0a0c%2B82MzlB9CCa4x4BntkBLPche3VnD8%2FMKZPn87k9QzAu3vgbo5k8MjFIXSw6JliSkaQALRMfuHazLka%2BOxEAtEnaSGPqA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFr4bII7dKJq5CUhBn3mpXE&google_hm=Y4RUFRmFUR9wEVZ4O6_xMQAAACgAAAIB&google_nid=index&google_push=ASkJ3FbKr2zXMdIxrH2s3MneLimcic6-fg2lFTB_NmstmF5Qymiho9YF2BuD4h7CylC7HSsubJjg4BmBqf27l55ZSHn0WFxpWBxk
cache-control
no-cache
cf-ray
7711052a6db93ffe-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame BA49
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEE3hfzt7aDCG_W89lqti_ro&google_cver=1&google_push=ASkJ3FZ5PU7eVJRp8trzA-R0IVnqY96kRjjfQfE1wXYBNdYhvMeKi0rpWoLu0WaDONvEazi4izGaJQ0qQeU4LnwGc9dqXZPkLEvN
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FZ5PU7eVJRp8trzA-R0IVnqY96kRjjfQfE1wXYBNdYhvMeKi0rpWoLu0WaDONvEazi4izGaJQ0qQeU4LnwGc9dqXZPkLEvN&google_hm=840e072dccd6496f0c2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FZ5PU7eVJRp8trzA-R0IVnqY96kRjjfQfE1wXYBNdYhvMeKi0rpWoLu0WaDONvEazi4izGaJQ0qQeU4LnwGc9dqXZPkLEvN&google_hm=840e072dccd6496f0c25a67f23c58cc2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FZ5PU7eVJRp8trzA-R0IVnqY96kRjjfQfE1wXYBNdYhvMeKi0rpWoLu0WaDONvEazi4izGaJQ0qQeU4LnwGc9dqXZPkLEvN&google_hm=840e072dccd6496f0c25a67f23c58cc2
date
Mon, 28 Nov 2022 06:24:21 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
attr
cm.g.doubleclick.net/pixel/ Frame BA49 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I-ePcrvKG0OTU4gWdOyK96BgU-v8KXlQ2OuicP5JSKs7b640JPzLIKIqf7MlWSy6EdiP1m
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:21 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
ev
g.bidbrain.app/rt/ Frame 0A42 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rt/ev?ka=0.18765464794321862
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
truncated
/ Frame 0A42 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ba5097f67a305468d8bbebcfb3afc026966ac945cb19defd81aae821d686985

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0A42 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 13:22:36 GMT
x-content-type-options
nosniff
age
320506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 13:22:36 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0A42 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 22:31:34 GMT
x-content-type-options
nosniff
age
373968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 22:31:34 GMT
pixel
cm.g.doubleclick.net/ Frame 8732
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAzJk0C_Chl2k_zWQEb7iW0&google_cver=1&google_push=ASkJ3FYOOrOaiOa8ICM6tEMqWFUuoveoMQhCBWClWQMs9TFfNFC9Pw-Nb8...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FYOOrOaiOa8ICM6tEMqWFUuoveoMQhCBWClWQMs9TFfNFC9Pw-Nb8a-aZKaSOQaC96tJTcNCBtiDb6wiS5dQhiz8Mj8JdFhsQ&google_hm=hR5I...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FYOOrOaiOa8ICM6tEMqWFUuoveoMQhCBWClWQMs9TFfNFC9Pw-Nb8a-aZKaSOQaC96tJTcNCBtiDb6wiS5dQhiz8Mj8JdFhsQ&google_hm=hR5IsJ78acX6tefO03MWLA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FYOOrOaiOa8ICM6tEMqWFUuoveoMQhCBWClWQMs9TFfNFC9Pw-Nb8a-aZKaSOQaC96tJTcNCBtiDb6wiS5dQhiz8Mj8JdFhsQ&google_hm=hR5IsJ78acX6tefO03MWLA
pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8732
Redirect Chain
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJfY5TuL5eiKs2MKlaSGSHE&google_push=ASkJ3FYpf7k9UdmiDJ18G96mPs-t64ZtEyLtktQU_iekkt_eMiidAaVEKg4c9dG_zQ5qVne1TffGx8Lh0P5W-V-8SWfjDwk...
  • https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3FYpf7k9UdmiDJ18G96mPs-t64ZtEyLtktQU_iekkt_eMiidAaVEKg4c9dG_zQ5qVne1TffGx8Lh0P5W-V-8SWfjDwkOXz6B&google_hm=MTA2MjAxMjEyNDAzND...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3FYpf7k9UdmiDJ18G96mPs-t64ZtEyLtktQU_iekkt_eMiidAaVEKg4c9dG_zQ5qVne1TffGx8Lh0P5W-V-8SWfjDwkOXz6B&google_hm=MTA2MjAxMjEyNDAzNDE1OTk1NTc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3FYpf7k9UdmiDJ18G96mPs-t64ZtEyLtktQU_iekkt_eMiidAaVEKg4c9dG_zQ5qVne1TffGx8Lh0P5W-V-8SWfjDwkOXz6B&google_hm=MTA2MjAxMjEyNDAzNDE1OTk1NTc
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8732
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEK_cIPc2sEjFPms4WRfCuDI&google_cver=1&google_push=ASkJ3FbfKv5-TUqzJqX0FbVf6FPGgkQ29UBn43acfBxVFCs5JV_oaZzlJLwv2M3MzMti9qCO1c_K9cL0fzDAz5FJF-GFb3sH3Qh1FQ
  • https://rtb.openx.net/sync/dds?google_gid=CAESEK_cIPc2sEjFPms4WRfCuDI&google_cver=1&google_push=ASkJ3FbfKv5-TUqzJqX0FbVf6FPGgkQ29UBn43acfBxVFCs5JV_oaZzlJLwv2M3MzMti9qCO1c_K9cL0fzDAz5FJF-GFb3sH3Qh1F...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FbfKv5-TUqzJqX0FbVf6FPGgkQ29UBn43acfBxVFCs5JV_oaZzlJLwv2M3MzMti9qCO1c_K9cL0fzDAz5FJF-GFb3sH3Qh1FQ&google_hm=gBdaKOn6wRg3TW-WcwfLLA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FbfKv5-TUqzJqX0FbVf6FPGgkQ29UBn43acfBxVFCs5JV_oaZzlJLwv2M3MzMti9qCO1c_K9cL0fzDAz5FJF-GFb3sH3Qh1FQ&google_hm=gBdaKOn6wRg3TW-WcwfLLA==
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FbfKv5-TUqzJqX0FbVf6FPGgkQ29UBn43acfBxVFCs5JV_oaZzlJLwv2M3MzMti9qCO1c_K9cL0fzDAz5FJF-GFb3sH3Qh1FQ&google_hm=gBdaKOn6wRg3TW-WcwfLLA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
i5l8vb8bs6iqhq2e23nrqt31sbh898ge
pixel
cm.g.doubleclick.net/ Frame 8732
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_XeNMvzHSL6Xr_RbuZWlWA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_XeNMvzHSL6Xr_RbuZWlWA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYkcaoEprAWwSQRQ4oIu7tASEvkRaFVwaMa5b8zsrc_1IKd0GUF0xK1pZoS5pi5_5eprZFvfHApN1evbcSyUpr6poVA2BZGXg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_XeNMvzHSL6Xr_RbuZWlWA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYkcaoEprAWwSQRQ4oIu7tASEvkRaFVwaMa5b8zsrc_1IKd0GUF0xK1pZoS5pi5_5eprZFvfHApN1evbcSyUpr6poVA2BZGXg
date
Mon, 28 Nov 2022 06:24:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 8732
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBHmfYFDjncpomYFy-TwHtk&google_cver=1&google_push=ASkJ3Far7ZnAZOIkIOShsdgUWL83BT8lMJbquMoBm4KxJZXFdfK7EAPCd-Ip9y0mWluEfStM1u-...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwRU5ISjgtMVotRjhERw==&google_push=ASkJ3Far7ZnAZOIkIOShsdgUWL83BT8lMJbquMoBm4KxJZXFdfK7EAPCd-Ip9y0mWluEfStM1u-KSpCRe9meR2tTt29HunbbBF0f
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwRU5ISjgtMVotRjhERw==&google_push=ASkJ3Far7ZnAZOIkIOShsdgUWL83BT8lMJbquMoBm4KxJZXFdfK7EAPCd-Ip9y0mWluEfStM1u-KSpCRe9meR2tTt29HunbbBF0f
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwRU5ISjgtMVotRjhERw==&google_push=ASkJ3Far7ZnAZOIkIOShsdgUWL83BT8lMJbquMoBm4KxJZXFdfK7EAPCd-Ip9y0mWluEfStM1u-KSpCRe9meR2tTt29HunbbBF0f
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
Expires
0
pixel
cm.g.doubleclick.net/ Frame 8732
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIa4Z0i0wiTPf9izXk-2QRw&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIa4Z0i0wiTPf9izXk-2QRw&google_hm=Y4RUFRmFUR9wEVZ4O6_xMQAAACgAAAIB&google_nid=index&google_push=ASkJ3Fak_31blI5o-ZQ8Y-ZSEMAoAuagP5o1e...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIa4Z0i0wiTPf9izXk-2QRw&google_hm=Y4RUFRmFUR9wEVZ4O6_xMQAAACgAAAIB&google_nid=index&google_push=ASkJ3Fak_31blI5o-ZQ8Y-ZSEMAoAuagP5o1eJWcB16F3WQav94lOqEH7Nd1AulnSQkEcRYV40kry8qc6Tvxh85tC7TcVR9YvA9YhQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXPKgsA5FMxZijjiwC35Lekyv5s%2Fo8BkRzCHfSF%2BJOQsG6IfEgeMTD4ZOhSDGcSyEj7kOVLtroaWrentWIUYK%2BBm7e83gYzNvnMkjOI%2FZ4vUlv5TOUgv2gKax%2FpGgAe%2Fy1%2FkahM7yP1LUw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIa4Z0i0wiTPf9izXk-2QRw&google_hm=Y4RUFRmFUR9wEVZ4O6_xMQAAACgAAAIB&google_nid=index&google_push=ASkJ3Fak_31blI5o-ZQ8Y-ZSEMAoAuagP5o1eJWcB16F3WQav94lOqEH7Nd1AulnSQkEcRYV40kry8qc6Tvxh85tC7TcVR9YvA9YhQ
cache-control
no-cache
cf-ray
7711052a3d843ffe-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 8732
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESENKdLztvc5vWXK1CiPC6VIY&google_cver=1&google_push=ASkJ3Fb8jUJ-vLR8fPmXuBlkoyPIB3Eqqmri4X_blizfzbDu7CT5OguD8DOS-sz5fq9iWYFt3OnG4DqTFJLypss61uj2KVmGOSZF3g
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fb8jUJ-vLR8fPmXuBlkoyPIB3Eqqmri4X_blizfzbDu7CT5OguD8DOS-sz5fq9iWYFt3OnG4DqTFJLypss61uj2KVmGOSZF3g&google_hm=840e072dccd6496f0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fb8jUJ-vLR8fPmXuBlkoyPIB3Eqqmri4X_blizfzbDu7CT5OguD8DOS-sz5fq9iWYFt3OnG4DqTFJLypss61uj2KVmGOSZF3g&google_hm=840e072dccd6496f0c25a67f23c58cc2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fb8jUJ-vLR8fPmXuBlkoyPIB3Eqqmri4X_blizfzbDu7CT5OguD8DOS-sz5fq9iWYFt3OnG4DqTFJLypss61uj2KVmGOSZF3g&google_hm=840e072dccd6496f0c25a67f23c58cc2
date
Mon, 28 Nov 2022 06:24:22 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
attr
cm.g.doubleclick.net/pixel/ Frame 8732 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LmNtD8CVVMTel_7uE3s2JrzF2uWsjhVlFgPQzO0KNFZcCvF1jzNDpA6Zl039Wab-ECXk3I
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
container.html
4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BA8F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://picrew.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 06:24:20 GMT
expires
Tue, 28 Nov 2023 06:24:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame 734E
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3126182621455459000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3126182621455459000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B7PV1A56H0RHK8KVH672
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:22 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3126182621455459000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Mon, 28 Nov 2022 06:24:22 GMT
ecm3
s.amazon-adsystem.com/ Frame 734E
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=61514701
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=61514701
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MCPWXFTKV97PFGGG4518
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=61514701
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
6RXvlPWGV71ocNgxqfTNBXSV9meTwJcpdZEHMHFM2jRijNsBEfq6pw==
/
onetag-sys.com/match/ Frame 734E 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame 734E
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=775C27CFF77F4A8CBAAE1CEA8EBEC1C7&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=775C27CFF77F4A8CBAAE1CEA8EBEC1C7&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7RKCTWHXZD2FZT8077DF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 28 Nov 2022 06:24:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=775C27CFF77F4A8CBAAE1CEA8EBEC1C7&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 27 Nov 2022 06:24:22 GMT
ecm3
s.amazon-adsystem.com/ Frame 734E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=JTWqsAvpptZ0BXaQnN-4&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPKKKRLXC42BOZYHA5C2GBBFQ...
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=JTWqsAvpptZ0BXaQnN-4
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=JTWqsAvpptZ0BXaQnN-4
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4T6P5SQ1B5HQRGKC3AYD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:22 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=JTWqsAvpptZ0BXaQnN-4
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
101
Expires
Thu, 01 Dec 1994 16:00:00 GMT
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 2327 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 23:04:02 GMT
x-content-type-options
nosniff
age
458420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 23:04:02 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 2327 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:12:02 GMT
x-content-type-options
nosniff
age
461540
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 22:12:02 GMT
css2
fonts.googleapis.com/ Frame 57D0 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Nov 2022 06:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 05:14:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Nov 2022 06:24:22 GMT
css
fonts.googleapis.com/ Frame 5C23 		231 B
251 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E9%96%89%E3%81%98%E3%82%8B
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2494d8db899c91d0726b45a3d30be7aaf3d9cb6b6adec346a277391f1bbf292b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Nov 2022 06:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 06:15:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Nov 2022 06:24:22 GMT
css
fonts.googleapis.com/ Frame 5C23 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Nov 2022 06:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 06:08:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Nov 2022 06:24:22 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5C23 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 20:02:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
37290
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 20:02:52 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 5C23 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 02:11:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
15149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 02:11:53 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5C23 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 19:08:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
40534
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 19:08:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5C23 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 19:08:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
40534
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 19:08:48 GMT
l
www.google.com/ads/measurement/ Frame 5C23 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTxb2Wqqtkwiajoo_WZ1SW8cmxQJUp-L2Cl38mKaMIlyemyRd975jflCxqqYF8-ebxCryHYaBc8BEr0Sqd8mhJitODmuA
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5C23 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Nov 2022 06:24:22 GMT
f7733d2b54a65c984752ab0a98c7def9.js
www.gstatic.com/mysidia/ Frame 5C23 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 20:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209086
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 13:59:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 23 Feb 2023 20:19:36 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 57D0 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 20:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
37289
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8086
x-xss-protection
0
server
cafe
etag
7427986489964165156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 20:02:53 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 57D0 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 23:34:17 GMT
x-content-type-options
nosniff
age
24605
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 27 Nov 2023 23:34:17 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 57D0 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 08:27:10 GMT
x-content-type-options
nosniff
age
424632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 23 Nov 2023 08:27:10 GMT
cm
u.openx.net/w/1.0/ Frame 7D43 		722 B
885 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
6470e22d396386dd87685ba1a0c1e58a1b4286b5274bf5605b6b7c0065a6e4c4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
460
content-type
text/html
date
Mon, 28 Nov 2022 06:24:22 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame A148
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3010092134319996953&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3010092134319996953&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 28 Nov 2022 06:24:22 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
EA657EQNEJ2SNKPZMZKD

Redirect headers

content-length
0
date
Mon, 28 Nov 2022 06:24:21 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3010092134319996953&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame C7B3
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=636b41cda1e314ac&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHRaVpLKEs-gNCLw_JAAAAAAA&expiration=1669703062&is_secure=true
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHRaVpLKEs-gNCLw_JAAAAAAA&expiration=1669703062&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 28 Nov 2022 06:24:22 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
8F2D01KM0P593RDC27ST

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Mon, 28 Nov 2022 06:24:22 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHRaVpLKEs-gNCLw_JAAAAAAA&expiration=1669703062&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
/
match.sharethrough.com/jwumXNuB/v1/ Frame 8C36 		427 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.41.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-41-227.compute-1.amazonaws.com
Software
/
Resource Hash
4f1a922e8e101ed60296e5e6dae779b9a392ebdd31372dbf8f062ff586cefb1f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
427
date
Mon, 28 Nov 2022 06:24:22 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9ABA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-109-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=111160
content-encoding
gzip
content-length
5549
content-type
text/html
date
Mon, 28 Nov 2022 06:24:22 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 29 Nov 2022 13:17:02 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
tamptsync
sync-amz.ads.yieldmo.com/ Frame 8C04 		922 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.87.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-87-42.compute-1.amazonaws.com
Software
/
Resource Hash
a6b0a0d24196106f7202412d79c0f1147bc4805a8ad937d00328b205e4f3fbf2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Mon, 28 Nov 2022 06:24:22 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame 12D1 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.247.65.83 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-65-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 28 Nov 2022 06:24:22 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame E82E
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
828 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
1ad8b582223b581847eab8f4f75574a8ab9f92c8ff16da4ad6202d3ef41e9e10
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
828
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-6794d6fb46-fc2h8
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
cw-server
bh-deployment-6794d6fb46-fc2h8
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
umcheck
e1.emxdgt.com/ Frame 11F3
Redirect Chain
  • https://e1.emxdgt.com/um?if=true&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID
  • https://ib.adnxs.com/getuid?https://e1.emxdgt.com/umcheck?&if=true&apnxid=$UID&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zLmF...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fe1.emxdgt.com%2Fumcheck%3F%26if%3Dtrue%26apnxid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253Dbrealtime.c...
  • https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz...
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-emx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-243-83.compute-1.amazonaws.com
Software
/
Resource Hash
5b7e5db5ac95e48c880a852556684e64935d77cb32e00a871384df1b0096db56

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
2940
content-type
text/html
date
Mon, 28 Nov 2022 06:24:22 GMT
pragma
no-cache

Redirect headers

AN-X-Request-Uuid
1800e494-5464-4df3-85b4-a7e1d97803b7
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 28 Nov 2022 06:24:22 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
wrapper.html
wrappers.geoedge.be/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:a600:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer
https://picrew.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 28 Nov 2022 02:08:54 GMT
x-amz-version-id
gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
via
1.1 5c13c9f75e6e6d54f428b6693f8ee6e2.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 12:46:04 GMT
server
AmazonS3
x-amz-cf-pop
JFK51-C1
age
15329
etag
"4a6c546fe449447f2a620613c0655458"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
3121
x-amz-cf-id
Ody2r7afXgRMSkcUaoJRP8M-JkjFKotysz02ZIryrRSEYAHNF9fNJA==
ev
g.bidbrain.app/rt/ Frame 0A42 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rt/ev?ka=0.45874455999739894
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
rtimp
g.bidbrain.app/ Frame 0A42 		0
18 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp?sid=4af7da36-6ee5-11ed-b604-a21edebfaa60&d=picrew.me&cr=ext_gen2_v10_start_fires&gid=CAESEIV_bm7fMCh_yG_bqEhleek&a=vw_100&p=Y4RUFAACAx8ITxXzAA2Hj2YEvir64lxwuFJoKg&r=1735071195&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
rtimp
g.bidbrain.app/ Frame 0A42 		0
18 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp?sid=4af7da36-6ee5-11ed-b604-a21edebfaa60&d=picrew.me&cr=ext_gen2_v10_start_fires&gid=CAESEIV_bm7fMCh_yG_bqEhleek&a=load&p=Y4RUFAACAx8ITxXzAA2Hj2YEvir64lxwuFJoKg&r=1735071195&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
container.html
4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3F39 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://picrew.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 06:24:20 GMT
expires
Tue, 28 Nov 2023 06:24:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
policy-check
cpt.geniee.jp/hb/v1/ 		12 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpt.geniee.jp/hb/v1/policy-check?loc=https%3A%2F%2Fpicrew.me%2F&list_id=mid-201548
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/gnshbrequest-v2.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.12 Yokodai, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p012.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash
3108e15dfc911f1a730106ee1e44c941639e0b7add838d095680425e86d086c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 28 Nov 2022 06:24:22 GMT
cache-control
max-age=10800, private
cross-origin-resource-policy
cross-origin
server
nginx
content-length
12
content-type
application/json
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221128
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee97a03605a5e53f9b6af04e024235c6d596c35a1c8b4ca046536771e2c7182d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://picrew.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12200
x-jsd-version
1.0.1537
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4551-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66a-1SoLSfjYYtdibbDcpu8kSS13cKg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HceCJa1qHGqENiYBfq7nW8uxYTqAoKnY9V%2F7dQ5yKFaa0FvLWVnnCXgqHTHfsbOKhyZ96peP7OoVaQ%2FVqBlVUczzmZrp9bTuwHB%2BlcYl%2Fg5O2I4OMS3ADZagsjeEqu%2BZ1RaFVZutdwXTQjBDMwo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7711052c6e337148-YUL
bid.json
ds.uncn.jp/pb/0/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11534&site_id=430502&zone_id=2466168&size_id=15&alt_size_ids=10%2C16&rp_schain=1.0,1!genieesspv.jp,33480,1,,,&eid_pubcid.org=e08e6303-0ac0-43a3-8c34-f14be5e64f93%5E1&rf=https%3A%2F%2Fpicrew.me%2F&tk_flint=pbjs_lite_v7.25.0&x_source.tid=69af826b-1578-4beb-b642-b12e4e3363ed&l_pb_bid_id=9a81cc02b601ae&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.06154534338273576
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2d327de311658cd2c2f162b5a87dbe25dcb5193915bc37bc33b3afc28f2e0c34

Request headers

Referer
https://picrew.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://picrew.me
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		262 B
808 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11534&site_id=430502&zone_id=2584230&size_id=43&alt_size_ids=117&rp_schain=1.0,1!genieesspv.jp,33480,1,,,&eid_pubcid.org=e08e6303-0ac0-43a3-8c34-f14be5e64f93%5E1&rf=https%3A%2F%2Fpicrew.me%2F&tk_flint=pbjs_lite_v7.25.0&x_source.tid=4ae798d8-da4a-4067-b020-a63dad79e489&l_pb_bid_id=100e7207de78f54&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1635174194077189
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
cc3295e8ccff54ca5e89d4ba7e1ecb824446b1623cbba680af0672eab98fe133

Request headers

Referer
https://picrew.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://picrew.me
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
262
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		262 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11534&site_id=430502&zone_id=2584230&size_id=43&alt_size_ids=117&rp_schain=1.0,1!genieesspv.jp,33480,1,,,&eid_pubcid.org=e08e6303-0ac0-43a3-8c34-f14be5e64f93%5E1&rf=https%3A%2F%2Fpicrew.me%2F&tk_flint=pbjs_lite_v7.25.0&x_source.tid=ea34462f-39b0-4352-b526-0efa66b6e047&l_pb_bid_id=116974939e340eb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.11713269161069118
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f39a5f508a809fb56ac75571a7de8cb7d0f9e17167bc0880c9326763c01d0a59

Request headers

Referer
https://picrew.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://picrew.me
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
262
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		262 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11534&site_id=430502&zone_id=2584230&size_id=43&alt_size_ids=117&rp_schain=1.0,1!genieesspv.jp,33480,1,,,&eid_pubcid.org=e08e6303-0ac0-43a3-8c34-f14be5e64f93%5E1&rf=https%3A%2F%2Fpicrew.me%2F&tk_flint=pbjs_lite_v7.25.0&x_source.tid=0cbe2d58-d67f-4185-a9a6-f0e5b1ef3551&l_pb_bid_id=1265a8be055c33b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.40965156117245116
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
80dcfe1183bf1e5dc08f5c5f2b42598b9c0c0f68395cc16446f3303a3dc027e1

Request headers

Referer
https://picrew.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://picrew.me
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
262
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		262 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11534&site_id=430502&zone_id=2584232&size_id=43&alt_size_ids=117&rp_schain=1.0,1!genieesspv.jp,33480,1,,,&eid_pubcid.org=e08e6303-0ac0-43a3-8c34-f14be5e64f93%5E1&rf=https%3A%2F%2Fpicrew.me%2F&tk_flint=pbjs_lite_v7.25.0&x_source.tid=0d751775-c9f3-49d8-80ab-6b12b2adce8f&l_pb_bid_id=13d98c99aaa1648&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.13025240063603083
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0ab72ef75e30a7de76f68e4dd2b7dafc18f49d6a94e60baae82c3822c66be58a

Request headers

Referer
https://picrew.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://picrew.me
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
262
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		262 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11534&site_id=430502&zone_id=2584232&size_id=43&alt_size_ids=117&rp_schain=1.0,1!genieesspv.jp,33480,1,,,&eid_pubcid.org=e08e6303-0ac0-43a3-8c34-f14be5e64f93%5E1&rf=https%3A%2F%2Fpicrew.me%2F&tk_flint=pbjs_lite_v7.25.0&x_source.tid=6b27e439-493a-4161-a587-15ae4eb47946&l_pb_bid_id=145a5de3ccf3348&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4723223677955184
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
dd23b3b1a2e594acba0d61ac5260fb2d986b3fd240c68b5bd8abebeb285a10ef

Request headers

Referer
https://picrew.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://picrew.me
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
262
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		262 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11534&site_id=430502&zone_id=2584232&size_id=43&alt_size_ids=117&rp_schain=1.0,1!genieesspv.jp,33480,1,,,&eid_pubcid.org=e08e6303-0ac0-43a3-8c34-f14be5e64f93%5E1&rf=https%3A%2F%2Fpicrew.me%2F&tk_flint=pbjs_lite_v7.25.0&x_source.tid=00296b70-b2b3-4551-ba61-4c3080d41ebb&l_pb_bid_id=1578dd49f618e4d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.19462411495789556
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ac23ce2ddef8be10fc2b259995cfeffc3b4c83a1ec59b0268836b59778deec98

Request headers

Referer
https://picrew.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://picrew.me
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
262
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.25.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://picrew.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://picrew.me
date
Mon, 28 Nov 2022 06:24:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=691421
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af6c7e5eb4992a40461eeac3eb754b648d07ca985e1f0de48fcd6ffec6d2d732

Request headers

Referer
https://picrew.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9nRVd4mLdAVcqhzpUntYh5CKZiDE4e4Y%2BxB7sVurfJPYyC86MeRN%2BRjyFYFS1Aih6mRqul7%2FSxZng0bm1GfUYmmePVBZOiYxy2L6r6QJjwlqEdf2jqGxEJY%2BJGnlqlIszh6UWHH"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://picrew.me
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7711052c8a8ca205-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://picrew.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://picrew.me
date
Mon, 28 Nov 2022 06:24:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		18 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.25.0&cb=3013292632&lsavail=0
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://picrew.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://picrew.me
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
v2
aladdin.genieesspv.jp/yie/ld/api/ad_call/ 		23 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aladdin.genieesspv.jp/yie/ld/api/ad_call/v2?zoneid=1521567&cb=83192537845&charset=UTF-8&loc=undefined&ct0=undefined&referer=undefined&topframe=1&cur=JPY&requestid=57dbf6e4adbfaf2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.121%20Safari%2F537.36&tpaf=1&cks=1&ib=1&sw=1200&sh=1600
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.25.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.130 Asahikawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
/
Resource Hash
2e38837d3328e668b5f2b18fcd331dcae77651a729b42bff53b5124a434ba6aa

Request headers

Referer
https://picrew.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
content-encoding
gzip
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://picrew.me
content-type
application/json; charset=UTF-8
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
pb.ladsp.com/adrequest/ 		0
0
prebid
pb.ladsp.com/adrequest/ 		0
0
prebid
pb.ladsp.com/adrequest/ 		0
0
prebid
pb.ladsp.com/adrequest/ 		0
0
prebid
pb.ladsp.com/adrequest/ 		0
0
prebid
pb.ladsp.com/adrequest/ 		0
0
prebid
pb.ladsp.com/adrequest/ 		0
0
prebid
pb.ladsp.com/adrequest/ 		0
0
prebid
pb.ladsp.com/adrequest/ 		0
0
prebid
pb.ladsp.com/adrequest/ 		0
0
prebid
pb.ladsp.com/adrequest/ 		0
0
prebid
pb.ladsp.com/adrequest/ 		0
0
/
post-endpoint-gckeev2zma-an.a.run.app/ 		0
11 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://post-endpoint-gckeev2zma-an.a.run.app/
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/201548/64/wrapper.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://picrew.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

x-cloud-trace-context
3b8fed28eeca78157af6cf1711d2993a
date
Mon, 28 Nov 2022 06:24:22 GMT
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
adview
securepubads.g.doubleclick.net/pagead/ Frame BA8F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJFFzFVSEY_6sBsOdoPwPybqtqA_SkbaNbbnQrsqWD8CNtwEQASAAYP3oooHwA4IBF2NhLXB1Yi0yMDY3ODAwMDQ0NzMwNzU2yAEJ4AIAqAMBqgTeAU_Qn9KohQvosQLOEWeYlOaCjlUL11_LnzIgkZL1xMO-FlkfViBbfo0YnnniysZXnS5jO2Ca-Jb-cwWCD-Vb_hBHkkz5JsVWQBbTYkGeELbUj4OaRz40T6kMzQaZabSgmeP32-ABwDVbqV5Mxacl5zE-VZgIhjP-myDjUaZktpPJDEDp3cwoUEaFru7TRX8DQUZtd--x6DbH7h3ysUfxJOKwOM3VYStEERnMUDNXZysvbRiT-y847ajQpKByfJPFl-AzM6Zysmq006uG0x_vA8793C-b00hToHqR5PR2k-AEAYAGr_mIlfGtw7xnoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTk3MzMyMzE4MjkyMjQ4MDeACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjA2NzgwMDA0NDczMDc1Nhi7gBA&sigh=VAITJD2S7Ms&uach_m=[UACH]&cid=CAQSPADq26N9Syu3xjTJab45Giiyz4JsgIj-9bK2zfwIMmmi-3JsDEygQdKjQlvXO_5UzvqhkcyXJppC_NTQNhgBIBM
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
rtimp
g.bidbrain.app/ Frame BA8F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp?sid=4b89e6e2-6ee5-11ed-b0c1-5ab254132289&d=picrew.me&cr=ext_gen2_v10_start_fires&gid=CAESEBeNNPqTGMM_XQrDlh6-5pk&a=imp&p=Y4RUFQABln4JiA7DAAtdSTYH_sOUePjQ8x36nw&im=0PoM9wtsf9UUMKvJVL0yNhQPHNjGKCYV1TlGD2dOIBo2OKfTW5-Bd-oBzH39Eg37B_d5XDQZB4Ke5ESYlImyD11SWdSTRzw3f1kSSyrdpohEBL5oUG8D6l6b5eISkc0imqq0y2tFz9sy6XWSqd2rAK67XHEfAkvimQCU8qT8kVTAHo4oly44JajDVjdArg5im8zN3l5ZOqcM3Vw7ptA_WJzlCBzBMmtyHIiVOhNq2Gh16GI3U1fwLir2qhsy6v04rgmiTZ38AKyVeImLz-fA3A
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
css
fonts.googleapis.com/ Frame BA8F 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Nov 2022 06:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 05:22:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Nov 2022 06:24:22 GMT
css
fonts.googleapis.com/ Frame BA8F 		1 KB
427 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Secular+One&display=swap
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
12898b046a32b07eee86be288ef4076c76f472a03ebc62cc4c94bf3bef845699
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Nov 2022 06:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 05:46:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Nov 2022 06:24:22 GMT
css2
fonts.googleapis.com/ Frame BA8F 		2 KB
552 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Nov 2022 06:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 05:01:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Nov 2022 06:24:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame BA8F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 19:08:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
40534
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 19:08:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame BA8F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 19:08:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
40534
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 19:08:48 GMT
l
www.google.com/ads/measurement/ Frame BA8F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTb9Lon-gpndf-SHJS__AP8VT0ojEjlz7aqHFoe9XyjJqJG6Qqre1owHWodcgvz_Lykyrynp9VBqGWwMEBL0vag9pM1Bw
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame BA8F 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 22:57:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
372428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Nov 2023 22:57:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BA8F 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Nov 2022 06:24:22 GMT
sync.js
sync.logly.co.jp/sync/ Frame FA1C 		244 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.logly.co.jp/sync/sync.js
Requested by
Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.181.73 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-181-73.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
776a13426b9ed128157bfa6a760d17971faeeaae2cb078b9040dc51b82ad02fe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.logly.co.jp/sync/sync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
nginx
p3p
CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
access-control-allow-origin
*
content-type
text/javascript
cache-control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
ecm3
s.amazon-adsystem.com/ Frame 7D43 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=0797ac69-5cd6-c3cc-1137-a1b6c82d3a76
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KG93BVYXYV7E70K9ZX2C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ny75r2x0
sync-tm.everesttech.net/upi/pid/ Frame 7D43 		0
0
cb86b650-d0d0-ea7f-e0ee-35d45f493cdf
pr-bh.ybp.yahoo.com/sync/openx/ Frame 7D43 		43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/cb86b650-d0d0-ea7f-e0ee-35d45f493cdf?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:da63:dddc:8a85:cc5e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame 7D43
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=5f41d014-407c-7836-d139-2321a01ef196&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=5f41d014-407c-7836-d139-2321a01ef196&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&ttd_puid=5f41d014-407c-7836-d139-2321a01ef196&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&ttd_puid=5f41d014-407c-7836-d139-2321a01ef196&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&ttd_puid=5f41d014-407c-7836-d139-2321a01ef196&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame 7D43 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzMyZTAzZGUtODkwYi0yNjkyLWM0ZDktNzk5ODZhZmMzZmY2
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7D43
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJeHiBmMMKyU8h8yc6gZKeI&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJeHiBmMMKyU8h8yc6gZKeI&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJeHiBmMMKyU8h8yc6gZKeI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ev
g.bidbrain.app/rt/ Frame 0A42 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rt/ev?ka=0.8663919683050774
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
usync.js
eus.rubiconproject.com/ Frame 12D1 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.247.65.83 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-65-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b47d301720c1f684fe29d3ca716fa1875175fdc99642c49c9aea64b12c1eb60e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 06:24:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Nov 2022 00:05:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=63686
Connection
keep-alive
Content-Length
10066
Expires
Tue, 29 Nov 2022 00:05:48 GMT
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame 3FC0 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1957613619&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=3&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=2&bdt=1144&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0%2C1024x90&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jREwpZp9RL&p=https%3A//picrew.me&dtd=73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 05:58:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Nov 2023 05:58:47 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 9ABA 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=39040657&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7ae16c15398d8cf983a184814ff5b0fbd7c0cca634bb4a7e65ba24fddf29e976

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 28 Nov 2022 06:24:21 GMT
content-length
1611
content-type
text/html; charset=UTF-8
adview
securepubads.g.doubleclick.net/pagead/ Frame 3F39 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CpalPFVSEY5vNNYnczwXAyYbgDdKRto1tudCuypYPwI23ARABIABg_eiigfADggEXY2EtcHViLTIwNjc4MDAwNDQ3MzA3NTbIAQngAgCoAwGqBNcBT9DiGuElLvzbc-SFripl0eXeoGT93Q3SuoIVNvSNB8KkAQy46YQ2s93oOAn49l54hDgMYH7YBw0R-PGIXWF8m3FxKsLcUIo65o8J8bgj-9z8mg8w9CALa3qQ2rkoo5lVSGUS-ujSXRLoo1Qr9a1LHtMAdknNY8x3Y2EYATJibcGpjNWsZ44wdLbZB2ZAzPGNdoar3HLk9CN_xGFQ_6qbK95H303_3Bmwo5bT5bbae4PkfctM7q4oP2cV3WN2krD164MvZ7x_h45gZ37uF1P_RuNeHBHntXPgBAGABq_5iJXxrcO8Z6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi05NzMzMjMxODI5MjI0ODA3gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTIwNjc4MDAwNDQ3MzA3NTYYu4AQ&sigh=4qB9j9qACbw&uach_m=[UACH]&cid=CAQSPADq26N9upjLUr17sif_uAj49ggZ5btjOAe04e1SB9tOlTDIhYEuOQhh0Neqg6NDPu64gpEZFI7mTtaeZhgBIBM
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
rtimp
g.bidbrain.app/ Frame 3F39 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp?sid=4bfe8e02-6ee5-11ed-8cd8-1efeab03c0c3&d=picrew.me&cr=ext_gen2_v10_start_fires&gid=CAESEBeNNPqTGMM_XQrDlh6-5pk&a=imp&p=Y4RUFQANZpsKs-4JAAGkwIHUyOoMbMfifFGIFA&im=aOU-b-ZHfuFn5BS7UgyWjKL9_SzjJZ9Mmg3efvn-_H3p-x7NFOzs87zGnJfagZYgmWoN2--OZVefSvc2YaA9cOHP60sFi8U55f245wA4Ev3qCsG5XIRcwVJSojBaxR0WRwqS-XhcPg3rghPCKUUKIQ6AOfr7gEtjIJl3YTDB4BSO2gMKzSHQLgXjWys88fy8AHH9IA6jSfL-ehFM6h--LxN4NNt_zFkiz751pEYqbEyxLaEY-xQLVd4HDU3Kww8xFD610JSZI0AJ6khKD54NcklI3aYY0dqX_M5-RuFAMT8X_xUe3vcPayjyHx4h3JG1
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
css
fonts.googleapis.com/ Frame 3F39 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Nov 2022 06:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 04:49:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Nov 2022 06:24:22 GMT
css
fonts.googleapis.com/ Frame 3F39 		1 KB
427 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Secular+One&display=swap
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
12898b046a32b07eee86be288ef4076c76f472a03ebc62cc4c94bf3bef845699
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Nov 2022 06:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 05:41:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Nov 2022 06:24:22 GMT
css2
fonts.googleapis.com/ Frame 3F39 		2 KB
552 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Nov 2022 06:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 05:06:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Nov 2022 06:24:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 3F39 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 19:08:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
40534
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 19:08:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 3F39 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 19:08:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
40534
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 19:08:48 GMT
l
www.google.com/ads/measurement/ Frame 3F39 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTEW1Fr8UKO4gHt7vyLYKi-kvvFgyf2F4e6ZPvt7l54A2GcCIeysLmj-zuHODvTy-JJ6l32IEYrSMDqosvmK1j__ypdNg
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3F39 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 22:57:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
372428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Nov 2023 22:57:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3F39 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Nov 2022 06:24:22 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame B46C 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2646
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 05:40:16 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 74C9 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
47773
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 17:08:09 GMT
etag
48472445140208031
expires
Mon, 28 Nov 2022 17:08:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rtset
bh.contextweb.com/bh/ Frame E82E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=T2lRaUl0THVINWZFaDUwRWUzczJLdw&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEAi8DkfbJIV_s8lAjdkOrfs&google_cver=1
49 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEAi8DkfbJIV_s8lAjdkOrfs&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6794d6fb46-fc2h8
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEAi8DkfbJIV_s8lAjdkOrfs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame E82E
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=27a480ee31bb14ac&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAHRaVpLKEs_AN-sEvZAAAAAAA&expiration=1669703062&nuid=&is_secure=true
49 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAHRaVpLKEs_AN-sEvZAAAAAAA&expiration=1669703062&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6794d6fb46-fc2h8
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAHRaVpLKEs_AN-sEvZAAAAAAA&expiration=1669703062&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame E82E 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LhKr8i5YusGM&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8N88N2XNY96XXG3GRAC1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 8C04 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=gf725afaba13cf780387
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T1JYD6Q880B16X253TZG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/ Frame 8C04
Redirect Chain
  • https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1
  • https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=28ab6a80b90414ac&is_secure=true&networkId=42851&version=1
  • https://ads.yieldmo.com/sync?pn_id=eps&id=AAAItElDl1CPBAMH35byAAAAAAA&expiration=1669703062&is_secure=true
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=eps&id=AAAItElDl1CPBAMH35byAAAAAAA&expiration=1669703062&is_secure=true
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.224.202.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-202-219.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://ads.yieldmo.com/sync?pn_id=eps&id=AAAItElDl1CPBAMH35byAAAAAAA&expiration=1669703062&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
ads.yieldmo.com/ Frame 8C04
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LB0ENHT1-1D-21Q7
43 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LB0ENHT1-1D-21Q7
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.224.202.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-202-219.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LB0ENHT1-1D-21Q7
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c3b5432477546c086cd062707f625a76
Expires
0
sync
ads.yieldmo.com/v000/ Frame 8C04
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=gf725afaba13cf780387
  • https://ads.yieldmo.com/v000/sync?tdid=ab678074-1dc7-4a0a-a3e6-c5c774c3c445
43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=ab678074-1dc7-4a0a-a3e6-c5c774c3c445
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.224.202.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-202-219.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=ab678074-1dc7-4a0a-a3e6-c5c774c3c445
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
181
pixel
cm.g.doubleclick.net/ Frame 8C04 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=Z2Y3MjVhZmFiYTEzY2Y3ODAzODc=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 8C04
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=cdd9390b-4683-4e26-889e-3e9b05b53b7a&gdpr=&gdpr_pd=&gdpr_consent=
43 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=cdd9390b-4683-4e26-889e-3e9b05b53b7a&gdpr=&gdpr_pd=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.224.202.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-202-219.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

location
//ads.yieldmo.com/v000/sync?pn_id=mf&userid=cdd9390b-4683-4e26-889e-3e9b05b53b7a&gdpr=&gdpr_pd=&gdpr_consent=
date
Mon, 28 Nov 2022 06:24:22 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 8C36 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=94ee25e3-d298-4de0-9edf-0c3b2a3da9b3
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W4VR9XKT52Z8Q0XDWQRY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 8C36
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID&__user_chec...
  • https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=4c6734e6-6ee5-11ed-adb6-154f9acf0503
68 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=4c6734e6-6ee5-11ed-adb6-154f9acf0503
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.84.41.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-41-227.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Mon, 28 Nov 2022 06:24:22 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
location
https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=4c6734e6-6ee5-11ed-adb6-154f9acf0503
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
383
content-length
0
v1
match.sharethrough.com/sync/ Frame 8C36
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=1494929651579611740
68 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=1494929651579611740
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.84.41.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-41-227.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:22 GMT
AN-X-Request-Uuid
c24085d7-0ac5-4200-91a4-4c2285e9335b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=1494929651579611740
Connection
keep-alive
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 8C36
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&gdpr=0&gdpr_consent=
68 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.84.41.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-41-227.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame 8C36
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__
  • https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Y4RUFRmFUR9wEVZ4O6-xMQAA%26040
68 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Y4RUFRmFUR9wEVZ4O6-xMQAA%26040
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.84.41.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-41-227.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8RIIjhyQKDu2ID1A5d1%2FTXS%2Bj6dl9DHzlab3G34JAN9CFj4apcKg1hoqaYRbAr2N3u6KSEsiVJpstH5k%2BkVvn3mk1CxhNPLPGnXVb5NMFx1SOIRn5gLbgUezRChyNus3Eb4%2B0vK"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Y4RUFRmFUR9wEVZ4O6-xMQAA%26040
cache-control
no-cache
cf-ray
7711052dad66a1fc-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DCF2 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
47773
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 17:08:09 GMT
etag
48472445140208031
expires
Mon, 28 Nov 2022 17:08:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ev
g.bidbrain.app/rt/ Frame 0A42 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rt/ev?ka=0.4211815313488805
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
ecm3
s.amazon-adsystem.com/ Frame 12D1
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LB0ENHT1-1D-21Q7
  • https://s.amazon-adsystem.com/ecm3?id=LB0ENHT1-1D-21Q7&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LB0ENHT1-1D-21Q7&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
45S66DHEBPW9GW9806X3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LB0ENHT1-1D-21Q7&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f69a50991384d09413b97a37bb74928b
Expires
0
match
c1.adform.net/serving/cookie/ Frame 1BB0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=FD778D32-FCC7-48BE-97AF-F45BB995A558&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FD778D32-FCC7-48BE-97AF-F45BB995A558&gdpr=0&gdpr_consent=
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FD778D32-FCC7-48BE-97AF-F45BB995A558&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 28 Nov 2022 06:24:22 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 28 Nov 2022 06:24:22 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FD778D32-FCC7-48BE-97AF-F45BB995A558&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame CA7C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4RUFgALctGZaQAO&gdpr=0&gdpr_consent=&_test=Y4RUFgALctGZaQAO
568 B
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4RUFgALctGZaQAO&gdpr=0&gdpr_consent=&_test=Y4RUFgALctGZaQAO
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Mon, 28 Nov 2022 06:24:22 GMT
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 28 Nov 2022 06:24:22 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4RUFgALctGZaQAO&gdpr=0&gdpr_consent=&_test=Y4RUFgALctGZaQAO
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yul12831-YUL
x-timer
S1669616663.626326,VS0,VE0
ecm3
s.amazon-adsystem.com/ Frame B0A0 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDFD778D32-FCC7-48BE-97AF-F45BB995A558
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 28 Nov 2022 06:24:22 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
GJ181ETXA1T1VFF5ZQD0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9ABA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_XeNMvzHSL6Xr_RbuZWlWA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-109-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
content-type
text/html
cache-control
max-age=111160
accept-ranges
bytes
content-length
5549
x-xss-protection
1; mode=block
expires
Tue, 29 Nov 2022 13:17:02 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 9ABA
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=FD778D32-FCC7-48BE-97AF-F45BB995A558
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEZENzc4RDMyLUZDQzctNDhCRS05N0FGLUY0NUJCOTk1QTU1OBAAGg0IlqiRnAYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=58426f4cece981569add33178b6a720c6e26d6e2ccbb793905a8fac52050aedd791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA1ODQyNmY0Y2VjZTk4MTU2OWFkZDMzMTc4YjZhNzIwYzZlMjZkNmUyY2NiYjc5MzkwNWE4ZmFjNTIwNTBhZWRkNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA1ODQyNmY0Y2VjZTk4MTU2OWFkZDMzMTc4YjZhNzIwYzZlMjZkNmUyY2NiYjc5MzkwNWE4ZmFjNTIwNTBhZWRkNzkxNDI2YjU0MTdkY2UyMRAAGgwIl6iRnAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=d331b89a-c2fd-4870-9dfb-9524fff15420
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=d331b89a-c2fd-4870-9dfb-9524fff15420
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:23 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=d331b89a-c2fd-4870-9dfb-9524fff15420
date
Mon, 28 Nov 2022 06:24:23 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 9ABA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8ac76384-5417-4b00-bb0b-b43fe5361767
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8ac76384-5417-4b00-bb0b-b43fe5361767
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 28 Nov 2022 06:24:22 GMT
Server
MT3 169 32252b7 master iad-pixel-x28 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8ac76384-5417-4b00-bb0b-b43fe5361767
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 28 Nov 2022 06:24:21 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9ABA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkQ3NzhEMzItRkNDNy00OEJFLTk3QUYtRjQ1QkI5OTVBNTU4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 28 Nov 2022 06:24:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9ABA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOQReKoA60ub-gwgKJ4ExzM&google_cver=1
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOQReKoA60ub-gwgKJ4ExzM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 28 Nov 2022 06:24:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOQReKoA60ub-gwgKJ4ExzM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9ABA
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:775C27CFF77F4A8CBAAE1CEA8EBEC1C7
42 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:775C27CFF77F4A8CBAAE1CEA8EBEC1C7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 28 Nov 2022 06:24:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Mon, 28 Nov 2022 06:24:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:775C27CFF77F4A8CBAAE1CEA8EBEC1C7
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 27 Nov 2022 06:24:22 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9ABA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7288232524119178369&gdpr=0&gdpr_consent=&us_privacy=
1 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7288232524119178369&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 28 Nov 2022 06:24:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7288232524119178369&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 9ABA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&gdpr=0&gdpr_consent=
42 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 28 Nov 2022 06:24:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2F0D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
47773
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 17:08:09 GMT
etag
48472445140208031
expires
Mon, 28 Nov 2022 17:08:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
put
e1.emxdgt.com/ Frame 11F3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/emx/?puid=54341669616662311383a4&cb=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd57%26uid%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=JTWqsAvpptZ0BXaQnN-4&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZJRFZSW26DEM52C4Y3PNUXXA5LUH5SD2ZBVG4TGK6DD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZJRFZSW26DEM52C4Y3PNUXXA5LUH5SD2ZBVG4TGK6DDNBQW4Z3FHVSW26BGOVUWIPKKKRLXC42BOZYHA5C2GBBFQYKRNZHC2NA
  • https://e1.emxdgt.com/put?d=d57&uid=JTWqsAvpptZ0BXaQnN-4
43 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d57&uid=JTWqsAvpptZ0BXaQnN-4
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-243-83.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:23 GMT
Content-Type
text/html; charset=utf-8
Location
https://e1.emxdgt.com/put?d=d57&uid=JTWqsAvpptZ0BXaQnN-4
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
83
Expires
Thu, 01 Dec 1994 16:00:00 GMT
enginemx
tr.blismedia.com/v1/api/sync/ Frame 11F3 		0
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/enginemx
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
put
e1.emxdgt.com/ Frame 11F3
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=149&p=324&cp=emx&cu=1&url=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd53%26uid%3D%40%40CRITEO_USERID%40%40
  • https://e1.emxdgt.com/put?d=d53&uid=012d081b-df57-4f5d-b84d-54cb9c0b14b2
43 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=012d081b-df57-4f5d-b84d-54cb9c0b14b2
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-243-83.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://e1.emxdgt.com/put?d=d53&uid=012d081b-df57-4f5d-b84d-54cb9c0b14b2
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1451222
content-length
0
expires
Mon, 28 Nov 2022 00:00:00 GMT
put
e1.emxdgt.com/ Frame 11F3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1276
  • https://e1.emxdgt.com/put?d=d52&uid=3503104223967631483
43 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d52&uid=3503104223967631483
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-243-83.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://e1.emxdgt.com/put?d=d52&uid=3503104223967631483
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
put
e1.emxdgt.com/ Frame 11F3
Redirect Chain
  • https://openrtb-us-east-1.axonix.com/syn?supply=2ec7cd46-702d-43f1-84c5-c9a9cd8473e4&uid=54341669616662311383a4&redirect=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd49%26uid%3DxxEMODO_IDxx
  • https://e1.emxdgt.com/put?d=d49&uid=de5131f3-2d2d-47e5-960f-f32f1e6d0062
43 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d49&uid=de5131f3-2d2d-47e5-960f-f32f1e6d0062
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-243-83.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-length
43
content-type
image/gif

Redirect headers

date
Mon, 28 Nov 2022 06:24:22 GMT
x-app-server
haproxy-vektor-5-7db488554d-6k4kt/rtb-backend/vektor-server
vary
Origin
access-control-allow-origin
*
location
https://e1.emxdgt.com/put?d=d49&uid=de5131f3-2d2d-47e5-960f-f32f1e6d0062
x-emodo-server
vektor-server-5-6c7d6d9bcc-kxr9q
access-control-allow-credentials
true
keep-alive
timeout=72
content-length
0
put
e1.emxdgt.com/ Frame 11F3
Redirect Chain
  • https://emx-match.dotomi.com/match/bounce/current?networkId=46227&version=1&nuid=54341669616662311383a4
  • https://emx-match.dotomi.com/match/bounce/current?DotomiTest=398dd322036714ac&is_secure=true&networkId=46227&version=1&nuid=54341669616662311383a4
  • https://e1.emxdgt.com/put?d=d48&uid=AAAIozuwf8zCegNVEeaqAAAAAAA&expiration=1669703062&nuid=54341669616662311383a4&is_secure=true
43 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d48&uid=AAAIozuwf8zCegNVEeaqAAAAAAA&expiration=1669703062&nuid=54341669616662311383a4&is_secure=true
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-243-83.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://e1.emxdgt.com/put?d=d48&uid=AAAIozuwf8zCegNVEeaqAAAAAAA&expiration=1669703062&nuid=54341669616662311383a4&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
put
e1.emxdgt.com/ Frame 11F3
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=emx&cspid=19&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd46%26uid%3D%24%7BADELPHIC_CUID%7D
  • https://e1.emxdgt.com/put?d=d46&uid=2ce7d870-4d33-4acc-b20e-d1b06e59c97f
43 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d46&uid=2ce7d870-4d33-4acc-b20e-d1b06e59c97f
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-243-83.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-length
43
content-type
image/gif

Redirect headers

Location
https://e1.emxdgt.com/put?d=d46&uid=2ce7d870-4d33-4acc-b20e-d1b06e59c97f
Date
Mon, 28 Nov 2022 06:24:22 GMT
Connection
keep-alive
X-CI-RTID
8b918e15-e9fa-4578-9b9c-1d5d5d8886e5
Content-Length
99
Content-Type
text/html; charset=utf-8
put
e1.emxdgt.com/ Frame 11F3
Redirect Chain
  • https://pixel.advertising.com/ups/58365/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58365/sync?&gdpr=&gdpr_consent=&redir=true
  • https://e1.emxdgt.com/put?d=d44&uid=y-Dic7lABE2uHRVn_xIeYqWQwN2O54yJx7~A
43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d44&uid=y-Dic7lABE2uHRVn_xIeYqWQwN2O54yJx7~A
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-243-83.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-length
43
x-nosync
inval
content-type
image/gif

Redirect headers

location
https://e1.emxdgt.com/put?d=d44&uid=y-Dic7lABE2uHRVn_xIeYqWQwN2O54yJx7~A
date
Mon, 28 Nov 2022 06:24:23 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-registering
ads.stickyadstv.com/ Frame 11F3
Redirect Chain
  • https://sync.resetdigital.co/csync?pid=17
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1311&userId=000000D5B2EA4449
43 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1311&userId=000000D5B2EA4449
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
HTTP/1.1
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:23 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1669616663140098-249

Redirect headers

location
https://ads.stickyadstv.com/user-registering?dataProviderId=1311&userId=000000D5B2EA4449
date
Mon, 28 Nov 2022 06:24:22 GMT
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
content-type
text/html
put
e1.emxdgt.com/ Frame 11F3
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=114
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=114
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=571d7020-25c7-450e-97af-4c8a0e931ccb-63845416-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=571d7020-25c7-450e-97af-4c8a0e931ccb-63845416-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=571d7020-25c7-450e-97af-4c8a0e931ccb-63845416-4341&partner_url=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd38%26uid%3D571d7020-...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=571d7020-25c7-450e-97af-4c8a0e931ccb-63845416-4341&partner_url=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd38%26uid%3D571...
  • https://e1.emxdgt.com/put?d=d38&uid=571d7020-25c7-450e-97af-4c8a0e931ccb-63845416-4341&gdpr=0&gdpr_consent=
43 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d38&uid=571d7020-25c7-450e-97af-4c8a0e931ccb-63845416-4341&gdpr=0&gdpr_consent=
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-243-83.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-length
43
content-type
image/gif

Redirect headers

date
Mon, 28 Nov 2022 06:24:23 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://e1.emxdgt.com/put?d=d38&uid=571d7020-25c7-450e-97af-4c8a0e931ccb-63845416-4341&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
rtb.mfadsrvr.com/ul_cb/ Frame 11F3 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=emx
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.207.24.140 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.24.207.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
put
e1.emxdgt.com/ Frame 11F3
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=177&cm=54341669616662311383a4&redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd34%26uid%3D{visitor_id}
  • https://e1.emxdgt.com/put?d=d34&uid=c:6062500da4054d04638d9f59ed36707a
43 B
87 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d34&uid=c:6062500da4054d04638d9f59ed36707a
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-243-83.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-length
43
x-nosync
inval
content-type
image/gif

Redirect headers

date
Mon, 28 Nov 2022 06:24:22 GMT
server
Aorta/20221117.e7edcc499
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://e1.emxdgt.com/put?d=d34&uid=c:6062500da4054d04638d9f59ed36707a
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
57c4a7454c09
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
put
e1.emxdgt.com/ Frame 11F3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/1522?redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd32%26uid%3D%24%7BTM_USER_ID%7D
  • https://e1.emxdgt.com/put?d=d32&uid=Y4RUFgALctGZaQAO
43 B
87 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d32&uid=Y4RUFgALctGZaQAO
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-243-83.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-length
43
content-type
image/gif

Redirect headers

x-served-by
cache-yul12831-YUL
pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 varnish
server
Varnish
x-timer
S1669616663.732411,VS0,VE0
x-cache
HIT
location
https://e1.emxdgt.com/put?d=d32&uid=Y4RUFgALctGZaQAO
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
put
e1.emxdgt.com/ Frame 11F3
Redirect Chain
  • https://sync.1rx.io/usersync2/emx
  • https://sync.1rx.io/usersync2/emx?zcc=1&cb=1669616662800
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1152536872
  • https://sync.1rx.io/usersync/tradedesk/ab678074-1dc7-4a0a-a3e6-c5c774c3c445
  • https://sync.targeting.unrulymedia.com/csync/RX-337638bd-80cd-4213-a0bb-1aa94b9f6f60-005?redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd31%26uid%3DRX-337638bd-80cd-4213-a0bb-1aa94b9f6f60-005
  • https://e1.emxdgt.com/put?d=d31&uid=RX-337638bd-80cd-4213-a0bb-1aa94b9f6f60-005
43 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d31&uid=RX-337638bd-80cd-4213-a0bb-1aa94b9f6f60-005
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-243-83.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-length
43
content-type
image/gif

Redirect headers

Date
Mon, 28 Nov 2022 06:24:23 GMT
Server
Tengine
ETag
RX337638bd80cd4213a0bb1aa94b9f6f60005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://e1.emxdgt.com/put?d=d31&uid=RX-337638bd-80cd-4213-a0bb-1aa94b9f6f60-005
Content-Type
text/html
Connection
keep-alive
emx
match.prod.bidr.io/cookie-sync/ Frame 11F3
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/emx
  • https://match.prod.bidr.io/cookie-sync/emx?_bee_ppp=1
20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/emx?_bee_ppp=1
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
HTTP/1.1
Server
34.204.163.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-163-217.compute-1.amazonaws.com
Software
gunicorn /
Resource Hash
2bc3d8cc5be5088cfc77b97d46ee5b3b65ffd906e4fb67bd82966fef4e738841
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 06:24:23 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
20
content-type
text/plain

Redirect headers

location
https://match.prod.bidr.io/cookie-sync/emx?_bee_ppp=1
Date
Mon, 28 Nov 2022 06:24:23 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
put
e1.emxdgt.com/ Frame 11F3
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=22&redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd25%26uid%3D%5Buser_id%5D
  • https://e1.emxdgt.com/put?d=d25&uid=8cefbe20630c4d34858c099d46d2f8f1
43 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d25&uid=8cefbe20630c4d34858c099d46d2f8f1
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-243-83.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://e1.emxdgt.com/put?d=d25&uid=8cefbe20630c4d34858c099d46d2f8f1
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
put
e1.emxdgt.com/ Frame 11F3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=emxdigital
  • https://x.bidswitch.net/ul_cb/sync?ssp=emxdigital
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=emxdigital
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=ccJ1fmMqQe9KNZ1bcvbDJ5U4mbo&user_group=1&ssp=emxdigital
  • https://e1.emxdgt.com/put?d=d21&uid=fb468edb-6e8d-40d9-aa4c-a7722b03afde&gdpr=&gdpr_consent=
43 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d21&uid=fb468edb-6e8d-40d9-aa4c-a7722b03afde&gdpr=&gdpr_consent=
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-243-83.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-length
43
content-type
image/gif

Redirect headers

Location
//e1.emxdgt.com/put?d=d21&uid=fb468edb-6e8d-40d9-aa4c-a7722b03afde&gdpr=&gdpr_consent=
Date
Mon, 28 Nov 2022 06:24:23 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
put
e1.emxdgt.com/ Frame 11F3
Redirect Chain
  • https://cms.quantserve.com/pixel/p-9zQtGV7AscK_-.gif?idmatch=0
  • https://e1.emxdgt.com/put?gdpr=0&d=d20&uid=EQMtGBIEJBkKVHFNEQQ4HxMDLBUKA3BNFFYya8a0
43 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?gdpr=0&d=d20&uid=EQMtGBIEJBkKVHFNEQQ4HxMDLBUKA3BNFFYya8a0
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-243-83.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://e1.emxdgt.com/put?gdpr=0&d=d20&uid=EQMtGBIEJBkKVHFNEQQ4HxMDLBUKA3BNFFYya8a0
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
put
e1.emxdgt.com/ Frame 11F3
Redirect Chain
  • https://p.rfihub.com/cm?pub=35927&in=1
  • https://e1.emxdgt.com/put?d=d16&uid=2809753608212478151
43 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d16&uid=2809753608212478151
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-243-83.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-length
43
content-type
image/gif

Redirect headers

Location
https://e1.emxdgt.com/put?d=d16&uid=2809753608212478151
Date
Mon, 28 Nov 2022 06:24:23 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
put
e1.emxdgt.com/ Frame 11F3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=51
  • https://e1.emxdgt.com/put?d=d15&uid=7288232524119178369
43 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d15&uid=7288232524119178369
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-243-83.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://e1.emxdgt.com/put?d=d15&uid=7288232524119178369
pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
put
e1.emxdgt.com/ Frame 11F3
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561594&ev=1&rurl=https://e1.emxdgt.com/put?d=d8&uid=%%VGUID%%
  • https://e1.emxdgt.com/put?d=d8&ev=1&uid=LhKr8i5YusGM&pid=561594
43 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d8&ev=1&uid=LhKr8i5YusGM&pid=561594
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-243-83.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-length
43
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://e1.emxdgt.com/put?d=d8&ev=1&uid=LhKr8i5YusGM&pid=561594
content-language
en-CA
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6794d6fb46-fc2h8
expires
-1
/
e1.emxdgt.com/put/ Frame 11F3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=uk8nbff&ttd_tpi=1
  • https://e1.emxdgt.com/put/?uid=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&d=d5&brtid=testcookievalue&s=0&gdpr=0&gdpr_consent=
43 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put/?uid=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&d=d5&brtid=testcookievalue&s=0&gdpr=0&gdpr_consent=
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-243-83.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://e1.emxdgt.com/put/?uid=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&d=d5&brtid=testcookievalue&s=0&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
269
/
e1.emxdgt.com/put/ Frame 11F3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://e1.emxdgt.com/put/?uid=$UID&d=d1
  • https://e1.emxdgt.com/put/?uid=1494929651579611740&d=d1
43 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put/?uid=1494929651579611740&d=d1
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-243-83.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:23 GMT
AN-X-Request-Uuid
d7e2fc85-73be-49d3-8f8b-650f0edb23d0
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://e1.emxdgt.com/put/?uid=1494929651579611740&d=d1
Connection
keep-alive
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 11F3 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=1494929651579611740brt54341669616662311383a4
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=1494929651579611740&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V73W3FETR77WMH6YCZTG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 74C9
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESENX89O0iYkamSNOynjpU_N8&google_cver=1&google_push=ASkJ3Fa30RLRJQPfE7VvvpHktU38LyIUt7sQqhzCAULLBjVB945sE99nYTeJdjQpiL49eFXx-c9rEgVbY6UiJ4F90B8Yy2s3A-ZY
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=775C27CFF77F4A8CBAAE1CEA8EBEC1C7&google_push=ASkJ3Fa30RLRJQPfE7VvvpHktU38LyIUt7sQqhzCAULLBjVB945sE99nYTeJdjQpiL49eFXx-c9rEgVbY6UiJ4F...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=775C27CFF77F4A8CBAAE1CEA8EBEC1C7&google_push=ASkJ3Fa30RLRJQPfE7VvvpHktU38LyIUt7sQqhzCAULLBjVB945sE99nYTeJdjQpiL49eFXx-c9rEgVbY6UiJ4F90B8Yy2s3A-ZY
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 28 Nov 2022 06:24:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=775C27CFF77F4A8CBAAE1CEA8EBEC1C7&google_push=ASkJ3Fa30RLRJQPfE7VvvpHktU38LyIUt7sQqhzCAULLBjVB945sE99nYTeJdjQpiL49eFXx-c9rEgVbY6UiJ4F90B8Yy2s3A-ZY
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 27 Nov 2022 06:24:22 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 74C9 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIbZe1tceF4B9N1b5UlmNq4&google_cver=1&google_push=ASkJ3FbaaDULhhFTuESei8GEq-GFEdazZxI2_5s1jiBjeelfgq7eDkp4Gz8JhdeEr-1GXNdwOH25ptcBipJCzCC6Ec1gwB4CWmWy
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 74C9
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEN9dW_GDaL8g23a7AxSr8hA&google_cver=1&google_push=ASkJ3FYUm7I-QHGoHmEMsTRd3HdpPs8fp7Z49qlmojpngU35vaYHa9RF7JPPktXrWC__yzhE5T2qai6WmSqHKUmMJKBMmbQIq-Q
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RjJDNUJFRDkzMEU2RTAxOA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RjJDNUJFRDkzMEU2RTAxOA==
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RjJDNUJFRDkzMEU2RTAxOA==
date
Mon, 28 Nov 2022 06:24:22 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pub
cs.chocolateplatform.com/ Frame 74C9 		0
0
pixel
cm.g.doubleclick.net/ Frame 74C9
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEMRkNC_7Y5indojlecwWdNw&google_cver=1&google_push=ASkJ3FauF2g8dDLUkoU_TIrx1u6s9OnYL5JxWaDc-5utpYFpLTyFZ2KPrZCd5XTT3Z0KVI_1u8itfm5UwYSqYxujl164RRmYV1Kg
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FauF2g8dDLUkoU_TIrx1u6s9OnYL5JxWaDc-5utpYFp...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOxoo6hQ9qhtZcb3o6q_zFx9f7aSxASN3Eww3MnA&google_push=ASkJ3FauF2g8dDLUkoU_TIrx1u6s9OnYL5JxWaDc-5utpYFpLTyFZ2KPrZCd5XTT3Z0KVI_1u8itfm5UwYSqYxujl164...
  • https://cm.g.doubleclick.net/pixel?google_hm=n6XWTgKUTtsj_FCxmNTS&google_push=ASkJ3FauF2g8dDLUkoU_TIrx1u6s9OnYL5JxWaDc-5utpYFpLTyFZ2KPrZCd5XTT3Z0KVI_1u8itfm5UwYSqYxujl164RRmYV1Kg&google_nid=inmobi_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=n6XWTgKUTtsj_FCxmNTS&google_push=ASkJ3FauF2g8dDLUkoU_TIrx1u6s9OnYL5JxWaDc-5utpYFpLTyFZ2KPrZCd5XTT3Z0KVI_1u8itfm5UwYSqYxujl164RRmYV1Kg&google_nid=inmobi_new_eb
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 28 Nov 2022 06:24:23 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=n6XWTgKUTtsj_FCxmNTS&google_push=ASkJ3FauF2g8dDLUkoU_TIrx1u6s9OnYL5JxWaDc-5utpYFpLTyFZ2KPrZCd5XTT3Z0KVI_1u8itfm5UwYSqYxujl164RRmYV1Kg&google_nid=inmobi_new_eb
x-download-options
noopen
vary
Accept
content-length
225
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 74C9
Redirect Chain
  • https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEExQxWFO6k0TQURefmA9aXE&google_cver=1&google_push=ASkJ3FY4Acbs2dbVgSwsUVVrVDri9D-yZNBfN79K11l3N58odJRX6H0189tfzhp21i-gMWU45t-9xZ1rOfvLU8RWjc9_x...
  • https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTQzNDE2Njk2MTY2NjIzMTEzODNhNA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTQzNDE2Njk2MTY2NjIzMTEzODNhNA==
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTQzNDE2Njk2MTY2NjIzMTEzODNhNA==
date
Mon, 28 Nov 2022 06:24:22 GMT
content-length
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 74C9
Redirect Chain
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEDAws_t8CwUDwbAiGiS-ZPI&google_cver=1&google_push=ASkJ3FblpWrTBbYtucS6Iuq5IfYVTBSv4R49dVWO2veJB2X14CQ8ZGd3mPbpwJPfAXhqRfuLnq5kSKNxe0HB_W3ZS...
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEDAws_t8CwUDwbAiGiS-ZPI&google_cver=1&google_push=ASkJ3FblpWrTBbYtucS6Iuq5IfYVTBSv4R49dVWO2veJB2X14CQ8ZGd3mPbpwJPfAXhqRfuLnq5kSKNxe0HB_W3ZS...
  • https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NDU0ZjdhMjQzMjIyZjU2OA&google_push=ASkJ3FblpWrTBbYtucS6Iuq5IfYVTBSv4R49dVWO2veJB2X14CQ8ZGd3mPbpwJPfAXhqRfuLnq5kSKNxe0HB_W3ZSnhV6R0G...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NDU0ZjdhMjQzMjIyZjU2OA&google_push=ASkJ3FblpWrTBbYtucS6Iuq5IfYVTBSv4R49dVWO2veJB2X14CQ8ZGd3mPbpwJPfAXhqRfuLnq5kSKNxe0HB_W3ZSnhV6R0G-Pe35A
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 28 Nov 2022 06:24:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
location
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NDU0ZjdhMjQzMjIyZjU2OA&google_push=ASkJ3FblpWrTBbYtucS6Iuq5IfYVTBSv4R49dVWO2veJB2X14CQ8ZGd3mPbpwJPfAXhqRfuLnq5kSKNxe0HB_W3ZSnhV6R0G-Pe35A
content-length
0
x-xss-protection
1; mode=block
attr
cm.g.doubleclick.net/pixel/ Frame 74C9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ir5tR7_-5zbWv02DXgXm1Fbo-SNgqGA98VUhNUzJQ4C4C8SnODK3GbHe0n9Rn7vlvPFnhYKK-x
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
rtimp
g.bidbrain.app/ Frame 0A42 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp?sid=4af7da36-6ee5-11ed-b604-a21edebfaa60&d=picrew.me&cr=ext_gen2_v10_start_fires&gid=CAESEIV_bm7fMCh_yG_bqEhleek&a=ev_prf&p=Y4RUFAACAx8ITxXzAA2Hj2YEvir64lxwuFJoKg&r=1735071195&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1&ps=%5B%22139.80%22%2C%22177.60%22%2C%22129.90%22%2C%22143.10%22%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=1205135394&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1669616660&rafmt=2&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669616660032&bpp=5&bdt=1144&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&prev_fmts=0x0&nras=1&correlator=3839047260290&frm=20&pv=1&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770881&oid=2&pvsid=4100222670287867&tmod=369307692&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQ7H2PSHne&p=https%3A//picrew.me&dtd=65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
ev
g.bidbrain.app/rt/ Frame 3F39 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rt/ev?ka=0.21923190376602464
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
truncated
/ Frame 3F39 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ec89b3f3694da012d07db518a227943a447ec75818bbf475765bcd07cf0d5cbd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3F39 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 13:22:36 GMT
x-content-type-options
nosniff
age
320506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 13:22:36 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3F39 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 22:31:34 GMT
x-content-type-options
nosniff
age
373968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 22:31:34 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame B46C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 06:24:22 GMT
expires
Mon, 28 Nov 2022 06:24:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 06:24:22 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame D346 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 05:58:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Nov 2023 05:58:47 GMT
ecm3
s.amazon-adsystem.com/ Frame 12D1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LB0ENHT1-1D-21Q7&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LB0ENHT1-1D-21Q7&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1V30TB9KVFMR8G4F9S0Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LB0ENHT1-1D-21Q7&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 12D1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c57992b917a1c5de787b922c662fdf18
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
setuid
px.ads.linkedin.com/ Frame 12D1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LB0ENHT1-1D-21Q7
0
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LB0ENHT1-1D-21Q7
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: F2A44C2BF8D745C5A2E37A973B248E8B Ref B: YTO01EDGE0808 Ref C: 2022-11-28T06:24:23Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXugewdYjODGl3+DtnIxg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LB0ENHT1-1D-21Q7
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
03d4828e33e22cf7b4098c5a68746480
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 12D1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjRjNzc2NGIyNTBmNTcxNTU0NTVjYjQ3NjE4MGQzYTA2NTEzMTM5Mw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjRjNzc2NGIyNTBmNTcxNTU0NTVjYjQ3NjE4MGQzYTA2NTEzMTM5Mw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjRjNzc2NGIyNTBmNTcxNTU0NTVjYjQ3NjE4MGQzYTA2NTEzMTM5Mw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
03d4828e33e22cf7b4098c5a68746480
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 12D1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGAH2PWDelAqOjj_0hmk-FY&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGAH2PWDelAqOjj_0hmk-FY&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c57992b917a1c5de787b922c662fdf18
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGAH2PWDelAqOjj_0hmk-FY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 12D1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/wYcfFKZqyV7DGBlyiBYptMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4720700409871298948
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4720700409871298948
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 28 Nov 2022 06:24:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4720700409871298948
content-length
0
pixel
cm.g.doubleclick.net/ Frame 12D1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwRU5IVDEtMUQtMjFRNw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwRU5IVDEtMUQtMjFRNw==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwRU5IVDEtMUQtMjFRNw==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
03d4828e33e22cf7b4098c5a68746480
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 12D1
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uiIAH18gSuSdVB3gVgSQyQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uiIAH18gSuSdVB3gVgSQyQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uiIAH18gSuSdVB3gVgSQyQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z2N5H9BE5AXXCQG964Q0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uiIAH18gSuSdVB3gVgSQyQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame DCF2
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEP3L5V9T8xhosSzxo0iUcdc&google_cver=1&google_push=ASkJ3FYickV_OEq_4gRvLalcWVMRqhdpy7JcAJnHaXM0GFzxvyKNR-s...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=3ebf1b73f541478&is_secure=true&networkId=14000&version=1&google_gid=CAESEP3L5V9T8xhosSzxo0iUcdc&google_cver=1&google_push=ASkJ3FYickV_O...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHRaVpLKEtBAMhIaZhAAAAAAA&expiration=1669703063&google_cver=1&is_secure=true&google_gid=CAESEP3L5V9T8xhosSzxo0iUc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHRaVpLKEtBAMhIaZhAAAAAAA&expiration=1669703063&google_cver=1&is_secure=true&google_gid=CAESEP3L5V9T8xhosSzxo0iUcdc&google_push=ASkJ3FYickV_OEq_4gRvLalcWVMRqhdpy7JcAJnHaXM0GFzxvyKNR-sk0tjCesuavuSe6Zf3xwmjIjrk76OeBSH264nziWHawAI
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHRaVpLKEtBAMhIaZhAAAAAAA&expiration=1669703063&google_cver=1&is_secure=true&google_gid=CAESEP3L5V9T8xhosSzxo0iUcdc&google_push=ASkJ3FYickV_OEq_4gRvLalcWVMRqhdpy7JcAJnHaXM0GFzxvyKNR-sk0tjCesuavuSe6Zf3xwmjIjrk76OeBSH264nziWHawAI
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame DCF2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHOny_hTPd1OfRBM5y2nXX8&google_cver=1&google_push=ASkJ3FYdfA-bfFfptKFMVcPWkLp4oXLpH4KaJiETBIAAm1WmKgCCaaUYuBK5BMJy6HaG7jFbQBWoJGwBWL8-cBCm...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=isdjhFQXSwC7C7Q_5TYXZw&google_push=ASkJ3FYdfA-bfFfptKFMVcPWkLp4oXLpH4KaJiETBIAAm1WmKgCCaaUYuBK5BMJy6HaG7jFbQBWoJGwBWL8-cBCm2W5s3mImXY4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=isdjhFQXSwC7C7Q_5TYXZw&google_push=ASkJ3FYdfA-bfFfptKFMVcPWkLp4oXLpH4KaJiETBIAAm1WmKgCCaaUYuBK5BMJy6HaG7jFbQBWoJGwBWL8-cBCm2W5s3mImXY4
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 28 Nov 2022 06:24:22 GMT
Server
MT3 169 32252b7 master iad-pixel-x7 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=isdjhFQXSwC7C7Q_5TYXZw&google_push=ASkJ3FYdfA-bfFfptKFMVcPWkLp4oXLpH4KaJiETBIAAm1WmKgCCaaUYuBK5BMJy6HaG7jFbQBWoJGwBWL8-cBCm2W5s3mImXY4
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 28 Nov 2022 06:24:21 GMT
pixel
cm.g.doubleclick.net/ Frame DCF2
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEDtR3N2a3bbiwz7wld3Ob_Q&google_cver=1&google_push=ASkJ3FblS5Rn7Rf8-5st3mKPkxu5ENnNFlrpQ_4eWTU13JWvMEN3ZB018Vmd3OWKHD8NfjHCfMbKYAK...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Vx1wICXHRQ6Xr0yKDpMcy2OEVBY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Vx1wICXHRQ6Xr0yKDpMcy2OEVBY
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Vx1wICXHRQ6Xr0yKDpMcy2OEVBY
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame DCF2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBHmfYFDjncpomYFy-TwHtk&google_cver=1&google_push=ASkJ3FY4sIIHj5dZkANlgkqEKM_wkYvC-1ZdCLNVVBYZjqXnpdQngqZDdShuHYkmuEbUve7iBf6...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwRU5IVDEtMUQtMjFRNw==&google_push=ASkJ3FY4sIIHj5dZkANlgkqEKM_wkYvC-1ZdCLNVVBYZjqXnpdQngqZDdShuHYkmuEbUve7iBf6mgI1kntD1obVQbUy_udAEYA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwRU5IVDEtMUQtMjFRNw==&google_push=ASkJ3FY4sIIHj5dZkANlgkqEKM_wkYvC-1ZdCLNVVBYZjqXnpdQngqZDdShuHYkmuEbUve7iBf6mgI1kntD1obVQbUy_udAEYA
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwRU5IVDEtMUQtMjFRNw==&google_push=ASkJ3FY4sIIHj5dZkANlgkqEKM_wkYvC-1ZdCLNVVBYZjqXnpdQngqZDdShuHYkmuEbUve7iBf6mgI1kntD1obVQbUy_udAEYA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
Expires
0
pixel
cm.g.doubleclick.net/ Frame DCF2
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEGilY8_S3K09Et8jLxTn-Q0&google_cver=1&google_push=ASkJ3FaZkwidtuMg8E76NPpZhN27A3u8l6QCoO_MYR81chk-NaT2Gcti2Qn-VebLZ6LJadJRc5-IL3SKrUbTa3M7mkBHmU...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGilY8_S3K09Et8jLxTn-Q0&google_cver=1&google_push=ASkJ3FaZkwidtuMg8E76NPpZhN27A3u8l6QCoO_MYR81chk-NaT2Gcti2Qn-VebLZ6LJadJRc5-IL3SKrUbTa3M7...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fkCZiZFdQM-QqA2zXUG1xw&google_push=ASkJ3FaZkwidtuMg8E76NPpZhN27A3u8l6QCoO_MYR81chk-NaT2Gcti2Qn-VebLZ6LJadJRc5-IL3SKrUbTa3M...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fkCZiZFdQM-QqA2zXUG1xw&google_push=ASkJ3FaZkwidtuMg8E76NPpZhN27A3u8l6QCoO_MYR81chk-NaT2Gcti2Qn-VebLZ6LJadJRc5-IL3SKrUbTa3M7mkBHmUioox0
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fkCZiZFdQM-QqA2zXUG1xw&google_push=ASkJ3FaZkwidtuMg8E76NPpZhN27A3u8l6QCoO_MYR81chk-NaT2Gcti2Qn-VebLZ6LJadJRc5-IL3SKrUbTa3M7mkBHmUioox0
access-control-allow-origin
*
date
Mon, 28 Nov 2022 06:24:23 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pub
cs.chocolateplatform.com/ Frame DCF2 		0
0
pixel
cm.g.doubleclick.net/ Frame DCF2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENPVwGTqbfDXzn_VbwVp9Yc&google_cver=1&google_push=ASkJ3FaS0M8XweY1X3mJBtcbq6KiRp5AqmD-GM7uHmpSzwAPMyligKWMh4k_fDtUkI_GL3bKov...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1yZU82UkQxRTJ1RzNxbFlCU1FZNnh5MXcxWkdsWklCOX5B&google_push=ASkJ3FaS0M8XweY1X3mJBtcbq6KiRp5AqmD-GM7uHmpSzwAPMyligKWMh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1yZU82UkQxRTJ1RzNxbFlCU1FZNnh5MXcxWkdsWklCOX5B&google_push=ASkJ3FaS0M8XweY1X3mJBtcbq6KiRp5AqmD-GM7uHmpSzwAPMyligKWMh4k_fDtUkI_GL3bKovlCKLNIbvKUbDrJgvCUBaWiOHtl
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1yZU82UkQxRTJ1RzNxbFlCU1FZNnh5MXcxWkdsWklCOX5B&google_push=ASkJ3FaS0M8XweY1X3mJBtcbq6KiRp5AqmD-GM7uHmpSzwAPMyligKWMh4k_fDtUkI_GL3bKovlCKLNIbvKUbDrJgvCUBaWiOHtl
date
Mon, 28 Nov 2022 06:24:23 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame DCF2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JQUFvIOUIoRtQKfcm3y2xVsA28t9mELKKt3NA0OGqW6nK_j-CVee80PSyUOlH9yPOJFPrhFw
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
rtimp
g.bidbrain.app/ Frame 3F39 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp?sid=4bfe8e02-6ee5-11ed-8cd8-1efeab03c0c3&d=picrew.me&cr=ext_gen2_v10_start_fires&gid=CAESEBeNNPqTGMM_XQrDlh6-5pk&a=vw_100&p=Y4RUFQANZpsKs-4JAAGkwIHUyOoMbMfifFGIFA&r=1895503832&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
ev
g.bidbrain.app/rt/ Frame BA8F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rt/ev?ka=0.2796914628081819
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
truncated
/ Frame BA8F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8871bd095c410d99dc6bed49dd518e63a706022ce017d4d32075d32d8d19418

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BA8F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 13:22:36 GMT
x-content-type-options
nosniff
age
320506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 13:22:36 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BA8F 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 22:31:34 GMT
x-content-type-options
nosniff
age
373968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 22:31:34 GMT
ev
g.bidbrain.app/rt/ Frame 3F39 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rt/ev?ka=0.5352218747523529
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 2F0D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAdLJiEqzsFH31wxlYj2w_c&google_cver=1&google_push=ASkJ3FY-yzBdojoIzoiZZEBd-p8s1jfbS-ls7ePNQgB2x9-dukYxMWmfjvv0XjTsw6_YZEu7dRwx9Y45EvdTgj7a_GkaCGf8gNg
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzI4ODIzMjUyNDExOTE3ODM2OQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAsU7xqoQ_QiGWdijVrtyyU&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAsU7xqoQ_QiGWdijVrtyyU&google_cver=1
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAsU7xqoQ_QiGWdijVrtyyU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2F0D
Redirect Chain
  • https://a.clickcertain.com/px/img/g/?google_gid=CAESEJ5KgeI9GxIQzloitkGzjwQ&google_cver=1&google_push=ASkJ3FYMBxv2TWkHse1yK7cdaC1WqKLdR8Ee7kFy44K_wjNLTwREkb1Sca5qsbJnFIiW0OLHgGAOo4pnNROoGO3p8FstTwxkCA
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=f0dc648b-5072-4e6a-bef7-d8d8a3e7f635&ccid=f0dc648b-5072-4e6a-bef7-d8d8a3e7f635&redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuid...
  • https://i.liadm.com/s/56408?redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_...
  • https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fg%2f%3fdone%3dtrue%26google_gid%3dCAESEJ5KgeI9GxIQzloitkGzjw...
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEJ5KgeI9GxIQzloitkGzjwQ&google_cver=1&google_push=ASkJ3FYMBxv2TWkHse1yK7cdaC1WqKLdR8Ee7kFy44K_wjNLTwRE...
  • https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEJ5KgeI9GxIQzloitkGzjwQ&google_cver=1&google_push=ASkJ3FYMBxv2TWkHse1yK7cdaC1WqKLdR8Ee7kFy44K_wjNLTwREkb1Sca5qsbJnFIiW0OLHgGAOo4pnNROoG...
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=ASkJ3FYMBxv2TWkHse1yK7cdaC1WqKLdR8Ee7kFy44K_wjNLTwREkb1Sca5qsbJnFIiW0OLHgGAOo4pnNROoGO3p8FstTwxkCA&google_hm=ZjBkYzY0OGItNTA3M...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=ASkJ3FYMBxv2TWkHse1yK7cdaC1WqKLdR8Ee7kFy44K_wjNLTwREkb1Sca5qsbJnFIiW0OLHgGAOo4pnNROoGO3p8FstTwxkCA&google_hm=ZjBkYzY0OGItNTA3Mi00ZTZhLWJlZjctZDhkOGEzZTdmNjM1
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 28 Nov 2022 06:24:23 GMT
x-frontend
cc-nginx-c76b96594-c9jr4:cc-nginx-c76b96594-c9jr4
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
2726c98a-09ec-43c3-828a-c332bc02b3c3
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOt85oNw5ElduUpUS%2B1%2FyTAnpmYzo1DXUJxY9N5RLKljXnDmj3i2JHRhsokaVAUXvkQX9r4ndWkw8jDu2AEPFkDVoUBn7lMU%2BCHGA8sGXET3M84FOTKotpUk1H90QkoNuNEy90eEU4TSaLvouN3w0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=ASkJ3FYMBxv2TWkHse1yK7cdaC1WqKLdR8Ee7kFy44K_wjNLTwREkb1Sca5qsbJnFIiW0OLHgGAOo4pnNROoGO3p8FstTwxkCA&google_hm=ZjBkYzY0OGItNTA3Mi00ZTZhLWJlZjctZDhkOGEzZTdmNjM1
cf-ray
771105319f6954c1-YYZ
pixel
cm.g.doubleclick.net/ Frame 2F0D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEG-bN-Ii5AQ5McFnUqQe_HA&google_cver=1&google_push=ASkJ3FYLpum_InWWv5AdASy-GdzwXXv5mixrLxMwqhz4xe6gUG1kpCRjnuFtKot-TAf-xADOGu3aDcrMoOEkY...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FYLpum_InWWv5AdASy-GdzwXXv5mixrLxMwqhz4xe6gUG1kpCRjnuFtKot-TAf-xADOGu3aDcrMoOEkYWzdOnkxe2iVtF8&google_hm=SlRXcXNBdnBwdFowQlhhU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FYLpum_InWWv5AdASy-GdzwXXv5mixrLxMwqhz4xe6gUG1kpCRjnuFtKot-TAf-xADOGu3aDcrMoOEkYWzdOnkxe2iVtF8&google_hm=SlRXcXNBdnBwdFowQlhhUW5OLTQ=
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:22 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FYLpum_InWWv5AdASy-GdzwXXv5mixrLxMwqhz4xe6gUG1kpCRjnuFtKot-TAf-xADOGu3aDcrMoOEkYWzdOnkxe2iVtF8&google_hm=SlRXcXNBdnBwdFowQlhhUW5OLTQ=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2F0D
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGXoBbpvjyRYlAowvsJ0LYg&google_cver=1&google_push=ASkJ3FadNn6U2iug-TAfSToh2Zzz6Q9QJ85mJj5iYPe7iblwM8pjw7Q-oJqkYVjpgyBW3uf24UTQ_UpYyoxegXFI...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=61514701&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ASkJ3FadNn6U2iug-TAfSToh2Zzz6Q9QJ85mJj5iYPe7iblw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=61514701&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ASkJ3FadNn6U2iug-TAfSToh2Zzz6Q9QJ85mJj5iYPe7iblwM8pjw7Q-oJqkYVjpgyBW3uf24UTQ_UpYyoxegXFIv8_rSdE5aCM
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=61514701&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ASkJ3FadNn6U2iug-TAfSToh2Zzz6Q9QJ85mJj5iYPe7iblwM8pjw7Q-oJqkYVjpgyBW3uf24UTQ_UpYyoxegXFIv8_rSdE5aCM
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
2OcVQj2dZblpAgzx5IgOCupwWmScDB_Tz-p6Bwwmr0r3PyTB34h6UA==
pixel
cm.g.doubleclick.net/ Frame 2F0D
Redirect Chain
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEA1W7_HhmzXixCAKXXc0VcA&google_cver=1&google_push=ASkJ3FYQA8szRofW8LvDClFR5cbZCTzxan_XY9aJDSeiwJsHGaJXvR49StHdoFKFhcTggnBFYd8YyeVTpyeSHcM4P1U62Rc...
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=MDEyZWNjNDJlNTE0NDUyODk0N2RjOTNhZDA2MjQ0OWY%3D&UIDF=CAESEA1W7_HhmzXixCAKXXc0VcA&google_cver=1&google_push=ASkJ3FYQA8szRofW8LvDClFR5cbZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=MDEyZWNjNDJlNTE0NDUyODk0N2RjOTNhZDA2MjQ0OWY%3D&UIDF=CAESEA1W7_HhmzXixCAKXXc0VcA&google_cver=1&google_push=ASkJ3FYQA8szRofW8LvDClFR5cbZCTzxan_XY9aJDSeiwJsHGaJXvR49StHdoFKFhcTggnBFYd8YyeVTpyeSHcM4P1U62RciigY
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=MDEyZWNjNDJlNTE0NDUyODk0N2RjOTNhZDA2MjQ0OWY%3D&UIDF=CAESEA1W7_HhmzXixCAKXXc0VcA&google_cver=1&google_push=ASkJ3FYQA8szRofW8LvDClFR5cbZCTzxan_XY9aJDSeiwJsHGaJXvR49StHdoFKFhcTggnBFYd8YyeVTpyeSHcM4P1U62RciigY
date
Mon, 28 Nov 2022 06:24:23 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
pixel
cm.g.doubleclick.net/ Frame 2F0D
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEDK0uSY77NYj1N2wfx6Wfh8&google_cver=1&google_push=ASkJ3FZfRZdm2AZjTYUSF7vK4_oUJMqAtJnsL42ss9VVXigwRcavYe--u_uS-_3DwDZ7WtRuf6NEV...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FZfRZdm2AZjTYUSF7vK4_oUJMqAtJnsL42ss9VVXigwRcavYe--u_uS-_3DwDZ7WtRuf6NEVdWIqw8EKOCOBikaG5LhemA&google_hm=WTRSVUY4Q284...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FZfRZdm2AZjTYUSF7vK4_oUJMqAtJnsL42ss9VVXigwRcavYe--u_uS-_3DwDZ7WtRuf6NEVdWIqw8EKOCOBikaG5LhemA&google_hm=WTRSVUY4Q284WUFBQUM3Q245NEFBQUFB
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Mon, 28 Nov 2022 06:24:23 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEDK0uSY77NYj1N2wfx6Wfh8&google_cver=1&google_push=ASkJ3FZfRZdm2AZjTYUSF7vK4_oUJMqAtJnsL42ss9VVXigwRcavYe--u_uS-_3DwDZ7WtRuf6NEVdWIqw8EKOCOBikaG5LhemA","cluster_id":0,"gdpr":false,"ipv4":"149.56.153.186","key":"Y4RUF8Co8YAAAC7Cn94AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40014"}
X-SO-Key
Y4RUF8Co8YAAAC7Cn94AAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40014
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FZfRZdm2AZjTYUSF7vK4_oUJMqAtJnsL42ss9VVXigwRcavYe--u_uS-_3DwDZ7WtRuf6NEVdWIqw8EKOCOBikaG5LhemA&google_hm=WTRSVUY4Q284WUFBQUM3Q245NEFBQUFB
Cache-Control
private
X-SO-HostName
a-ad40014.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
135
Content-Length
0
X-SO-LB-Hostname
m-tgng28.dc4p.scaleout.jp
X-SO-IP
149.56.153.186
pixel
cm.g.doubleclick.net/ Frame 2F0D
Redirect Chain
  • https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEKaSzF_dx6hQNeYfGfQhN3I&google_cver=1&google_push=ASkJ3Fb7a67D64PJGAJtBU4aSYz2QnHfG-9IHcGI8QA6JoGQ_J6Ht2iZJIiK1XUQwOgUyXGGVBv3OD3tQ1cVcFh056mVi...
  • https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTQzNDE2Njk2MTY2NjIzMTEzODNhNA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTQzNDE2Njk2MTY2NjIzMTEzODNhNA==
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTQzNDE2Njk2MTY2NjIzMTEzODNhNA==
date
Mon, 28 Nov 2022 06:24:22 GMT
content-length
0
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 2F0D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IoFzPRlVV0EwP4BuRFVaKdLFgAk8p0mRncxnLkxOPMLC9uZVG4fd_SnsrFNav01tOOQ8wQGA
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:22 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
rtimp
g.bidbrain.app/ Frame 3F39 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp?sid=4bfe8e02-6ee5-11ed-8cd8-1efeab03c0c3&d=picrew.me&cr=ext_gen2_v10_start_fires&gid=CAESEBeNNPqTGMM_XQrDlh6-5pk&a=load&p=Y4RUFQANZpsKs-4JAAGkwIHUyOoMbMfifFGIFA&r=1895503832&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
set
sync.im-apps.net/imid/ Frame FA1C 		43 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.im-apps.net/imid/set?cid=6858&tid=lid&uid=Wt7ty2ckHcOzDJ12flgymibipRo
Requested by
Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.183.255 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-183-255.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.logly.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

expires
Mon, 28 Nov 2022 07:14:23 GMT
date
Mon, 28 Nov 2022 06:24:23 GMT
cache-control
max-age=3000
content-type
image/gif
/
aw.dw.impact-ad.jp/c/mapr/ Frame FA1C
Redirect Chain
  • https://aw.dw.impact-ad.jp/c/map/?oid=26eb996a1a9c6758&cid=Wt7ty2ckHcOzDJ12flgymibipRo&sp=dsd
  • https://aw.dw.impact-ad.jp/c/mapr/?oid=26eb996a1a9c6758&cid=Wt7ty2ckHcOzDJ12flgymibipRo&sp=dsd
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aw.dw.impact-ad.jp/c/mapr/?oid=26eb996a1a9c6758&cid=Wt7ty2ckHcOzDJ12flgymibipRo&sp=dsd
Requested by
Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol
H3
Server
2600:1901:0:80:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.logly.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:23 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains;
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif

Redirect headers

date
Mon, 28 Nov 2022 06:24:23 GMT
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains;
content-type
text/plain; charset=utf-8
location
/c/mapr/?oid=26eb996a1a9c6758&cid=Wt7ty2ckHcOzDJ12flgymibipRo&sp=dsd
cache-control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rtimp
g.bidbrain.app/ Frame BA8F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp?sid=4b89e6e2-6ee5-11ed-b0c1-5ab254132289&d=picrew.me&cr=ext_gen2_v10_start_fires&gid=CAESEBeNNPqTGMM_XQrDlh6-5pk&a=load&p=Y4RUFQABln4JiA7DAAtdSTYH_sOUePjQ8x36nw&r=1974900517&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:22 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
ev
g.bidbrain.app/rt/ Frame BA8F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rt/ev?ka=0.16555701316208826
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
ev
g.bidbrain.app/rt/ Frame 3F39 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rt/ev?ka=0.4585398158403473
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
im-uid-hook.js
dmp.im-apps.net/scripts/ 		633 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.25.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::172c:edb9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 06:24:23 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Content-Type
text/javascript
Cache-Control
public, max-age=3600, s-maxage=10800
Connection
keep-alive
Content-Length
445
ev
g.bidbrain.app/rt/ Frame BA8F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rt/ev?ka=0.5640453089097182
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
im-uid.js
dmp.im-apps.net/sdk/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::172c:edb9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0fe40c5652ce04b1e56ca22a7ab824498d35aaff5e4fa1d06771260a46339c6d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
GqMhJUeqm2nlsAjQPEaS4RkVkn9zD3Zz
Content-Encoding
gzip
Date
Mon, 28 Nov 2022 06:24:23 GMT
Last-Modified
Tue, 13 Sep 2022 05:29:25 GMT
ETag
"484902e01849ef7afab23dd06d623c25"
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
CP="NOI PSD OTR"
Cache-Control
max-age=10800
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2442
get
audiencedata.im-apps.net/imuid/ 		10 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audiencedata.im-apps.net/imuid/get?cid=3929&vid=01GJYEGW1AEN1XJ5E0D8ZBKX52
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
https://picrew.me
date
Mon, 28 Nov 2022 06:24:23 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10
content-type
application/json
ev
g.bidbrain.app/rt/ Frame 3F39 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rt/ev?ka=0.21534190106884799
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
ev
g.bidbrain.app/rt/ Frame BA8F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rt/ev?ka=0.1843120554330695
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
rtimp
g.bidbrain.app/ Frame 3F39 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp?sid=4bfe8e02-6ee5-11ed-8cd8-1efeab03c0c3&d=picrew.me&cr=ext_gen2_v10_start_fires&gid=CAESEBeNNPqTGMM_XQrDlh6-5pk&a=ev_prf&p=Y4RUFQANZpsKs-4JAAGkwIHUyOoMbMfifFGIFA&r=1895503832&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1&ps=%5B%22159.00%22%2C%22131.80%22%2C%2252.20%22%2C%2249.20%22%5D
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
rtimp
g.bidbrain.app/ Frame BA8F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp?sid=4b89e6e2-6ee5-11ed-b0c1-5ab254132289&d=picrew.me&cr=ext_gen2_v10_start_fires&gid=CAESEBeNNPqTGMM_XQrDlh6-5pk&a=ev_prf&p=Y4RUFQABln4JiA7DAAtdSTYH_sOUePjQ8x36nw&r=1974900517&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1&ps=%5B%22133.60%22%2C%2246.30%22%2C%2255.70%22%2C%2247.20%22%5D
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 0A42 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEcUpUfVgSMrTr2nk8W7xK28DkBIuDedRA5lUOtJBAchovRQkmfRLpaVlQlcbZ69vCTXVwGinswqjuEKhlG1hNIRox&sig=Cg0ArKJSzOv6IjeCUpTNEAE&cid=CAASFeRok8a68jBQ_Olo-qmEQgS_jeKpmw&id=lidar2&mcvt=1001&p=0,0,90,1024&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1451812378&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669616660098&rpt=1594&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=picrew.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=picrew.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		76 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4100222670287867&correlator=2584143264552230&eid=44752585&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=9116787%3A22014346682%2C1522791&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C336x280%7C300x600&fluid=height&ifi=7&adks=2796833608&sfv=1-0-40&prev_scp=cpt%3Dtrue%26cptver%3D2.13.0%26slotdiv%3D1522791%26mini_cpt_type%3Ddirect%26gn_size%3D300x250%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D1.00%26hb_adid%3D7111b3d185f8fa9%26hb_bidder%3Drubicon&eri=1&cust_params=geniee_pv%3D05e291ad-dc98-405f-9b98-e3ba1b7e1176%26cpt_type%3Ddefault%26geniee_type%3D0%26geniee-type%3D0%26refresh_tool%3Dgoogle&ppid=00059a41-1846-4293-9d6a-9f126ca608fa&sc=1&cookie=ID%3De4c2aaea19cd6b06-22c336fd80d80084%3AT%3D1669616659%3AS%3DALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA&gpic=UID%3D000008bb3df6252b%3AT%3D1669616659%3ART%3D1669616659%3AS%3DALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg&abxe=1&dt=1669616663347&lmt=1669616663&dlt=1669616658888&idt=406&adxs=1012&adys=881&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpicrew.me%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=1744558789.1669616659&ga_sid=1669616659&ga_hid=584672500&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be6523226edc30fbc1b6c67847028bd994fbda67a1a7005e59838b4f13d3b81d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37005
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://picrew.me
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.132.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 29 Nov 2022 06:24:23 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 29 Nov 2022 06:24:23 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3F39 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3OmMPxfKiFEp5ioJhxDn0dhdfMiGg0QOAuQabbpj8edtuwM4AJGw296UIXwnL35OUfTItkWiov2g7Qt2tg4DLyd1U&sig=Cg0ArKJSzP-qbBPBKFoSEAE&cid=CAASFeRo9mSIWK2gyG2IgLRoImDp5DU7tg&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1057466509&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669616662269&rpt=430&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 737E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://picrew.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 06:24:20 GMT
expires
Tue, 28 Nov 2023 06:24:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 48C2 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CK36vQEQiPmEAhigoIXZATAB&v=APEucNU6V8EOt6i6k-aloXTwSXN1rU_ND99Ar06eEiSujq3jvzfRv3io0uyDnraKsK9qveMjh63zSyLimXNJts4qQtclmtnZZA
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 06:24:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 737E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 20:37:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
35195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 20:37:48 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 737E 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 20:37:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
35195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2477
x-xss-protection
0
server
cafe
etag
8436122973860808490
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 20:37:48 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 737E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9GBHJGUAi2V-d3csGo6bSoyHlHYF4ZOtwk4E6a47X_Sik97NGp0Z8fOWtdu4y9Et_xHEyIaf3p3u7OdRDibcmcFO82B1ZKzJCT5AlUnccV9n87ZuxbzJWpf6sGHiwH-RCvpbmIoVwxYNvIRAiqtmWBpITLmE3osmsqapx5IQ7dWk1SOYEj8VvuCbFwvMO93e2W86CaQ0ZvERaIH6vBNH0LR9xkzCGXzPlx8LrtSyXDR5_KDvGigLXEKqTolvvEARGZ9N16cjpqTv7Uhja6Z0nGDDXtXKXZqy9CdGYNp8KHOVLPKD1DhRTBk6lEBhF17j5yui1OtDAoapQnM-RnvZmUWFwlQzJU7EfCagTiezIDyuqbnP3llKKALTXkSt7GEWPWokNbxTB7EZ4R6UuMZ08EPWrlfpSwwvkYvegm9YdueE-abkAs8VhcswZ7-ouiC_RP_WceWtAlasppzN_UYOPtKlKgz6hY60LauNTNrXQjgE31vPIDVjSEHs0b4akOUbxXKqQEUbJuTB7KkDMAO1Qr57ELq-hTrTbTZUzEqIIOc3Q98pL3AIWMHgf0m8RIa1FkFqk7u3txmCraAf5nSP_g-mplHCyi6qzvzFcmmIGT1oLdl5ZBdfc_hBtNExvvgrw4ASor9Ir4CLk77yrrkxWIp5rU7h6ydVSUBbQfUDgY4Mts3hldr-j1wSQTmYP8z6gJWQxzqwcrylhgtOoQgiTtYAGR1AMYnMxS1EQi0vQkDDp_pOVXAEkAecjsXvCA_7eyVDlQxyUiDU9oAWOGWE6j7iob-8sLMaDTytXV95lmaonblm_mo2qwHDqL6duPNfSgMPyfbUtEVIGdKqBhAkDxzBEC6JuBDPwvrBUP4hbEyHQ0J7L6UeUNrz0eUBWOCUUFzeI469zB2I3sYFZ4vVjokLvzTDZqC2Zp3pxelaLtKtOt8Ww1tBQd8PjSPZ8b7yX1a7ph82jvOcaxXSQSbDoKxskMyEdDc0Uvkt9OaxnHyuJ5SwnrDlcg9bHn58bkjQvCMN8UnXSAEkDtLNivgPdVUx5rb3t8WgPggrvwbsHYcbpLmzY__l-AxGuZrESjU7OeFBtKGyAvWmLzxCusqm_SqeTsfL2eqOjJLzpO1oeoiN6wfRLi6ozAUCBsjXWosOaMmaQppIEfJ8HuzeJfhMRdeF1NJaXY5cc1_DBo64TPhXgD9duo45k84ZDO-7JsYEYffbOn5-A4vxHmxpnGquQ6lAGQTLnYuacezrnRQAL&sai=AMfl-YQGmUAxHo-feCK9mXoCwLVYl3-rfNy8DNvm7XUskBmmadFlzqiSPXnb_Om2YwgeXHlKxkzEIedGVpyZDjX_S6FOz8qVQwubI2hI0o-MWb2vLSxzMQHOYSyMJcVT0rLdFR3SiGu5WhuYPU40ocpAjSX7hUqR49KcwXoIFksiIZgvZgItG5LX2G6Kht7T1KACfsyhxUzxl721w9v7mts6IrxGOfvuNjRR0TXdA0VkH0dm4gmrlJCfRazKULvbbvoNOnK5RiBBdYmRu0TsU1GZLsudQtxLfBUfaAZ1lXf1MBwCbf-g7mUmYG7xlhMG8DpyjN39wqT8aNF-YSsdVxdm2Aa2x7nn4yXeOifc1-HwYXRfAkE5FQVm-3F4tqIdgi4eJ2pgfwHJ8qK_lcD9BFXW186cNCrJvOEL22ZXYaTyr292qfW7sE1IDhsNDWHvaPqz4jUPT0246XYYmkHAN84-yNsMIJ5FQrs2V3gCt7F60LpPztcVh74bKw9LG6xpOq_fdGgV9d8p9G-wTw&sig=Cg0ArKJSzLBqlF2Hub1SEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20221110.60604&arae=0&ftch=1&adurl=
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 28 Nov 2022 06:24:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 28 Nov 2022 06:24:23 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 737E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 22:55:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
372541
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 22:55:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 737E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CErcD9GCNT8B8DEjhAo-C4WqbwvqerVJ1YxssnMjXQGyiLhrwkNPuvbBJI0qrdNCqQCn38ddye7Ghw6KpRiwsSr27DHYypjXptrRg7FJIt49p-ZW4
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 737E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 19:08:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
40535
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 19:08:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 737E 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 19:08:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
40535
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 19:08:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 737E 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Nov 2022 06:24:23 GMT
9734936652464022298
s0.2mdn.net/simgad/ Frame 737E 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9734936652464022298
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac4c6893011528b42b4883ee72fa9c19c4d0b9e6918e0ecd1f5b2c4608f315a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 04:58:33 GMT
x-content-type-options
nosniff
age
5150
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38768
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 21:46:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 04:58:33 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0F54 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
47774
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 17:08:09 GMT
etag
48472445140208031
expires
Mon, 28 Nov 2022 17:08:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 48C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAphbbQwgEtGzJ5EDcQU2nw&google_cver=1
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAphbbQwgEtGzJ5EDcQU2nw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK36vQEQiPmEAhigoIXZATAB&v=APEucNU6V8EOt6i6k-aloXTwSXN1rU_ND99Ar06eEiSujq3jvzfRv3io0uyDnraKsK9qveMjh63zSyLimXNJts4qQtclmtnZZA
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAphbbQwgEtGzJ5EDcQU2nw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 48C2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4RUFRmFUR9wEVZ4O6-xMQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAphbbQwgEtGzJ5EDcQU2nw&google_cver=1
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAphbbQwgEtGzJ5EDcQU2nw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK36vQEQiPmEAhigoIXZATAB&v=APEucNU6V8EOt6i6k-aloXTwSXN1rU_ND99Ar06eEiSujq3jvzfRv3io0uyDnraKsK9qveMjh63zSyLimXNJts4qQtclmtnZZA
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAphbbQwgEtGzJ5EDcQU2nw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 48C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGpqMz9WTsiy50F0sFZkeSE&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGpqMz9WTsiy50F0sFZkeSE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK36vQEQiPmEAhigoIXZATAB&v=APEucNU6V8EOt6i6k-aloXTwSXN1rU_ND99Ar06eEiSujq3jvzfRv3io0uyDnraKsK9qveMjh63zSyLimXNJts4qQtclmtnZZA
Protocol
HTTP/1.1
Server
68.67.161.182 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:23 GMT
AN-X-Request-Uuid
795d9565-3ae4-485e-985b-26e2112be8b9
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGpqMz9WTsiy50F0sFZkeSE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 48C2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ5NDkyOTY1MTU3OTYxMTc0MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ5NDkyOTY1MTU3OTYxMTc0MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK36vQEQiPmEAhigoIXZATAB&v=APEucNU6V8EOt6i6k-aloXTwSXN1rU_ND99Ar06eEiSujq3jvzfRv3io0uyDnraKsK9qveMjh63zSyLimXNJts4qQtclmtnZZA
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:23 GMT
AN-X-Request-Uuid
b6d22067-d096-4139-8a93-afd592ca4aca
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ5NDkyOTY1MTU3OTYxMTc0MA%3D%3D
Connection
keep-alive
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F8F9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
387098
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 18:52:45 GMT
expires
Thu, 23 Nov 2023 18:52:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 737E 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69d4204fa9cb9a4a21fc4d380cff87ac34bab79d43ec333cee350fe180126e82

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 0F54
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBQn9zElvOoOMTMdbwbZ33w&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBQn9zElvOoOMTMdbwbZ33w&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cUZ5MVgyZncxT1p4ejI1&google_gid=CAESEBQn9zElvOoOMTMdbwbZ33w&google_cver=1&google_push=ASkJ3FYF-yOydNOvtZ3u2jJ_lvcGWoD5z98CNmnhV_8wkdq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cUZ5MVgyZncxT1p4ejI1&google_gid=CAESEBQn9zElvOoOMTMdbwbZ33w&google_cver=1&google_push=ASkJ3FYF-yOydNOvtZ3u2jJ_lvcGWoD5z98CNmnhV_8wkdqkURO488nJmtUhndKBHp9F_95aMoIiMCWvGqBEsM9aCZ6wDPlbeZoaGF7l_MLF_2dbdGBGzQ206FmiS87rPwHoeJ2Meq2k3g
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:24 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-050a154370799ba0a@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cUZ5MVgyZncxT1p4ejI1&google_gid=CAESEBQn9zElvOoOMTMdbwbZ33w&google_cver=1&google_push=ASkJ3FYF-yOydNOvtZ3u2jJ_lvcGWoD5z98CNmnhV_8wkdqkURO488nJmtUhndKBHp9F_95aMoIiMCWvGqBEsM9aCZ6wDPlbeZoaGF7l_MLF_2dbdGBGzQ206FmiS87rPwHoeJ2Meq2k3g
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0F54
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHqlGQbzCywU4fXVHsPji60&google_cver=1&google_push=ASkJ3FY_hP4hKXCyhVOqRR4LKhiL7AUMbHRZqx3D7bH0iIkzPXfHwiMv2_iLaJt08nYtS-zhOPf7J8sv...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzUwMzEwNDIyMzk2NzYzMTQ4Mw&google_push=ASkJ3FY_hP4hKXCyhVOqRR4LKhiL7AUMbHRZqx3D7bH0iIkzPXfHwiMv2_iLaJt08nYtS-zhOPf7J8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzUwMzEwNDIyMzk2NzYzMTQ4Mw&google_push=ASkJ3FY_hP4hKXCyhVOqRR4LKhiL7AUMbHRZqx3D7bH0iIkzPXfHwiMv2_iLaJt08nYtS-zhOPf7J8svrWAne_w0-tCcmfHR5YfAqmrjZpEK3-wfD8jpGpyUAbiqNAR1nu0sskJeU8P7ew
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzUwMzEwNDIyMzk2NzYzMTQ4Mw&google_push=ASkJ3FY_hP4hKXCyhVOqRR4LKhiL7AUMbHRZqx3D7bH0iIkzPXfHwiMv2_iLaJt08nYtS-zhOPf7J8svrWAne_w0-tCcmfHR5YfAqmrjZpEK3-wfD8jpGpyUAbiqNAR1nu0sskJeU8P7ew
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 0F54
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEJPWadgTB7YGbDEgJBK48uI&google_cver=1&google_push=ASkJ3FYLJVK3lJNmurxT8n-vfryOVaLoG2dajfDyHwo1BRlZQw60vSOyIf1G8ipCpigXto9afOlQeXNk...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEJPWadgTB7YGbDEgJBK48uI%26google_cver%3D1%26google_push%3DASkJ3FYLJVK3lJNmurxT8n...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A1123812072003717008&exchange=193&google_gid=CAESEJPWadgTB7YGbDEgJBK48uI&google_cver=1&google_push=ASkJ3FYLJVK3lJNmurxT8n-vfryOVaLoG2dajfDyHwo1BRlZQw60...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTExMjM4MTIwNzIwMDM3MTcwMDg&google_push=ASkJ3FYLJVK3lJNmurxT8n-vfryOVaLoG2dajfDyHwo1BRlZQw60vSOyIf1G8ipCpigXto9afOlQeXN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTExMjM4MTIwNzIwMDM3MTcwMDg&google_push=ASkJ3FYLJVK3lJNmurxT8n-vfryOVaLoG2dajfDyHwo1BRlZQw60vSOyIf1G8ipCpigXto9afOlQeXNkRGelg2M4A96Z2Qnuci6bU4MGnT_sRxr955B3pzZ1NNk4hPBPw2GdMpZzok7X6i-8
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTExMjM4MTIwNzIwMDM3MTcwMDg&google_push=ASkJ3FYLJVK3lJNmurxT8n-vfryOVaLoG2dajfDyHwo1BRlZQw60vSOyIf1G8ipCpigXto9afOlQeXNkRGelg2M4A96Z2Qnuci6bU4MGnT_sRxr955B3pzZ1NNk4hPBPw2GdMpZzok7X6i-8
Date
Mon, 28 Nov 2022 06:24:24 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 0F54
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEHqY6Nr8CPJUv4tMu4x9FZM&google_cver=1&google_push=ASkJ3Fbdc722lPT2MseJmq9iqHCgQMW5FZrSoY-PfXgitr0zmkGehZT97rx_dXbkvsSUPX9FYqrvopOUbZUmsU5OtxByyW6...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ASkJ3Fbdc722lPT2MseJmq9iqHCgQMW5FZrSoY-PfXgitr0zmkGehZT97rx_dXbkvsSUPX9FYqrvopOUbZUmsU5OtxByyW6DqiqaGiOoCNyyZn4_y_X9wVUcip...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ASkJ3Fbdc722lPT2MseJmq9iqHCgQMW5FZrSoY-PfXgitr0zmkGehZT97rx_dXbkvsSUPX9FYqrvopOUbZUmsU5OtxByyW6DqiqaGiOoCNyyZn4_y_X9wVUcip4OWfxw7sTGNHIQzcmxjG69&google_hm=MjgwOTc1MzYwODIxMjQ3ODE1MQ==
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ASkJ3Fbdc722lPT2MseJmq9iqHCgQMW5FZrSoY-PfXgitr0zmkGehZT97rx_dXbkvsSUPX9FYqrvopOUbZUmsU5OtxByyW6DqiqaGiOoCNyyZn4_y_X9wVUcip4OWfxw7sTGNHIQzcmxjG69&google_hm=MjgwOTc1MzYwODIxMjQ3ODE1MQ==
Date
Mon, 28 Nov 2022 06:24:23 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
attr
cm.g.doubleclick.net/pixel/ Frame 0F54 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JYC5xcdnvXajSsW14t_ASWJvH_xmrFRlCpouJT4fm4EXWCuePhDrA
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame 737E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9GBHJGUAi2V-d3csGo6bSoyHlHYF4ZOtwk4E6a47X_Sik97NGp0Z8fOWtdu4y9Et_xHEyIaf3p3u7OdRDibcmcFO82B1ZKzJCT5AlUnccV9n87ZuxbzJWpf6sGHiwH-RCvpbmIoVwxYNvIRAiqtmWBpITLmE3osmsqapx5IQ7dWk1SOYEj8VvuCbFwvMO93e2W86CaQ0ZvERaIH6vBNH0LR9xkzCGXzPlx8LrtSyXDR5_KDvGigLXEKqTolvvEARGZ9N16cjpqTv7Uhja6Z0nGDDXtXKXZqy9CdGYNp8KHOVLPKD1DhRTBk6lEBhF17j5yui1OtDAoapQnM-RnvZmUWFwlQzJU7EfCagTiezIDyuqbnP3llKKALTXkSt7GEWPWokNbxTB7EZ4R6UuMZ08EPWrlfpSwwvkYvegm9YdueE-abkAs8VhcswZ7-ouiC_RP_WceWtAlasppzN_UYOPtKlKgz6hY60LauNTNrXQjgE31vPIDVjSEHs0b4akOUbxXKqQEUbJuTB7KkDMAO1Qr57ELq-hTrTbTZUzEqIIOc3Q98pL3AIWMHgf0m8RIa1FkFqk7u3txmCraAf5nSP_g-mplHCyi6qzvzFcmmIGT1oLdl5ZBdfc_hBtNExvvgrw4ASor9Ir4CLk77yrrkxWIp5rU7h6ydVSUBbQfUDgY4Mts3hldr-j1wSQTmYP8z6gJWQxzqwcrylhgtOoQgiTtYAGR1AMYnMxS1EQi0vQkDDp_pOVXAEkAecjsXvCA_7eyVDlQxyUiDU9oAWOGWE6j7iob-8sLMaDTytXV95lmaonblm_mo2qwHDqL6duPNfSgMPyfbUtEVIGdKqBhAkDxzBEC6JuBDPwvrBUP4hbEyHQ0J7L6UeUNrz0eUBWOCUUFzeI469zB2I3sYFZ4vVjokLvzTDZqC2Zp3pxelaLtKtOt8Ww1tBQd8PjSPZ8b7yX1a7ph82jvOcaxXSQSbDoKxskMyEdDc0Uvkt9OaxnHyuJ5SwnrDlcg9bHn58bkjQvCMN8UnXSAEkDtLNivgPdVUx5rb3t8WgPggrvwbsHYcbpLmzY__l-AxGuZrESjU7OeFBtKGyAvWmLzxCusqm_SqeTsfL2eqOjJLzpO1oeoiN6wfRLi6ozAUCBsjXWosOaMmaQppIEfJ8HuzeJfhMRdeF1NJaXY5cc1_DBo64TPhXgD9duo45k84ZDO-7JsYEYffbOn5-A4vxHmxpnGquQ6lAGQTLnYuacezrnRQAL&sai=AMfl-YQGmUAxHo-feCK9mXoCwLVYl3-rfNy8DNvm7XUskBmmadFlzqiSPXnb_Om2YwgeXHlKxkzEIedGVpyZDjX_S6FOz8qVQwubI2hI0o-MWb2vLSxzMQHOYSyMJcVT0rLdFR3SiGu5WhuYPU40ocpAjSX7hUqR49KcwXoIFksiIZgvZgItG5LX2G6Kht7T1KACfsyhxUzxl721w9v7mts6IrxGOfvuNjRR0TXdA0VkH0dm4gmrlJCfRazKULvbbvoNOnK5RiBBdYmRu0TsU1GZLsudQtxLfBUfaAZ1lXf1MBwCbf-g7mUmYG7xlhMG8DpyjN39wqT8aNF-YSsdVxdm2Aa2x7nn4yXeOifc1-HwYXRfAkE5FQVm-3F4tqIdgi4eJ2pgfwHJ8qK_lcD9BFXW186cNCrJvOEL22ZXYaTyr292qfW7sE1IDhsNDWHvaPqz4jUPT0246XYYmkHAN84-yNsMIJ5FQrs2V3gCt7F60LpPztcVh74bKw9LG6xpOq_fdGgV9d8p9G-wTw&sig=Cg0ArKJSzLBqlF2Hub1SEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=108&vt=11&dtpt=106&dett=2&cstd=1&cisv=r20221110.60604&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 28 Nov 2022 06:24:23 GMT
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame F8F9 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 05:58:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Nov 2023 05:58:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8F9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMuXCF1SEY_XRGNSUoPwPh_-kqA8AAAAAOAHgBAI&bg=!NjWlNXHNAAbvMpMzzzI7ACkAdvg8Wt5PHKGopCVVGpx7DzqCyLsLhKoH0gGJ91q3cfIZWyrS-c7cfQIAAABOUgAAAAJoAQeZAu7MiPk7VAk5l74km_GRUjXxNvw2ZHEAaIQOJYfLglirCBFKDZDxMRtWK5MkKNZTgGqpNK2lJEoWgV1jpw2T_r3ewERhsvhM55ZZmP2hUgQlq-ZmP5AzQ1STLH2SYQZs7e3MgqNrbTdOXl7QTnumbIuvPR8J4NSW2Ep2ZKPJ3rOeDu5MkB3VFh9DzUsm9NeZORTvD4b0gSnEcl1ntNOu84BkPeWAKgsXseqpWYo_qvE8TKFGd9SSSqjY9lvpmSibEWAQWoYGGkith0Kzmw0mPd_zrr9YgHRRCnIUuryPj2jwmR-4AWV0DwzLlRPNMJ0KL2hNnaexRrpgCMeC65LBC0cnfX4-GVTyBBXoDzXMkG9O4EV09TNAFLWuCCU4yXa99k0GUMJ_x4F9uaj3ozydxfeqiyAO211Pi9f9VWeTHVCTIm1NghI9dk3d13fa4MYC3XLeJxQZLZg5UweTue2uq564jB-QB3TrUk3dvj9RIMUHOqRbDYEmjpQxFFECL450gbx3LUvfHjiWnSAURR9gNuAWJlo0u2ZHaYhV3Qm5fgZ8kS3l6JajZwxEUWtcuVfqERoKXumRxtIpB2KRBhjwto2ySBVDW3teRSsiN2ILpHK54hFRz9UGwsHT7S-Ty6HElVr176G624RXCTgUSprUOQQC8K7E0q9m7Ux09gvcENEVwyQWVr-D3hZ3_zteEB3TMnM-HVNLXn__SdnD0OascjWTRBUmrTCo7ENf-jY-70W6OQ8j8UUBcSZY9jVqsSwsBg_XM6ow6dcdAVD_sDBI-3gESeRCuYh-4b6yP2f9EiBJV22whNwYNVpLxNqtgXTDjUlyg0btwlwTWfUSOCHlhJdYXf2WOCN3sLGKiMiQtmIhmFmPxPFdhdZjX9i2O9dsaguhf95kKSKex8ymE6-_I-EBsk7bcQueq9_R466HAU6ydxfS7KWDro-d4-b5JrPsvZHyEt8Dt6Ar4-PrsUYRD7JgFc-m1eT8TbSZ968L-6w
Requested by
Host: 4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
URL: https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 9ABA 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:23 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame 737E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaAbYNrW3dx5bQqEXuqye38ecvpOCrh4XgUUAKZjcboJdNS6MDVztKNe0qoU53yY3Ft30dYSgnFbbcfLgLreLxBEKfZt1bqvWzgKTSwCavXSNjCp6RzZa10Q&sai=AMfl-YRpsX6cc9URqtzuGqA2e6KzAmWhncjRvM46j-OkBbCBHOFiAn9lHUf1Fy62WPAU_GfbXwDzzLLLLSCjBVWEbs80oOcpEgKBBWhafjogvojQLzbxQcKYNIEKPGmgv40AN2re9ywEFXC20temLiChk2g&sig=Cg0ArKJSzHYx2GbBgApREAE&cid=CAQSTgDq26N9tAUNfq9Lfom8dH7R9W_qkm-beYco10hm1oa0EJi37O4D-rO-OsTXZcVXjCVlcmu2XVlF834sIMIMompTpMKWIsPS1QvgZY_onBgBIBM&id=lidar2&mcvt=1000&p=881,1012,1481,1312&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=0.53&if=1&vu=1&app=0&itpl=20&adk=2796833608&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669616663777&rpt=151&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
%7B%22slots%22%3A%5B%7B%22sd%22%3A%221522791%22%2C%22a%22%3A%7B%22c%22%3A0%7D%2C%22g%22%3A%7B%22c%22%3A1%2C%22s%22%3A%5B%5B300%2C250%5D%2C%5B336%2C280%5D%2C%5B300%2C600%5D%5D%2C%22sn%22%3A%22%2F911...
aax.amazon-adsystem.com/x/px/p/PH/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22slots%22%3A%5B%7B%22sd%22%3A%221522791%22%2C%22a%22%3A%7B%22c%22%3A0%7D%2C%22g%22%3A%7B%22c%22%3A1%2C%22s%22%3A%5B%5B300%2C250%5D%2C%5B336%2C280%5D%2C%5B300%2C600%5D%5D%2C%22sn%22%3A%22%2F9116787%2C22014346682%2F1522791%22%7D%7D%2C%7B%22a%22%3A%7B%22c%22%3A2%2C%22sn%22%3A%22%22%7D%2C%22g%22%3A%7B%22c%22%3A0%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1622434501417-0%22%2C%22a%22%3A%7B%22c%22%3A0%7D%2C%22g%22%3A%7B%22c%22%3A1%2C%22s%22%3A%5B%5B300%2C250%5D%2C%5B336%2C280%5D%5D%2C%22sn%22%3A%22%2F9176203%2C22014346682%2F1749267%22%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1598262175839-0%22%2C%22a%22%3A%7B%22c%22%3A0%7D%2C%22g%22%3A%7B%22c%22%3A1%2C%22s%22%3A%5B%5B728%2C90%5D%5D%2C%22sn%22%3A%22%2F9176203%2C22014346682%2F1715044%22%7D%7D%5D%2C%22pid%22%3A%22suyDTexZcUQ4Y%22%2C%22url%22%3A%22https%253A%252F%252Fpicrew.me%252F%22%2C%22ws%22%3A%221600x1200%22%2C%22pubid%22%3A%22c06cc614-f284-4373-8e7b-e334e4dcb9d3%22%2C%22_type%22%3A%22slotRenders%22%2C%22_tl%22%3A%22aps-tag%22%2C%22src%22%3A%22600%22%2C%22lv%22%3A%2222.1107.1609%22%7D
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.124.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-124-226.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpicrew.me%2F&domain=picrew.me&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://picrew.me
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://picrew.me
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 28 Nov 2022 06:24:25 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
599010
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpicrew.me%2F&domain=picrew.me&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=HpyC23xrbUp6S25iSjFzaEc1TUtlOEgrdDZrb1BsODVWRzhsR1cvNlMrdWpzTXNmeE80cmtUcTJ3aEwvSzJlS1YxdnZJMlZuV0c3OXNYT3NIQklFZXlKNVlWN2FoT0NtbEI2bkRCZE8raXI4eDJLUUhNcVhhbHVYMjFJOU...
431 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HpyC23xrbUp6S25iSjFzaEc1TUtlOEgrdDZrb1BsODVWRzhsR1cvNlMrdWpzTXNmeE80cmtUcTJ3aEwvSzJlS1YxdnZJMlZuV0c3OXNYT3NIQklFZXlKNVlWN2FoT0NtbEI2bkRCZE8raXI4eDJLUUhNcVhhbHVYMjFJOUZWMk01TnVmeUJtckxBZ0xrQ2xUMmI2M3MrSDM3NEhvalp0RThBQnFGY1Z3MjdaZnRDQlp0RTZISVZhWU0wRkVybmhKOUJwa2VJKzgwejQzN3IyL1lsUERXZlRiZXN3ZTl3VU9iRlFmTTJOK2FmTVFuMEYvVG1BejdER3BTazlScW04Snl1bWNQdEhJWW5UQWUzeDRPcVc3TEkxU3NMZz09fA&cppv=2
Requested by
Host: picrew.me
URL: https://picrew.me/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
26d3207d0abb76f7b6b9598c0f264da0f75158970134a2932a91d345c976964b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://picrew.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1118461
expires
0

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=HpyC23xrbUp6S25iSjFzaEc1TUtlOEgrdDZrb1BsODVWRzhsR1cvNlMrdWpzTXNmeE80cmtUcTJ3aEwvSzJlS1YxdnZJMlZuV0c3OXNYT3NIQklFZXlKNVlWN2FoT0NtbEI2bkRCZE8raXI4eDJLUUhNcVhhbHVYMjFJOUZWMk01TnVmeUJtckxBZ0xrQ2xUMmI2M3MrSDM3NEhvalp0RThBQnFGY1Z3MjdaZnRDQlp0RTZISVZhWU0wRkVybmhKOUJwa2VJKzgwejQzN3IyL1lsUERXZlRiZXN3ZTl3VU9iRlFmTTJOK2FmTVFuMEYvVG1BejdER3BTazlScW04Snl1bWNQdEhJWW5UQWUzeDRPcVc3TEkxU3NMZz09fA&cppv=2
access-control-allow-origin
https://picrew.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
288641
content-length
0
expires
0
pid&vid=01GJYEGW1AEN1XJ5E0D8ZBKX52
sync6.im-apps.net/8015/ 		20 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync6.im-apps.net/8015/pid&vid=01GJYEGW1AEN1XJ5E0D8ZBKX52
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.25.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da14:f1:2005:2cf6:86a:f79a:e4ce Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a96da6903649898ab56f4309e6eb61e248f59f4c95efff3bc5e5fdd284f58c3e

Request headers

Referer
https://picrew.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://picrew.me
date
Mon, 28 Nov 2022 06:24:26 GMT
cache-control
private, max-age=1800
access-control-allow-credentials
true
content-length
20
content-type
application/json
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3067 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.25.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-109-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://picrew.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=111156
content-encoding
gzip
content-length
5549
content-type
text/html
date
Mon, 28 Nov 2022 06:24:26 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 29 Nov 2022 13:17:02 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
ixmatch.html
js-sec.indexww.com/um/ Frame D373 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://picrew.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
448
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
771105451d513ffd-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 28 Nov 2022 06:24:26 GMT
expires
Mon, 28 Nov 2022 10:24:26 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame CB76 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/prebid-v7.25.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.247.65.83 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-65-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://picrew.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 28 Nov 2022 06:24:26 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame CB76 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.247.65.83 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-65-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b47d301720c1f684fe29d3ca716fa1875175fdc99642c49c9aea64b12c1eb60e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 06:24:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Nov 2022 00:05:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=63682
Connection
keep-alive
Content-Length
10066
Expires
Tue, 29 Nov 2022 00:05:48 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 3067 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=37110194&p=157786&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
31d25f5c1d8526acb44d1faf2e16803adbf8d74394668ab8b456ecbd3e25439a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 28 Nov 2022 06:24:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch
ssum-sec.casalemedia.com/ Frame 834F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpicrew.me%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4872d781591bcb131645c35df3a96b34e00870693d1bb8285ba6e847dceff05a

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
771105455d0b3ffe-YYZ
content-encoding
br
content-type
text/html
date
Mon, 28 Nov 2022 06:24:26 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48CzttiOkTuyO8VWHXP%2FYV%2F7qtjKoWuyXgOIBAlEuoKXiO0z9iP4%2Fk2yMKb9GJYyF%2FwDBS11oGo8913ZWA74ikmqOez4eLxS8RnqPJKXEZpd6ht4QKC1%2FcMTiz21sQ03xDALzwCQwjhCKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
dcm
s.amazon-adsystem.com/ Frame 1F88 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=FD778D32-FCC7-48BE-97AF-F45BB995A558&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 28 Nov 2022 06:24:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
K0CETAW46FAQZ18V1ZPT
Pug
simage2.pubmatic.com/AdServer/ Frame EFB6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8ac76384-5417-4b00-bb0b-b43fe5361767&gdpr=0&gdpr_consent=
42 B
406 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8ac76384-5417-4b00-bb0b-b43fe5361767&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 28 Nov 2022 06:24:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 28 Nov 2022 06:24:26 GMT
Expires
Mon, 28 Nov 2022 06:24:25 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 169 32252b7 master iad-pixel-x12 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8ac76384-5417-4b00-bb0b-b43fe5361767&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 6580
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGSlBrN0hDS2dBQUNFRW5yS2JjUQ&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAFJPk7HCKgAACEEnrKbcQ&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partn...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFJPk7HCKgAACEEnrKbcQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3010092134319996953
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFJPk7HCKgAACEEnrKbcQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D3010092134319996953%26bee_sync_partners%3Dpm%26bee_sync...
  • https://match.prod.bidr.io/cookie-sync?userid=3010092134319996953&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAFJPk7HCKgAACEEnrKbcQ&pid=558502&d...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFJPk7HCKgAACEEnrKbcQ
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFJPk7HCKgAACEEnrKbcQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 28 Nov 2022 06:24:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 28 Nov 2022 06:24:26 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFJPk7HCKgAACEEnrKbcQ
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 860A
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 28 Nov 2022 06:24:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 06:24:26 GMT
expires
Mon, 28 Nov 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
2663758
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3A75
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1494929651579611740&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1494929651579611740&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 28 Nov 2022 06:24:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
daec4514-b785-4817-859f-7592b5dacd15
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 28 Nov 2022 06:24:26 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1494929651579611740&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
5386
tags.bluekai.com/site/ Frame 3067
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=FD778D32-FCC7-48BE-97AF-F45BB995A558&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f4a7518c94141357/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=e52d69b6d9bcedd71e9896114229858d&gdpr=0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=1b6b8bd25ca9fc40a76a95968b8819af&gdpr=0
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=3526664fef99492b
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
  • https://tags.bluekai.com/site/5386?id=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&gdpr=0&gdpr_consent=
62 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5386?id=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol
H2
Server
104.76.100.229 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 28 Nov 2022 06:24:27 GMT
content-length
62
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:27 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://tags.bluekai.com/site/5386?id=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
221
p.gif
visitor.fiftyt.com/ Frame 3067
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=FD778D32-FCC7-48BE-97AF-F45BB995A558&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=FD778D32-FCC7-48BE-97AF-F45BB995A558&gdpr=&fbounce=1
0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=FD778D32-FCC7-48BE-97AF-F45BB995A558&gdpr=&fbounce=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol
H3
Server
35.201.96.126 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
126.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:26 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

date
Mon, 28 Nov 2022 06:24:26 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=FD778D32-FCC7-48BE-97AF-F45BB995A558&gdpr=&fbounce=1
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
144
info2
uipglob.semasio.net/pubmatic/1/ Frame 3067
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=FD778D32-FCC7-48BE-97AF-F45BB995A558&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=FD778D32-FCC7-48BE-97AF-F45BB995A558&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=FD778D32-FCC7-48BE-97AF-F45BB995A558&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:26 GMT
Frontend-ID
15
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:26 GMT
Frontend-ID
8
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=FD778D32-FCC7-48BE-97AF-F45BB995A558&sInitiator=external&gdpr=0&gdpr_consent=
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame 3067 		43 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=FD778D32-FCC7-48BE-97AF-F45BB995A558
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-84.ewr50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:26 GMT
via
1.1 a0baca8f5dcda9f46c3f17957eeb39aa.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
_22ozTYht95vsI9CVvfx88XQmz70n2NVcd1jkwQBMTcQG95p3u-qkg==
expires
0
FD778D32-FCC7-48BE-97AF-F45BB995A558
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3067 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/FD778D32-FCC7-48BE-97AF-F45BB995A558?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:da63:dddc:8a85:cc5e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 3067
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FD778D32-FCC7-48BE-97AF-F45BB995A558&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-852nWddE2uVWr6pzPK3bUndG7zN_lN8-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-852nWddE2uVWr6pzPK3bUndG7zN_lN8-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-852nWddE2uVWr6pzPK3bUndG7zN_lN8-~A&gdpr=0&gdpr_consent=
date
Mon, 28 Nov 2022 06:24:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 3067
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=FD778D32-FCC7-48BE-97AF-F45BB995A558&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2b35b0e204771880&is_secure=true&networkId=17100&version=1&nuid=FD778D32-FCC7-48BE-97AF-F45BB995A558&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAItElDl1CPYQMc1oRZAAAAAAA&expiration=1669703066&nuid=FD778D32-FCC7-48BE-97AF-F45BB995A558&...
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAItElDl1CPYQMc1oRZAAAAAAA&expiration=1669703066&nuid=FD778D32-FCC7-48BE-97AF-F45BB995A558&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 28 Nov 2022 06:24:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:26 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAItElDl1CPYQMc1oRZAAAAAAA&expiration=1669703066&nuid=FD778D32-FCC7-48BE-97AF-F45BB995A558&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3067
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2ce7d870-4d33-4acc-b20e-d1b06e59c97f&gdpr=0&gdpr_consent=
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2ce7d870-4d33-4acc-b20e-d1b06e59c97f&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2ce7d870-4d33-4acc-b20e-d1b06e59c97f&gdpr=0&gdpr_consent=
Date
Mon, 28 Nov 2022 06:24:26 GMT
Connection
keep-alive
X-CI-RTID
dd67e47a-b21d-450d-b669-84e586410667
Content-Length
205
Content-Type
text/html; charset=utf-8
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 3067 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.184.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-184-190.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:26 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HpyC23xrbUp6S25iSjFzaEc1TUtlOEgrdDZrb1BsODVWRzhsR1cvNlMrdWpzTXNmeE80cmtUcTJ3aEwvSzJlS1YxdnZJMlZuV0c3OXNYT3NIQklFZXlKNVlWN2FoT0NtbEI2bkRCZE8raXI4eDJLUUhNcVhhbHVYMjFJOUZWMk01TnVmeUJtckxBZ0xrQ2xUMmI2M3MrSDM3NEhvalp0RThBQnFGY1Z3MjdaZnRDQlp0RTZISVZhWU0wRkVybmhKOUJwa2VJKzgwejQzN3IyL1lsUERXZlRiZXN3ZTl3VU9iRlFmTTJOK2FmTVFuMEYvVG1BejdER3BTazlScW04Snl1bWNQdEhJWW5UQWUzeDRPcVc3TEkxU3NMZz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 28 Nov 2022 06:24:26 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
438363
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usermatchredir
ssum-sec.casalemedia.com/ Frame 834F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4RUFRmFUR9wEVZ4O6_xMQAAACgAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELXck3vi0im99kwCL3-XA4M&google_cver=1
43 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELXck3vi0im99kwCL3-XA4M&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpicrew.me%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1I4Gnuxk1KkAT%2F6OKexGQ%2B9ffD2EmWGCA%2FDiAuGzC3oXQEii84o6ge3AzEXubyDW82IBQSTVO4vhZFnWkAA%2FFVszJBbtf%2BNt%2FThv%2FsDFbSUnxC8j5DQcvvyWmyM2wH56%2FyLpSdwxYF3zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
771105460dd03ffe-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELXck3vi0im99kwCL3-XA4M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 834F 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4RUFRmFUR9wEVZ4O6_xMQAAACgAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpicrew.me%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KG6GYYY12DFXW1G22BS2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 834F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&expiration=1672208666&gdpr=0&gdpr_consent=
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&expiration=1672208666&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpicrew.me%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 06:24:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ab678074-1dc7-4a0a-a3e6-c5c774c3c445&expiration=1672208666&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
Y4RUFRmFUR9wEVZ4O6_xMQAAACgAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 834F 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y4RUFRmFUR9wEVZ4O6_xMQAAACgAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpicrew.me%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:da63:dddc:8a85:cc5e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 834F
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=04030001_6384541a997e9&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_6384541a997e9
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_6384541a997e9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpicrew.me%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Mon, 28 Nov 2022 06:24:26 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_6384541a997e9
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
rum
dsum-sec.casalemedia.com/ Frame 834F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4RUFgALctGZaQAO
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4RUFgALctGZaQAO
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpicrew.me%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-yul12831-YUL
pragma
no-cache
date
Mon, 28 Nov 2022 06:24:26 GMT
via
1.1 varnish
server
Varnish
x-timer
S1669616667.556555,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4RUFgALctGZaQAO
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 834F
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=775C27CFF77F4A8CBAAE1CEA8EBEC1C7
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=775C27CFF77F4A8CBAAE1CEA8EBEC1C7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpicrew.me%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 06:24:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Mon, 28 Nov 2022 06:24:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=775C27CFF77F4A8CBAAE1CEA8EBEC1C7
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 27 Nov 2022 06:24:26 GMT
/
csync.loopme.me/ Frame 834F 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpicrew.me%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.223.115 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
115.223.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:26 GMT
server
_
htw-pixel.gif
cdn.indexww.com/ht/ Frame 834F 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y4RUFRmFUR9wEVZ4O6-xMQAA%26040
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpicrew.me%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:26 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
28448
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
771105464e65caa8-YYZ
content-length
43
expires
Tue, 29 Nov 2022 06:24:26 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 3067 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157786&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157786
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:24:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ds.uncn.jp
URL
https://ds.uncn.jp/pb/0/bid.json
Domain
pb.ladsp.com
URL
https://pb.ladsp.com/adrequest/prebid
Domain
pb.ladsp.com
URL
https://pb.ladsp.com/adrequest/prebid
Domain
pb.ladsp.com
URL
https://pb.ladsp.com/adrequest/prebid
Domain
pb.ladsp.com
URL
https://pb.ladsp.com/adrequest/prebid
Domain
pb.ladsp.com
URL
https://pb.ladsp.com/adrequest/prebid
Domain
pb.ladsp.com
URL
https://pb.ladsp.com/adrequest/prebid
Domain
pb.ladsp.com
URL
https://pb.ladsp.com/adrequest/prebid
Domain
pb.ladsp.com
URL
https://pb.ladsp.com/adrequest/prebid
Domain
pb.ladsp.com
URL
https://pb.ladsp.com/adrequest/prebid
Domain
pb.ladsp.com
URL
https://pb.ladsp.com/adrequest/prebid
Domain
pb.ladsp.com
URL
https://pb.ladsp.com/adrequest/prebid
Domain
pb.ladsp.com
URL
https://pb.ladsp.com/adrequest/prebid
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESELbOpgAcug6xyyTE-ujsaHA&google_cver=1&google_push=ASkJ3FbpAH-jcPnLlfIXujAla76jU9iugOTwZ3Y1jv2uuVBEbhDUY0yqYZQNxrCDbbmcAoY6y-XFqs6W4CZ4VwS3WbnN8VB_1-J8
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESECTH1jKR2AKMRBSYDL3QXuQ&google_cver=1&google_push=ASkJ3FZqHTDtIp13DpkxYywbIizaaw5uaAj09tjNhracoFEdj70VwEfBlTMvoKIjAXLXe7YbYrW_KN7kLgqAUsI0tIYixciF6HQ

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| unitArray object| googletag number| _gtm_init number| doNotTrack object| dataLayer object| _gtm_ids function| _gtm_inject object| __twttrll object| twttr object| __twttr object| google_tag_manager object| google_tag_data object| ggeac object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| __NUXT__ object| webpackJsonp object| __core-js_shared__ object| core object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| __SENTRY__ function| Hammer object| lazySizes object| $nuxt function| fbAsyncInit boolean| _IS_PC_ object| fluctkvapi function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| FB string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| __buffer function| onYouTubeIframeAPIReady object| slot object| imobile_gam_slots object| apstag object| gnshbrequest object| _lgy_lw object| _lgy_lw_0 number| google_lpabyc function| _lgy_lift_callback_4305880 boolean| apstagLOADED object| IMUIDPushed object| IMUIDRequest object| IMUID object| lift_widget object| he function| __gnSendWrapperJSBeacon boolean| gnslibincluded object| gnpb number| gn_beacon_rate object| gnhb_event_targets object| GnsPublisherLib object| iagoinformation object| iagoaggregation object| gnpbChunk string| nobidVersion object| nobid function| getGnshbrequestSlots object| gnsinst_notify object| Criteo object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_132 object| Criteo_prebid_132 number| imgoogletagrefresh

177 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: MgYIkgEQ2xM
.picrew.me/ Name: __gpi
Value: UID=000008bb3df6252b:T=1669616659:RT=1669616659:S=ALNI_MaUzziYQZdmPU9HolttvYoV-A3uLg
.picrew.me/ Name: _gid
Value: GA1.2.80732003.1669616660
.picrew.me/ Name: _gat_UA-37779012-8
Value: 1
.picrew.me/ Name: _ga_TXZ7V095SJ
Value: GS1.1.1669616659.1.0.1669616659.0.0.0
.picrew.me/ Name: _ga
Value: GA1.1.1744558789.1669616659
.logly.co.jp/ Name: uid
Value: Wt7ty2ckHcOzDJ12flgymibipRo
.picrew.me/ Name: _im_vid
Value: 01GJYEGW1AEN1XJ5E0D8ZBKX52
.bidbrain.app/ Name: uid_cross
Value: 4b8ff5f0-6ee5-11ed-b30b-9aa8aec6c243
.doubleclick.net/ Name: IDE
Value: AHWqTUm6TGeCbVoo-zyQVMWt8vlVA-dbU7BfWBRBk2sTCj-Fs_uF0XvesyxLNqhJvSU
.amazon-adsystem.com/ Name: ad-id
Value: Aws2u3vMBUI4vXuWNtGaibU
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.picrew.me/ Name: __gads
Value: ID=e4c2aaea19cd6b06-22c336fd80d80084:T=1669616659:S=ALNI_MYvOhDPE60KD43ZMNwBrrqo0RPTPA
.quantserve.com/ Name: mc
Value: 63845415-dda64-34399-3ea3f
.adingo.jp/ Name: ID
Value: 840e072dccd6496f0c25a67f23c58cc2
.agkn.com/ Name: ab
Value: 0001%3ApYN0JgAvyPmXyKyZ0ZmSPrBoNDcIBaKl
.agkn.com/ Name: u
Value: C|0CEArFxCVKxcQlQAAAAAAAQ13AQCAAQpAAAAAAA
.mookie1.com/ Name: id
Value: 10620121240341599557
.mookie1.com/ Name: mdata
Value: 1|10620121240341599557|1669616661914
.mookie1.com/ Name: ov
Value: 2ab1496c012f4bc915255aa13026cbdb
.casalemedia.com/ Name: CMID
Value: Y4RUFRmFUR9wEVZ4O6-xMQAA
.casalemedia.com/ Name: CMPS
Value: 040
.casalemedia.com/ Name: CMPRO
Value: 040
.pubmatic.com/ Name: KADUSERCOOKIE
Value: FD778D32-FCC7-48BE-97AF-F45BB995A558
.openx.net/ Name: i
Value: 8cedef4d-e9fb-47c1-8bef-ebc9c439c26b|1669616662
.smaato.net/ Name: SCM
Value: 61514701
.smaato.net/ Name: SCMaps
Value: 61514701
.openx.net/ Name: pd
Value: v2|1669616662|vMgakWgyiK
.contextweb.com/ Name: V
Value: LhKr8i5YusGM
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: b162dfc88a174276
.simpli.fi/ Name: suid
Value: 775C27CFF77F4A8CBAAE1CEA8EBEC1C7
picrew.me/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
picrew.me/ Name: _im_vid
Value: 01GJYEGW1AEN1XJ5E0D8ZBKX52
.emxdgt.com/ Name: uid
Value: 54341669616662311383a4
.picrew.me/ Name: _pubcid
Value: e08e6303-0ac0-43a3-8c34-f14be5e64f93
.yieldmo.com/ Name: yieldmo_id
Value: gf725afaba13cf780387%7C1669616662329%7C0%7C
.sharethrough.com/ Name: stx_user_id
Value: 94ee25e3-d298-4de0-9edf-0c3b2a3da9b3
.media.net/ Name: visitor-id
Value: 3126182621455459000V10
.smartadserver.com/ Name: pid
Value: 3010092134319996953
.zemanta.com/ Name: zuid
Value: JTWqsAvpptZ0BXaQnN-4
.adnxs.com/ Name: uuid2
Value: 1494929651579611740
.adsrvr.org/ Name: TDID
Value: ab678074-1dc7-4a0a-a3e6-c5c774c3c445
.yahoo.com/ Name: A3
Value: d=AQABBBZUhGMCEIEYHDp4VZRZOhk9V83WK8wFEgEBAQGlhWOOYwAAAAAA_eMAAA&S=AQAAAgfyxsI9WTyQsAsjFA_MCnU
.emxdgt.com/ Name: ps
Value: d57,d55,d53,d52,d49,d48,d46,d44,d40,d38,d35,d34,d32,d31,d30,d25,d21,d20,d16,d15,d8,d5,d1
.emxdgt.com/ Name: apn_id
Value: 1494929651579611740
.emxdgt.com/ Name: dt
Value: 332
.bluekai.com/ Name: bku
Value: ikG99OjDCsmt8xRl
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y4RUFgALctGZaQAO
.logly.co.jp/ Name: dmps
Value: %7B%221%22%3A%7B%22synced_at%22%3A1669616662%7D%2C%222%22%3A%7B%22synced_at%22%3A1669616662%7D%7D
.blismedia.com/ Name: b
Value: 6384541612C6B1DB04F546A3BLIS
.adform.net/ Name: C
Value: 1
.spotxchange.com/ Name: audience
Value: 4c6734e6-6ee5-11ed-adb6-154f9acf0503
fksnk.com/ Name: AWSALBCORS
Value: 6p1s8vQM1GuKzrWSsjm1mtKU9FQv+KI4g3hFky+gbELepv9Ajq8iip0GIEIuV6H/qk4yp16rLRUzKI4QTG3LRUDS7ypmEL00wridTE3xGbLnYUaY/irPPNZEih5U
.fksnk.com/ Name: f_001
Value: F2C5BED930E6E018
.fksnk.com/ Name: g_001
Value: 1
.rubiconproject.com/ Name: khaos
Value: LB0ENHT1-1D-21Q7
.openx.net/ Name: univ_id
Value: 537072971|ab678074-1dc7-4a0a-a3e6-c5c774c3c445|1669616662691645
.adform.net/ Name: uid
Value: 3503104223967631483
.mfadsrvr.com/ Name: tuuid
Value: cdd9390b-4683-4e26-889e-3e9b05b53b7a
.mfadsrvr.com/ Name: c
Value: 1669616662
.mfadsrvr.com/ Name: tuuid_lu
Value: 1669616662
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
.quantserve.com/ Name: d
Value: EGkBEAHXJ4EProkw
.mathtag.com/ Name: uuid
Value: 8ac76384-5417-4b00-bb0b-b43fe5361767
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-ab678074-1dc7-4a0a-a3e6-c5c774c3c445&KRTB&22918-ab678074-1dc7-4a0a-a3e6-c5c774c3c445&KRTB&23031-ab678074-1dc7-4a0a-a3e6-c5c774c3c445
.ads.yieldmo.com/ Name: ptrt
Value: ab678074-1dc7-4a0a-a3e6-c5c774c3c445
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:775C27CFF77F4A8CBAAE1CEA8EBEC1C7
.resetdigital.co/ Name: ckbk
Value: 000000D5B2EA4449
.doubleclick.net/ Name: DSID
Value: NO_DATA
.criteo.com/ Name: uid
Value: 012d081b-df57-4f5d-b84d-54cb9c0b14b2
.turn.com/ Name: uid
Value: 7288232524119178369
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEOQReKoA60ub-gwgKJ4ExzM&KRTB&16514-CAESEOQReKoA60ub-gwgKJ4ExzM&KRTB&23025-CAESEOQReKoA60ub-gwgKJ4ExzM&KRTB&23386-CAESEOQReKoA60ub-gwgKJ4ExzM
.sitescout.com/ Name: ssi
Value: 571d7020-25c7-450e-97af-4c8a0e931ccb#1669616662812
.ipredictive.com/ Name: cu
Value: 2ce7d870-4d33-4acc-b20e-d1b06e59c97f|1669616662829
.advertising.com/ Name: A3
Value: d=AQABBBZUhGMCEEEKRRZ7PZnzFvhq4gXfj9YFEgEBAQGlhWOOYwAAAAAA_eMAAA&S=AQAAAj_sxFXNZ6gpHzQQwfS0bHI
openrtb-us-east-1.axonix.com/ Name: ax_cx
Value: de5131f3-2d2d-47e5-960f-f32f1e6d0062
.ads.yieldmo.com/ Name: ptrrc
Value: LB0ENHT1-1D-21Q7
.mathtag.com/ Name: mt_mop
Value: 4:1669616663
.mfadsrvr.com/ Name: ssh
Value: !yieldmo,1669616662
sync-dmp.mobtrakk.com/ Name: pid
Value: NDU0ZjdhMjQzMjIyZjU2OA
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7288232524119178369&KRTB&23150-7288232524119178369
.sitescout.com/ Name: _ssuma
Value: eyI2NiI6MTY2OTYxNjY2Mjg5MSwiMzkiOjE2Njk2MTY2NjI4OTEsIjciOjE2Njk2MTY2NjI4OTF9
.rlcdn.com/ Name: pxrc
Value: CJaokZwGEgUI6AcQABIFCOhHEAA=
.smaato.net/ Name: SCMg
Value: 61514701
.ads.yieldmo.com/ Name: ptreps
Value: AAAItElDl1CPBAMH35byAAAAAAA
.ads.yieldmo.com/ Name: ptrmf
Value: cdd9390b-4683-4e26-889e-3e9b05b53b7a
.360yield.com/ Name: tuuid
Value: 7e409989-915d-40cf-90a8-0db35d41b5c7
.360yield.com/ Name: tuuid_lu
Value: 1669616662
.ctnsnet.com/ Name: cid_8cefbe20630c4d34858c099d46d2f8f1
Value: 1
a.clickcertain.com/ Name: _ccpx_u
Value: f0dc648b%2d5072%2d4e6a%2dbef7%2dd8d8a3e7f635
.tremorhub.com/ Name: tvid
Value: 012ecc42e5144528947dc93ad062449f
.tremorhub.com/ Name: tv_UIDF
Value: CAESEA1W7_HhmzXixCAKXXc0VcA
.tremorhub.com/ Name: tvssa
Value: 1669616663017
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-337638bd-80cd-4213-a0bb-1aa94b9f6f60-005%22%2C%22nxtrdr%22%3Afalse%7D
.bidr.io/ Name: bito
Value: AAFJPk7HCKgAACEEnrKbcQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.rubiconproject.com/ Name: audit
Value: 1|i7WLabMcVxLb0YaQkKm70+1WuCoMxA8a+JUixCbOKdpO8c9RXBCtsOXE72yTXHdo7RsDoD1eS6UgkbjpM2TzqXF/itZqbr5xAizhfkn5jms=
.bidswitch.net/ Name: tuuid
Value: fb468edb-6e8d-40d9-aa4c-a7722b03afde
.bidswitch.net/ Name: c
Value: 1669616663
.bidswitch.net/ Name: tuuid_lu
Value: 1669616663
.pippio.com/ Name: did
Value: Hw4VCPF580DvLpLV
.pippio.com/ Name: didts
Value: 1669616663
.pippio.com/ Name: nnls
Value:
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrIwsDQ3NTYzsDAyNDIxtzA0NRTiM9R1SrUojswI9q4y800DAGfF5pUlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrIwsDQ3NTYzsDAyNDIxtzA0NRTiM9R1SrUojswI9q4y800DAGfF5pUlAAAA
.impact-ad.jp/ Name: tuuid
Value: 709384bd-20e5-4648-9329-9d6b1feabc12
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: e52d69b6d9bcedd71e9896114229858d
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSDU1SjGzTDJLsUxKTk1JMTdMtbSwNDM0NDEysrQwtUhhAILklhBxEA0FAFWzCiI%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIbgkRB1JQAAARHQFT"
.liadm.com/ Name: lidid
Value: a2d06536-03c2-485b-bc3b-8d84dafc7dbc
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-337638bd-80cd-4213-a0bb-1aa94b9f6f60-005%22%7D
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&49946cf6-6d48-415e-845b-041c0a29b9a0"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2794:u=1:x=1:i=1669616663:t=1669703063:v=2:sig=AQFAShYCgyDN9QzlzTCwUNHPcFD88xsi"
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.bidbrain.app/ Name: sid_cross
Value: 4b89e6e2-6ee5-11ed-b0c1-5ab254132289
.ads.stickyadstv.com/ Name: UID
Value: 49d718d0927b59af482cd9ef20f95c23
.ads.stickyadstv.com/ Name: uid-bp-38799
Value: 000000D5B2EA4449
.pippio.com/ Name: pxrc
Value: CJeokZwGEgQIAhAAEgYI7OsBEAA=
.tapad.com/ Name: TapAd_TS
Value: 1669616663192
.tapad.com/ Name: TapAd_DID
Value: 87f6116d-4d86-47c5-a7c7-82e917374fb5
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-71c2757e-632a-41ef-4a35-9d5b72f6c327.do9JBPqGXA9umXQt9zTEOVzn8a4bS10exvC1ysLtFiI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AccJ1fmMqQe9KNZ1bcvbDJ5U4mbo.eLb5%2FTVTQTDe3lsKuWXSzVKAIQ1Y1ogjjBfy%2BbcYhMk
.linksynergy.com/ Name: rmuid
Value: d331b89a-c2fd-4870-9dfb-9524fff15420
.linksynergy.com/ Name: icts
Value: 2022-11-28T06:24:23Z
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.id5-sync.com/ Name: id5
Value: 016d5d79-0c9c-4e84-8289-02245288a705#1669616663119#2
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.rlcdn.com/ Name: rlas3
Value: uTl6av6wVm6m5weKotaIN/S0I84ayQLQ+AcByPpjPQI=
.im-apps.net/ Name: imid_secure
Value: Zu5KfyhiQD22Z_jfh6WhWA
.im-apps.net/ Name: imid_created_secure
Value: 1669616663
.socdm.com/ Name: SOC
Value: Y4RUF8Co8YAAAC7Cn94AAAAA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVUdT2(8!]tbPl1M>e)ZlrFUfJ+tGXxoi9*w7cEY%fhEz5N]VrJ?e@0I$a]5.CF)FhWp3If)y3KL9D3I?+27w*V0
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA129SiMNPMrsnAO8AotMynxLTWpsHSL8gUALaFRZR4AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA129SiMNPMrsnAO8AotMynxLTWpsHSL8g3iNTQzszQDEmbGlmYWrxhR-Yt4kfgG5kYAnX2Yrk0AAAA
.w55c.net/ Name: wfivefivec
Value: qFy1X2fw1OZxz25
.adkernel.com/ Name: ADKUID
Value: A1123812072003717008
.w55c.net/ Name: matchgoogle
Value: 5
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A1123812072003717008
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 157786:3
.pubmatic.com/ Name: DPSync3
Value: 1670803200%3A219_221_226_228_201_197%7C1670198400%3A164%7C1669680000%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1670803200%3A71_7_3_220_104_22_250_166_178_13_54_21%7C1670198400%3A15_2_223%7C1670889600%3A35
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~28ji:18z8~28ji"
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1494929651579611740&KRTB&23339-1494929651579611740
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:8ac76384-5417-4b00-bb0b-b43fe5361767&KRTB&16736-uid:8ac76384-5417-4b00-bb0b-b43fe5361767&KRTB&23019-uid:8ac76384-5417-4b00-bb0b-b43fe5361767&KRTB&23208-uid:8ac76384-5417-4b00-bb0b-b43fe5361767
.pubmatic.com/ Name: SPugT
Value: 1669616666
.dotomi.com/ Name: DotomiTest
Value: 2b35b0e204771880
.fiftyt.com/ Name: fifid
Value: 5cf2c947-4b0c-4778-4f58-2ba62825be36
.fiftyt.com/ Name: cs
Value: MTY2OTYxNjY2NnxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fI5uQFV8xtQChLKPdnchzbnAa5HfVJYq1m9DsvrV5T60
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsI7q7WjefEqDsQBRIWCgdydWJpY29uEgsI3saPkOfEqDsQBRIVCgZjYXNhbGUSCwjarKSz58SoOxAFGAEgAigCMgsIzr_Fvv3EqDsQBTgBWgthZGNvbmR1Y3RvcmAC
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAItElDl1CPYQMc1oRZAAAAAAA&KRTB&22713-AAAItElDl1CPYQMc1oRZAAAAAAA&KRTB&22715-AAAItElDl1CPYQMc1oRZAAAAAAA
.fiftyt.com/ Name: fppm
Value: 20221128062426
.dyntrk.com/ Name: dyn_u
Value: 04030001_6384541a997e9
.technoratimedia.com/ Name: tads_uid
Value: 817A0A19164549FEBF87044E6D890C6A
.technoratimedia.com/ Name: tads_uid_cd
Value: 20221128062426+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uidp_73
Value: AAFJPk7HCKgAACEEnrKbcQ
.casalemedia.com/ Name: CMTS
Value: 3875
.picrew.me/ Name: cto_bundle
Value: 1ydeWF80ZE5hUzlXSzFGSmRjNEQ5NVUxdnV5JTJGTFFoZ2RhMVdqWGJrcXo4JTJCT1pEbnclMkJ4cGFxODhydXhJQnpEZ3hzSzhJNWdxaFZkNEFjJTJCVDY0Y1RxS00wTWgyaFJtcGtWczc5dG5RM2d4R3YxbzBUZTNOUlJoSFlxWiUyQmtuMWw2ZmN2NmJ4OVZ5alE2NEo2c0d2ayUyQmFLSTM2UmclM0QlM0Q
.picrew.me/ Name: cto_bidid
Value: eL9jX19qQ0FDbnhDVnVWTXk4JTJCYThVd1hJY1BobEp1JTJCMUVHSyUyQkQxZ0pMRUwxOENPRHBpYmF5RTI2QkglMkI4RjlqeWNMREczQ05VcHNMNUZ4M1J3Tzlad1JpcFoyakJ4Zm9vTXpmcDVoY2FEclAxaFpZJTNE
.semasio.net/ Name: SEUNCY
Value: F2B10D1480EBCA25
.onaudience.com/ Name: cookie
Value: f4a7518c94141357
.onaudience.com/ Name: done_redirects104
Value: 1
.smartadserver.com/ Name: csync
Value: 127:AAFJPk7HCKgAACEEnrKbcQ
.onaudience.com/ Name: done_redirects161
Value: 1
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1hhd|81F.0.1|4is.0.CAESEAi8DkfbJIV_s8lAjdkOrfs|7TY.0|2N.0.AAAHRaVpLKEs_AN-sEvZAAAAAAA|3oy.0|7dN.0.AAFJPk7HCKgAACEEnrKbcQ
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFJPk7HCKgAACEEnrKbcQ
.pubmatic.com/ Name: PugT
Value: 1669616666

6 Console Messages

Source Level URL
Text
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4RUFgALctGZaQAO&gdpr=0&gdpr_consent=&_test=Y4RUFgALctGZaQAO
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://match.prod.bidr.io/cookie-sync/emx?_bee_ppp=1
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESELbOpgAcug6xyyTE-ujsaHA&google_cver=1&google_push=ASkJ3FbpAH-jcPnLlfIXujAla76jU9iugOTwZ3Y1jv2uuVBEbhDUY0yqYZQNxrCDbbmcAoY6y-XFqs6W4CZ4VwS3WbnN8VB_1-J8
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESECTH1jKR2AKMRBSYDL3QXuQ&google_cver=1&google_push=ASkJ3FZqHTDtIp13DpkxYywbIizaaw5uaAj09tjNhracoFEdj70VwEfBlTMvoKIjAXLXe7YbYrW_KN7kLgqAUsI0tIYixciF6HQ
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22slots%22%3A%5B%7B%22sd%22%3A%221522791%22%2C%22a%22%3A%7B%22c%22%3A0%7D%2C%22g%22%3A%7B%22c%22%3A1%2C%22s%22%3A%5B%5B300%2C250%5D%2C%5B336%2C280%5D%2C%5B300%2C600%5D%5D%2C%22sn%22%3A%22%2F9116787%2C22014346682%2F1522791%22%7D%7D%2C%7B%22a%22%3A%7B%22c%22%3A2%2C%22sn%22%3A%22%22%7D%2C%22g%22%3A%7B%22c%22%3A0%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1622434501417-0%22%2C%22a%22%3A%7B%22c%22%3A0%7D%2C%22g%22%3A%7B%22c%22%3A1%2C%22s%22%3A%5B%5B300%2C250%5D%2C%5B336%2C280%5D%5D%2C%22sn%22%3A%22%2F9176203%2C22014346682%2F1749267%22%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1598262175839-0%22%2C%22a%22%3A%7B%22c%22%3A0%7D%2C%22g%22%3A%7B%22c%22%3A1%2C%22s%22%3A%5B%5B728%2C90%5D%5D%2C%22sn%22%3A%22%2F9176203%2C22014346682%2F1715044%22%7D%7D%5D%2C%22pid%22%3A%22suyDTexZcUQ4Y%22%2C%22url%22%3A%22https%253A%252F%252Fpicrew.me%252F%22%2C%22ws%22%3A%221600x1200%22%2C%22pubid%22%3A%22c06cc614-f284-4373-8e7b-e334e4dcb9d3%22%2C%22_type%22%3A%22slotRenders%22%2C%22_tl%22%3A%22aps-tag%22%2C%22src%22%3A%22600%22%2C%22lv%22%3A%2222.1107.1609%22%7D
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2ce7d870-4d33-4acc-b20e-d1b06e59c97f&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4e5b8476cc711aa1bad564442518e077.safeframe.googlesyndication.com
a.clickcertain.com
a.rfihub.com
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
aax.amazon-adsystem.com
abs.twimg.com
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
adservice.google.ca
adservice.google.com
aladdin.genieesspv.jp
amazon-tam-match.dotomi.com
aorta.clickagy.com
audiencedata.im-apps.net
aw.dw.impact-ad.jp
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cc.adingo.jp
cdn-fluct.sh.adingo.jp
cdn.indexww.com
cdn.jsdelivr.net
cdn.picrew.me
cdnjs.cloudflare.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cpt.geniee.jp
cs.chocolateplatform.com
cs.emxdgt.com
cs.media.net
csync.loopme.me
d.agkn.com
d3div1mtym39ic.cloudfront.net
dclk-match.dotomi.com
dis.criteo.com
dmp.im-apps.net
ds.uncn.jp
dsp.adkernel.com
dsum-sec.casalemedia.com
e1.emxdgt.com
emx-match.dotomi.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
g.bidbrain.app
google.partners.tremorhub.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
l.logly.co.jp
loada.exelator.com
match.360yield.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mug.criteo.com
o1125947.ingest.sentry.io
odr.mookie1.com
onetag-sys.com
openrtb-us-east-1.axonix.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.ladsp.com
pbs.twimg.com
picrew.me
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
pm.w55c.net
post-endpoint-gckeev2zma-an.a.run.app
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
r.turn.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
rtb2-useast.e-volution.ai
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-us.smartadserver.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-dmp.mobtrakk.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.im-apps.net
sync.inmobi.com
sync.ipredictive.com
sync.logly.co.jp
sync.mathtag.com
sync.resetdigital.co
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync6.im-apps.net
syndication.twitter.com
tags.bluekai.com
tags.rd.linksynergy.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
wrappers.geoedge.be
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
yieldmo-match.dotomi.com
cs.chocolateplatform.com
ds.uncn.jp
pb.ladsp.com
sync-tm.everesttech.net
103.132.192.30
104.18.36.94
104.244.42.200
104.36.115.111
104.76.100.229
107.178.246.49
107.178.254.65
108.138.124.226
108.139.47.107
108.139.47.24
108.139.47.28
124.146.215.47
129.159.70.95
13.225.214.84
130.211.14.194
133.186.12.12
138.197.63.78
142.251.32.98
142.251.35.162
143.204.144.76
146.59.148.16
15.235.43.120
151.101.130.49
162.19.138.117
162.248.18.34
172.64.151.162
172.64.154.237
174.137.133.49
18.179.183.255
185.167.164.37
192.35.249.138
192.40.39.223
198.148.27.139
199.127.204.171
199.187.193.179
199.187.193.192
199.38.167.130
20.127.253.7
2001:4860:4802:36::35
207.198.113.86
222.230.178.130
23.205.72.21
2406:da14:f1:2005:2cf6:86a:f79a:e4ce
2600:1400:9000::172c:edb9
2600:1901:0:80::
2600:1901:0:e207::
2600:1f18:4e9:5a01:da63:dddc:8a85:cc5e
2600:1f18:612b:4200:4221:38a7:d65:6c93
2600:9000:210b:b800:11:1ed0:3900:21
2600:9000:21da:bc00:19:fc2c:a140:93a1
2600:9000:21ec:a600:2:d490:4d80:93a1
2600:9000:2209:4a00:1b:5138:8a40:93a1
2602:803:c002:300::98
2606:2800:21f:5b71:3e29:d001:be46:4bcc
2606:2800:220:1410:489:141e:20bb:12f6
2606:2800:220:de:468:2285:c1:4a3
2606:4700:20::681a:832
2606:4700::6810:5514
2606:4700::6811:190e
2606:ae80:1451:22::760
2607:f8b0:4004:c06::9b
2607:f8b0:4006:806::2003
2607:f8b0:4006:80d::2002
2607:f8b0:4006:816::2001
2607:f8b0:4006:816::2002
2607:f8b0:4006:816::2004
2607:f8b0:4006:817::2002
2607:f8b0:4006:817::2003
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81e::2002
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::2008
2607:f8b0:4006:823::2006
2607:f8b0:4006:824::2006
2607:f8b0:4006:824::200a
2607:f8b0:4006:824::200e
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:1456:d0e1:7db4:a56b
2620:1ec:21::14
2a03:2880:f02c:112:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
3.135.132.32
3.218.90.66
3.219.40.213
3.33.220.150
3.89.15.250
34.102.128.115
34.120.195.249
34.192.29.175
34.204.163.217
34.224.202.219
34.96.105.8
34.98.64.218
34.98.67.3
35.186.193.173
35.186.253.211
35.190.60.146
35.190.90.30
35.201.96.126
35.207.24.140
35.211.178.172
35.214.223.115
35.236.220.17
35.244.159.8
44.196.169.238
44.198.145.93
44.208.184.190
44.208.243.83
50.16.197.56
50.31.142.191
50.57.31.206
51.222.39.185
52.3.184.194
52.46.128.147
52.54.87.42
52.68.181.73
52.73.27.182
52.86.222.203
52.86.67.184
54.159.236.39
54.84.41.227
63.251.28.233
68.67.160.137
68.67.161.182
69.173.151.100
69.192.109.53
72.247.65.83
74.119.119.139
74.119.119.150
74.121.140.14
8.28.7.81
8.28.7.83
8.43.72.97
8.43.72.98
022ff10b352755649a649f6b82d25bf4ecf253e0b00bcb638505c73f035c1cc9
03d35c1ff8a01dabf5d312f47b641d0dc6ad96b102f0b095e6af937881901757
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0862cba97e32d121c4b97badf91da074a845f9dfa4d2527e4cdf462ded1a4e7a
0ab72ef75e30a7de76f68e4dd2b7dafc18f49d6a94e60baae82c3822c66be58a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0b646f6a0117000d7a12cb08668222c21cd3ae0194b31cb4a12a60547171e380
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba5097f67a305468d8bbebcfb3afc026966ac945cb19defd81aae821d686985
0d45a9e7edc7228c3ea0492d461dec647822d1f2a61b876f2e3bbb9856dc388b
0fe40c5652ce04b1e56ca22a7ab824498d35aaff5e4fa1d06771260a46339c6d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12898b046a32b07eee86be288ef4076c76f472a03ebc62cc4c94bf3bef845699
12acf0cde9105ca35b079104e27341413fb68164085916505c077cf58748abc3
1383708cb9b24bd70181898d1ea04305ac1f226da97ccae75857882f418c50d0
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
1441a131782cfacd63574f41db9d6cdb76955a16dd7af3fd1a0a83e41442793d
16cad2e6beabbaba2649cdac66affba5d690012a4d8437529ef5780734f06af1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ad8b582223b581847eab8f4f75574a8ab9f92c8ff16da4ad6202d3ef41e9e10
1bf2fb4dcd49c9ae064ed7ccde8d77c33142237ab7cf40e6fd3585196b7b0f17
1bf34e77ed7eba013e27e995b8a9264ad7156c94c9e57d2883ecd2708e254277
204dd54a4ade43e618173e89e25c638d3c39e03fa068ed2ef930dd5286e60f1c
2134dd3aba9cac93f50ad50436304a18be98a1b46de7f980251c589b13fea5d8
21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad
222fa391f26a0b6f4b5d8459ada308e078e6d2e69707766e247692a6f45676c8
2263cf7b6bc064dfa349b9d52f3665b24ee41cc0e5e43236ddff1922e72c5fb3
22c7d33c20a7b16d8b64cca741d1ff6844e2cb1c497e9500960287de7202f89b
2494d8db899c91d0726b45a3d30be7aaf3d9cb6b6adec346a277391f1bbf292b
25a95b3c878dc75218dc64253c799f54d5146215130a08652bd0437efddaa698
25facfa075b47fe10e2e302f17aa098e1866a42243d641fc48cba4350eb87edc
26d3207d0abb76f7b6b9598c0f264da0f75158970134a2932a91d345c976964b
2743a0d4bee0dd33f2136f1bbfb66beff6055a1ba2b8300725920d110950cedf
29a14c03dbd5aec0ef4a89b85c33dd469bd79b076f6049fabf001557ad60c9c2
2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67
2b40868a269d29692abde9947972e7122d4e8b1687ea497e2684b858a4388719
2b65a8bf8d25642b29e9a3e518b0f5e489b6243dbe9a2cfc002cde358763af68
2bc3d8cc5be5088cfc77b97d46ee5b3b65ffd906e4fb67bd82966fef4e738841
2bcdb4a1fec0b05454cdaf4f51f97c230ba28d1640ea662d38af93a6118e5a37
2d327de311658cd2c2f162b5a87dbe25dcb5193915bc37bc33b3afc28f2e0c34
2e38837d3328e668b5f2b18fcd331dcae77651a729b42bff53b5124a434ba6aa
3108e15dfc911f1a730106ee1e44c941639e0b7add838d095680425e86d086c3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d25f5c1d8526acb44d1faf2e16803adbf8d74394668ab8b456ecbd3e25439a
31e62e680aad316ef27bac23432f36e7481ac3d00a2d9860035c92cd6a5a57a7
342245848b6ba171bf23a54eed05aac9d589fc25ec56ae717fdc517178c88492
37fcb104137eda65c3f36ef779d1edc70e704a1d6d47d0fdf990c39af09afd05
3fd3f6b9710792883d0b33ed3175baaf79bd4d80f83de702405c2c4dafe26051
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
414fc7e1f87623075273e95db451a61508810973c4c7abcbecec3e17c1ea43cd
41568ba8144f47b70f0e4189b2d731a9f5a81da15257ca330da0a6f6db9b30a5
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45d7882253e736486ae9a7421b2ad5e8b0c13ffa9df154c56b702415538c0f67
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4872d781591bcb131645c35df3a96b34e00870693d1bb8285ba6e847dceff05a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a63dcb831e6c6745d79ccc6984ba1f2a8f1f598deef41a1fa149254565c6350
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f127151eeef2e2b7c778d5ea14d322dcca53806ef3ff1c8f537dd3d64374469
4f1a922e8e101ed60296e5e6dae779b9a392ebdd31372dbf8f062ff586cefb1f
4fc7839b6879b5e3b3605484e1ab69e4f0c3583dde2831953f6cc7face1a4be4
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5238613fe3671b0e41587986e1f92f93a51fbfc0c43e1f124adee3100d0b7716
52da2914bbc60c5d97ae6a965f7ba0a79fe4f97e9b15a6f1ba7780548677ea1a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5663635d4e0411642cbec5eb25d19eada1a085714782ff5d0ff645534abc0d4a
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
5b7e5db5ac95e48c880a852556684e64935d77cb32e00a871384df1b0096db56
5bc401528e210d05de92040de97620a3d079d8c5f93907ce6e5beed90a178b8e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60d60be277748c7f91b62c154e20f8238a39f604a53717921a90322898fd6282
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
6470e22d396386dd87685ba1a0c1e58a1b4286b5274bf5605b6b7c0065a6e4c4
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
684977850530a5c67a9f3d731cb8776282422ac1365d10a78b597433f63e16c2
69d4204fa9cb9a4a21fc4d380cff87ac34bab79d43ec333cee350fe180126e82
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6b7d3778a5ef589744dd9fe58050a46e7da71d6575e8181acd5024ff5917fbac
6c07c4c49d5cead9e372d81352d54f4d8693bcc8b8759e824ed5ba19587176cc
6da7d8315fee3652e18b177b54485b45bb90222d001b4c6488fb4e19e498d591
748a7727459a97cff43764d96aa3c4e49a473ae631f5a8439ac9a7b7e387a39e
74fb14f49fd0a450c7d34eec5f6f77ed928c36119ed7657b4ad500e07d7c1a99
76c2e8ba8fb1c88ed15fffb25d875346f105f3492e47ab79484db310a976e1be
776a13426b9ed128157bfa6a760d17971faeeaae2cb078b9040dc51b82ad02fe
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a6786fd5c94d6f928d942288d64ac720ffc25a124c7f04e3fae3a5cd88d3f69
7ae16c15398d8cf983a184814ff5b0fbd7c0cca634bb4a7e65ba24fddf29e976
7c02dc3d7989020864d206c8c00a8e96c7130f20073995666550d0a78690bc41
7c19c16f5690bcf2894ae5998d1f9f13d71d3766d5b71ddc6967fd1c10b226d2
7dd21c9cea9dadb7e0531c837945e64ecbf1b4fdc2ec4f5c0b736715064f7ebc
80534a6e1ec41d37acec8be383f8d1112dbbeea31dd51ead47463095c13bff3a
8056d05694350c1a3f041746d1551107d67d41af439157b1779ecdabbc8e7d35
80dcfe1183bf1e5dc08f5c5f2b42598b9c0c0f68395cc16446f3303a3dc027e1
811d09fb64db1fb12b8cfa299d4e9eab08f4af187c5f1c746cd41b2fc243624d
825dd16d8f642ff84080e41219f2642bdd77fc30df9b8bb50dbe240c42b8b393
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8a2c26dc85b9cd747795d9003a6bbaaddbf78ec32a2b1453fea1776bcc0276f7
8a86740c1521c7aefeecf00a486084fed4e149620a72ed3471c0ca3b37775e35
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8d757b45dec68a52bfca892294c1168866eba53077ac03b6b5b605e2ffc1aa96
9039b07104db02ecbf3f1bf4917b3892ba0ddf45fd0bc5d585ad218959c964a8
904e851ee4c66aa4fea38387312b031b4c2e66a6e58dc1ca1180927364c37c1d
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
959c4ee0c35d7ce873a353bf95c735f22ce263f0f15e0387126bb16ae66edde8
95b9b917bc41676ae6ae91875daefae4e70419abe9769f2d3a8e3f97264ff6e7
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b816d8a08e18df4a316daa7dbf1035132207e67f61129c84f0c1828c7e2c4ef
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e9de6d094db7385e648d25686207bbd961fc21b563a0ebb176e59ed9526ae07
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0989ff49d71e930ac9da5023740bd44930e0990914de4e52f9acd58f3c46189
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1352516cb4c92aaa07bd6d5431e0d7b6f98e808eb00949d7bfda9230e2f45ec
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a512f9f1ac4ec9a62b35bb9d6d133b38f7e2c759e708db0c63ded3a551612ad0
a6b0a0d24196106f7202412d79c0f1147bc4805a8ad937d00328b205e4f3fbf2
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a96da6903649898ab56f4309e6eb61e248f59f4c95efff3bc5e5fdd284f58c3e
ac23ce2ddef8be10fc2b259995cfeffc3b4c83a1ec59b0268836b59778deec98
ac4c6893011528b42b4883ee72fa9c19c4d0b9e6918e0ecd1f5b2c4608f315a9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ad9b830182fd9e5a1dfbe589425c2eb28d9f45fd278b9fc37164ad6d2014d991
ae7854ae440a4389fd7d9789c55bd80c7365dc0de4ac53f1702df4d07426f4cb
aedf412d8d8c495c069d3785e2b4c190d56fdf4224c4f10ecff80532eb2bb546
af6c7e5eb4992a40461eeac3eb754b648d07ca985e1f0de48fcd6ffec6d2d732
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c2ec6bd9a3a2afaaac2b9a02a0d85160bc8ae969622d49fcad8c43e18eb6f4
b2bb7d781fe71f7f9496ed8a4f377a6a88b635233ea17c10457218c9992db8b5
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b47d301720c1f684fe29d3ca716fa1875175fdc99642c49c9aea64b12c1eb60e
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bb63f8f3077e1d4d470b89b2fc6e3acf7d9a99d622ecd639de5448d80e84f56d
be6523226edc30fbc1b6c67847028bd994fbda67a1a7005e59838b4f13d3b81d
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12
c029fedb8a2ffa0456075f77fe0b264c402d8b119dc26d3530dc013757820cd3
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c747d2cb399992e61edba257e087265cb0212433935e4506f0f2c5375d570367
c77c73031f12ad805be49f065989e35ee84cdeaba71e1b64c650732c921409df
c8871bd095c410d99dc6bed49dd518e63a706022ce017d4d32075d32d8d19418
cc3295e8ccff54ca5e89d4ba7e1ecb824446b1623cbba680af0672eab98fe133
ccbd1edd6f0621a5bce96dbecf176c54d09e109788defa11ba005c4e19cf4205
cd37b1510300e74c68eafa2df4f451b7e9265c77d46bc2fab899ea7560e59b4a
cd4ce5e10e9992bfc208d38af7207c47aba35cb97da76cc1ccc54e01a60b5659
cdc46119f82b8cc0c4fa0ad51203da3154d0aee0e887aaf26a46988e5f359070
ce406ad1efa630289e9751d2554937e970f2444b20fed33e0e360d7607ebd1aa
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d2cf364cab1d465f08450bc1033aef3a648324781b68449c5b1a8a86337e6e9d
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
dd10177f249e6d25a7e2e0b8e745c5f2a23098a7a65dde101e8efd2c73b97973
dd23b3b1a2e594acba0d61ac5260fb2d986b3fd240c68b5bd8abebeb285a10ef
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7d786cbad835543bba3d66c1338f29e2a481634c9b8de3a57f53ab7f190c1b
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7945ec59e6e6a649ad23eba0bf252b94d978a551b251c113dd73fba6c30600d
ebee850181e94e65e8a7b9203f6472f1d2f0f8cc017c45945c32367e03717c10
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec89b3f3694da012d07db518a227943a447ec75818bbf475765bcd07cf0d5cbd
ede9bcceac6363b184cf51bfa50069bec06162d26a855be9485efb39c80b67cd
ee97a03605a5e53f9b6af04e024235c6d596c35a1c8b4ca046536771e2c7182d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39a5f508a809fb56ac75571a7de8cb7d0f9e17167bc0880c9326763c01d0a59
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fe17e70b190a001b79a66fa7b55d2dbac42a25b2fd575f72cf3e1470a9c40161